Browse files

Moved from c$resp$num_bytes_ip to c$resp$size for payload sizes.

  • Loading branch information...
1 parent 88d475b commit 84dc69fce1bea9c395d5a6cac78e6b0e6fd6c94f @srunnels committed Jun 4, 2012
Showing with 3 additions and 2 deletions.
  1. +3 −2 rdp.bro
View
5 rdp.bro
@@ -17,6 +17,7 @@ export {
last_check: time &default=network_time();
num_checks: count &default=0;
last_total: count &default=0;
+ duration: interval &log &optional;
byte_vector: vector of count &default = vector(0,0,0,0,0);
avg: count &log &default=0;
};
@@ -49,15 +50,15 @@ event dump_bytes(id: conn_id)
c$rdp$byte_vector[1] = c$rdp$byte_vector[2];
c$rdp$byte_vector[2] = c$rdp$byte_vector[3];
c$rdp$byte_vector[3] = c$rdp$byte_vector[4];
- c$rdp$byte_vector[4] = c$resp$num_bytes_ip - c$rdp$last_size;
+ c$rdp$byte_vector[4] = c$resp$size - c$rdp$last_size;
if (c$rdp$num_checks >= 4)
{
c$rdp$avg = (c$rdp$byte_vector[0] + c$rdp$byte_vector[1] + c$rdp$byte_vector[2] + c$rdp$byte_vector[3] + c$rdp$byte_vector[4] ) / 5;
Log::write(RDP::LOG, c$rdp);
}
++c$rdp$num_checks;
- c$rdp$last_size = c$resp$num_bytes_ip;
+ c$rdp$last_size = c$resp$size;
schedule 10msecs { dump_bytes(id) };
}

0 comments on commit 84dc69f

Please sign in to comment.