nttcom / OsecT

GNU Lesser General Public License v2.1
1 stars 1 forks source link

install zeek parser by zkg command #145

Closed helenwangjia closed 10 months ago

helenwangjia commented 1 year ago

close #122 close #147 zeek-parser-CCLinkFieldBasicとzeek-parser-CCLinkField-CCLinkControlはzkgでinstallできるように変更しました。 CIFS_B、DHCPV6、MYDHCP、NBNS、SSDPスクリプトもzkgでパッケージインストールするように変更しました。

検証: OsecT20で

...
中略
Step 28/45 : RUN zkg refresh &&     zkg install --force --skiptest     icsnpp-modbus     icsnpp-bacnet     zeek/corelight/zeek-long-connections     zeek-af_packet-plugin     zeek-parser-CCLinkFieldBasic     zeek-parser-CCLinkField-CCLinkControl     zeek-parser-CIFS-COM     zeek-parser-CIFS-NBNS-COM     zeek-parser-DHCPv4-COM     zeek-parser-DHCPv6-COM     zeek-parser-SSDP-COM
 ---> Running in d40ab683c376
Refresh package source: zeek
        No membership changes
Refresh installed packages
        No new outdated packages
Installing "zeek/nttcom/zeek-parser-SSDP-COM"
Installed "zeek/nttcom/zeek-parser-SSDP-COM" (main)
Loaded "zeek/nttcom/zeek-parser-SSDP-COM"
Installing "zeek/nttcom/zeek-parser-DHCPv6-COM"
Installed "zeek/nttcom/zeek-parser-DHCPv6-COM" (main)
Loaded "zeek/nttcom/zeek-parser-DHCPv6-COM"
Installing "zeek/nttcom/zeek-parser-DHCPv4-COM"
Installed "zeek/nttcom/zeek-parser-DHCPv4-COM" (main)
Loaded "zeek/nttcom/zeek-parser-DHCPv4-COM"
Installing "zeek/nttcom/zeek-parser-CIFS-NBNS-COM"
Installed "zeek/nttcom/zeek-parser-CIFS-NBNS-COM" (main)
Loaded "zeek/nttcom/zeek-parser-CIFS-NBNS-COM"
Installing "zeek/nttcom/zeek-parser-CIFS-COM"
Installed "zeek/nttcom/zeek-parser-CIFS-COM" (main)
Loaded "zeek/nttcom/zeek-parser-CIFS-COM"
Installing "zeek/nttcom/zeek-parser-CCLinkField-CCLinkControl"
Installed "zeek/nttcom/zeek-parser-CCLinkField-CCLinkControl" (main)
Loaded "zeek/nttcom/zeek-parser-CCLinkField-CCLinkControl"
Installing "zeek/nttcom/zeek-parser-CCLinkFieldBasic"
Installed "zeek/nttcom/zeek-parser-CCLinkFieldBasic" (main)
Loaded "zeek/nttcom/zeek-parser-CCLinkFieldBasic"
...
Successfully built bb776fffb3e9
Successfully tagged cron:comtest01-sensor-recovery

後は、該当protocolのpcapファイルを流して、logが生成されていることを確認しました。