[Oisf-users] Suricata isn't passing all the packets from the pcap
Simon Janeshvili
sikking23 at yahoo.com
Mon Apr 3 09:38:30 UTC 2017
I am using Suricata 3.2.
the Lua script:<code>function init (args)
local needs = {}
needs["packet"] = tostring(true)
needs["payload"] = tostring(true)
return needs
end
function match(args)
print("********************************")
return 1
end
return 0</code>
very simple one, and this is happening in every pcap I'm using, I just count the number of lines and see there is a difference.By the way Suricata still telling at the end the right amount(as it says in wire-shark) but the number of lines are way off.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170403/cb329871/attachment-0002.html>
More information about the Oisf-users
mailing list