search

cisagov / icsnpp-bacnet

Zeek BACnet Parser - CISA ICSNPP
BSD 3-Clause "New" or "Revised" License
15 stars 11 forks source link

Failing btests with Zeek 4.0.7 #13

Closed mintos5 closed 1 year ago

mintos5 commented 1 year ago

🐛 Summary

The commits after August 10, 2022 break normal working with older Zeek installation (I tested only with 4.0.7). Zeek is not producing any bacnet logs from example pcap (bacnet_example.pcap) or the second btest (tests/analyzer/basic.zeek) fails too.

To reproduce

Steps to reproduce the behavior:

  1. Install Zeek 4.0.7
  2. manually install or with zkg install icsnpp-bacnet
  3. run btest, that are failing

Expected behavior

To run all tests successfully

Any helpful log output or screenshots

The failing test output:

# with latest commit
btest analyzer/basic.zeek
[  0%] analyzer.basic ... failed
1 of 1 test failed

I tested this plugin with older commits and I can confirm that version: aab668e86be5b56c5deaf4b11589937597a242de works OK with Zeek 4.0.7. (all btests ran successfully) For now I will be using this version

mmguero commented 1 year ago

Thanks, I'll take a look.

mmguero commented 1 year ago

I think what happened was there was a merge conflict that was fixed incorrectly when I was preparing the PR. I'll track it down and get it fixed, thanks again for the heads-up.

mmguero commented 1 year ago

Should be fixed now.