search

haka-security / haka

Haka runtime
http://haka-security.org
Mozilla Public License 2.0
445 stars 65 forks source link

exemple helloword fail #36

Open 0x25 opened 8 years ago

0x25 commented 8 years ago

hello

the first exemple [http://doc.haka-security.org/haka/release/v0.3.0/doc/user/tutorial/hellopacket.html]

hakapcap hellopacket.pcap hellopacket.lua info core: load module 'packet/pcap.so', Pcap Module info core: load module 'alert/file.so', File alert info core: setting packet mode to pass-through

info core: loading rule file 'hellopacket.pcap' info core: initializing thread 0 info dissector: register new dissector 'raw' info pcap: opening file 'hellopacket.lua' error pcap: unknown file format fatal core: unable to create packet capture state fatal core: thread initialization error info core: unload module 'Pcap Module' info core: unload module 'File alert'

is in the wrong order

Usage: hakapcap [options]

hakapcap hellopacket.lua hellopacket.pcap info core: load module 'packet/pcap.so', Pcap Module info core: load module 'alert/file.so', File alert info core: setting packet mode to pass-through

info core: loading rule file 'hellopacket.lua' info core: initializing thread 0 info dissector: register new dissector 'raw' info pcap: opening file 'hellopacket.pcap' info dissector: register new dissector 'ipv4' info dissector: register new dissector 'tcp' info dissector: register new dissector 'tcp_connection' info core: 1 rule(s) on event 'tcp_connection:new_connection' info core: 1 rule(s) on event 'ipv4:receive_packet' info core: 2 rule(s) registered

info core: starting single threaded processing

info external: packet from 192.168.10.1 to 192.168.10.99 info external: TCP connection from 192.168.10.1:47161 to 192.168.10.99:3000 alert: id = 1 time = Thu Jul 21 11:09:24 2016 severity = low description = A simple alert info external: packet from 192.168.10.99 to 192.168.10.1 info external: packet from 192.168.10.1 to 192.168.10.99 info external: packet from 192.168.10.1 to 192.168.10.99 info external: packet from 192.168.10.99 to 192.168.10.1 info external: packet from 192.168.10.1 to 192.168.10.99 info external: packet from 192.168.10.99 to 192.168.10.1 info external: packet from 192.168.10.1 to 192.168.10.99 info core: unload module 'Pcap Module'

info core: unload module 'File alert'

paulfariello commented 8 years ago

Hi 0x25,

thanks for reporting this issue. I'm fixing this.