pk/zeek
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
zeek/testing/btest/scripts/base/protocols/smtp/mail-transactions-invalid-disable-analyzer.zeek
Patrick Kelley 8fd444092b initial
2025-05-07 15:35:15 -04:00

14 lines
413 B
Plaintext
Raw Permalink Blame History

# @TEST-EXEC: zeek -b -r $TRACES/smtp-mail-transactions-invalid.pcap %INPUT > out
# @TEST-EXEC: btest-diff smtp.log
# @TEST-EXEC: btest-diff weird.log
# @TEST-EXEC: btest-diff out
@load base/protocols/smtp
redef SMTP::max_invalid_mail_transactions = 2;
hook Analyzer::disabling_analyzer(c: connection, atype: AllAnalyzers::Tag, aid: count)
{
print network_time(), "disabling_analyzer", c$uid, atype, aid;
}
Reference in New Issue View Git Blame Copy Permalink