find-filtered-trace: minor documentation update

Description

Just noticed that "detect_filtered_trace" should be "FilteredTraceDetection::enable". Updated the text reported to the user, not sure if the bro docs section in the comments in appropriate. Patch attached.

Environment

CentOS 7, bro-master

Activity

Show:
Daniel Thayer
September 3, 2015, 8:55 AM

I believe the text is correct (though probably not as clear as it should be).
The "FilteredTraceDetection::enable" boolean determines whether or not the
"find-filtered-trace.bro" script will warn the user when it determines that a
trace file contains TCP traffic consisting only of control packets, whereas
the "detect_filtered_trace" boolean is used internally by Bro in the TCP
reassembler. See for more info.

MichaelD
September 4, 2015, 12:54 AM

Right you are!

So I guess the real confusion is just the comment:

  1.  

    1. Flag to enable filtered trace file detection and warning message.

Thanks Daniel.

Johanna Amann
October 21, 2015, 4:08 AM

Closing, because there does not seem anything that remains to do.

If you want to take a shot and making the explanation better, please feel free to provide an updated version of it and re-open the bug.

Solved

Assignee

Unassigned

Reporter

MichaelD

Labels

External issue ID

None

Components

Affects versions

Priority

Trivial