mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
Merge branch 'dns-original-query-case' of https://github.com/rvictory/zeek
Changes during merge - Changed the policy script to use an event handler that behaves for like the base script: &priority=5, msg$opcode != early-out, no record field existence checks - Also extended dns_query_reply event with original_query param - Removed ExtractName overload, and just use default param * 'dns-original-query-case' of https://github.com/rvictory/zeek: Fixed some places where tabs became spaces Stricter checking if we have a dns field on the connection being processed Modified the DNS protocol analyzer to add a new parameter to the dns_request event which includes the DNS query in its original case. Added a policy script that will add the original_case to the dns.log file as well. Created new btests to test both.
This commit is contained in:
Jon Siwek
commit
00a4865885
14 changed files with 87 additions and 18 deletions
2
testing/external/commit-hash.zeek-testing
vendored
2
testing/external/commit-hash.zeek-testing
vendored
|
|
@ -1 +1 @@
|
|||
807dce8fd94d59e571994c033e333691f7ef27ba
|
||||
9d92ec99cadd04e95365dc2c3b507b7011db255a
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue