Updated DHCP analyzer and log (merge: topic/seth/dhcp-update)

Description

This is switching a pull request over to a merge request for a branch of mine. Reference pull request: https://github.com/bro/bro/pull/121

This is a pretty big rewrite of the DHCP analyzer and rework of the scripts so I'd like someone else to check over the code a bit and make sure I didn't miss anything obvious.

Environment

None

Activity

Show:
Jon Siwek
May 2, 2018, 9:15 AM

This is merged and generally everything looked good, except a couple notes for Seth to review:

  • In dhcp/software.log: can we fix the comment "Not quite right to just blindly use 67 and 68 as the ports" ? Seems like that could actually cause confusion in logs?

  • In dhcp-options.pac: the 'process_auto_proxy_config_option' function seemed to access one-past-the-end of a bytestring, so I rewrote it. Maybe just double-check what I did there makes sense.

Fixed

Assignee

Seth Hall

Reporter

Seth Hall

Labels

None

External issue ID

None

Components

Fix versions

Affects versions

Priority

Normal