Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge remote-tracking branch 'origin/topic/awelzel/expose-num-packets-unprocessed'

Browse source 
* origin/topic/awelzel/expose-num-packets-unprocessed:
  ConnStats: Expose num_packets_unprocessed
  packet_analysis/Manager: Rename GetUnprocessedCount() to PacketsUnprocessed()
This commit is contained in:
Arne Welzel 2025-07-29 10:12:18 +02:00
commit 12518e8256
11 changed files with 47 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

7
testing/btest/Baseline/core.conn-stats/.stdout
View file

@ -1,2 +1,7 @@
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
[total_conns=9, current_conns=5, sess_current_conns=5, num_packets=125, num_fragments=0, max_fragments=0, num_tcp_conns=5, max_tcp_conns=5, cumulative_tcp_conns=6, num_udp_conns=0, max_udp_conns=2, cumulative_udp_conns=2, num_icmp_conns=0, max_icmp_conns=1, cumulative_icmp_conns=1, killed_by_inactivity=3]
pcap smtp.trace
[total_conns=9, current_conns=5, sess_current_conns=5, num_packets=125, num_fragments=0, max_fragments=0, num_tcp_conns=5, max_tcp_conns=5, cumulative_tcp_conns=6, num_udp_conns=0, max_udp_conns=2, cumulative_udp_conns=2, num_icmp_conns=0, max_icmp_conns=1, cumulative_icmp_conns=1, num_packets_unprocessed=0, killed_by_inactivity=3]
pcap dns-edns-ecs.pcap
[total_conns=69, current_conns=9, sess_current_conns=9, num_packets=89, num_fragments=0, max_fragments=1, num_tcp_conns=1, max_tcp_conns=6, cumulative_tcp_conns=8, num_udp_conns=8, max_udp_conns=37, cumulative_udp_conns=61, num_icmp_conns=0, max_icmp_conns=0, cumulative_icmp_conns=0, num_packets_unprocessed=4, killed_by_inactivity=59]
pcap contentline-irc-5k-line.pcap
[total_conns=0, current_conns=0, sess_current_conns=0, num_packets=118, num_fragments=0, max_fragments=0, num_tcp_conns=0, max_tcp_conns=0, cumulative_tcp_conns=0, num_udp_conns=0, max_udp_conns=0, cumulative_udp_conns=0, num_icmp_conns=0, max_icmp_conns=0, cumulative_icmp_conns=0, num_packets_unprocessed=118, killed_by_inactivity=0]

10
testing/btest/core/conn-stats.zeek
View file

@ -1,7 +1,15 @@
# @TEST-EXEC: zeek -b -r $TRACES/smtp.trace %INPUT
# @TEST-EXEC: zeek -b -r $TRACES/dns-edns-ecs.pcap %INPUT
# @TEST-EXEC: zeek -b -r $TRACES/contentline-irc-5k-line.pcap %INPUT
#
# @TEST-EXEC: btest-diff .stdout
event zeek_init()
{
print fmt("pcap %s", split_string(packet_source()$path, /\//)[-1]);
}
event net_done(t: time)
{
print get_conn_stats();
}
}