diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt index 96c682871a..189c9b9df8 100644 --- a/scripts/CMakeLists.txt +++ b/scripts/CMakeLists.txt @@ -2,8 +2,8 @@ include(InstallPackageConfigFile) install(DIRECTORY ./ DESTINATION ${BRO_SCRIPT_INSTALL_PATH} FILES_MATCHING PATTERN "site/local*" EXCLUDE - PATTERN "test-all-policy.bro" EXCLUDE - PATTERN "*.bro" + PATTERN "test-all-policy.zeek" EXCLUDE + PATTERN "*.zeek" PATTERN "*.sig" PATTERN "*.fp" ) @@ -11,6 +11,6 @@ install(DIRECTORY ./ DESTINATION ${BRO_SCRIPT_INSTALL_PATH} FILES_MATCHING # Install all local* scripts as config files since they are meant to be # user modify-able. InstallPackageConfigFile( - ${CMAKE_CURRENT_SOURCE_DIR}/site/local.bro + ${CMAKE_CURRENT_SOURCE_DIR}/site/local.zeek ${BRO_SCRIPT_INSTALL_PATH}/site - local.bro) + local.zeek) diff --git a/scripts/base/files/extract/__load__.bro b/scripts/base/files/extract/__load__.zeek similarity index 100% rename from scripts/base/files/extract/__load__.bro rename to scripts/base/files/extract/__load__.zeek diff --git a/scripts/base/files/extract/main.bro b/scripts/base/files/extract/main.zeek similarity index 100% rename from scripts/base/files/extract/main.bro rename to scripts/base/files/extract/main.zeek diff --git a/scripts/base/files/hash/__load__.bro b/scripts/base/files/hash/__load__.zeek similarity index 100% rename from scripts/base/files/hash/__load__.bro rename to scripts/base/files/hash/__load__.zeek diff --git a/scripts/base/files/hash/main.bro b/scripts/base/files/hash/main.zeek similarity index 100% rename from scripts/base/files/hash/main.bro rename to scripts/base/files/hash/main.zeek diff --git a/scripts/base/files/pe/__load__.bro b/scripts/base/files/pe/__load__.zeek similarity index 100% rename from scripts/base/files/pe/__load__.bro rename to scripts/base/files/pe/__load__.zeek diff --git a/scripts/base/files/pe/consts.bro b/scripts/base/files/pe/consts.zeek similarity index 100% rename from scripts/base/files/pe/consts.bro rename to scripts/base/files/pe/consts.zeek diff --git a/scripts/base/files/pe/main.bro b/scripts/base/files/pe/main.zeek similarity index 100% rename from scripts/base/files/pe/main.bro rename to scripts/base/files/pe/main.zeek diff --git a/scripts/base/files/unified2/__load__.bro b/scripts/base/files/unified2/__load__.zeek similarity index 100% rename from scripts/base/files/unified2/__load__.bro rename to scripts/base/files/unified2/__load__.zeek diff --git a/scripts/base/files/unified2/main.bro b/scripts/base/files/unified2/main.zeek similarity index 100% rename from scripts/base/files/unified2/main.bro rename to scripts/base/files/unified2/main.zeek diff --git a/scripts/base/files/x509/__load__.bro b/scripts/base/files/x509/__load__.zeek similarity index 100% rename from scripts/base/files/x509/__load__.bro rename to scripts/base/files/x509/__load__.zeek diff --git a/scripts/base/files/x509/main.bro b/scripts/base/files/x509/main.zeek similarity index 100% rename from scripts/base/files/x509/main.bro rename to scripts/base/files/x509/main.zeek diff --git a/scripts/base/frameworks/analyzer/__load__.bro b/scripts/base/frameworks/analyzer/__load__.zeek similarity index 100% rename from scripts/base/frameworks/analyzer/__load__.bro rename to scripts/base/frameworks/analyzer/__load__.zeek diff --git a/scripts/base/frameworks/analyzer/main.bro b/scripts/base/frameworks/analyzer/main.zeek similarity index 100% rename from scripts/base/frameworks/analyzer/main.bro rename to scripts/base/frameworks/analyzer/main.zeek diff --git a/scripts/base/frameworks/broker/__load__.bro b/scripts/base/frameworks/broker/__load__.zeek similarity index 100% rename from scripts/base/frameworks/broker/__load__.bro rename to scripts/base/frameworks/broker/__load__.zeek diff --git a/scripts/base/frameworks/broker/log.bro b/scripts/base/frameworks/broker/log.zeek similarity index 100% rename from scripts/base/frameworks/broker/log.bro rename to scripts/base/frameworks/broker/log.zeek diff --git a/scripts/base/frameworks/broker/main.bro b/scripts/base/frameworks/broker/main.zeek similarity index 100% rename from scripts/base/frameworks/broker/main.bro rename to scripts/base/frameworks/broker/main.zeek diff --git a/scripts/base/frameworks/broker/store.bro b/scripts/base/frameworks/broker/store.zeek similarity index 100% rename from scripts/base/frameworks/broker/store.bro rename to scripts/base/frameworks/broker/store.zeek diff --git a/scripts/base/frameworks/cluster/__load__.bro b/scripts/base/frameworks/cluster/__load__.zeek similarity index 100% rename from scripts/base/frameworks/cluster/__load__.bro rename to scripts/base/frameworks/cluster/__load__.zeek diff --git a/scripts/base/frameworks/cluster/main.bro b/scripts/base/frameworks/cluster/main.zeek similarity index 98% rename from scripts/base/frameworks/cluster/main.bro rename to scripts/base/frameworks/cluster/main.zeek index 2d492454d4..2cb0401eea 100644 --- a/scripts/base/frameworks/cluster/main.bro +++ b/scripts/base/frameworks/cluster/main.zeek @@ -1,6 +1,6 @@ ##! A framework for establishing and controlling a cluster of Bro instances. ##! In order to use the cluster framework, a script named -##! ``cluster-layout.bro`` must exist somewhere in Bro's script search path +##! ``cluster-layout.zeek`` must exist somewhere in Bro's script search path ##! which has a cluster definition of the :bro:id:`Cluster::nodes` variable. ##! The ``CLUSTER_NODE`` environment variable or :bro:id:`Cluster::node` ##! must also be sent and the cluster framework loaded as a package like @@ -192,7 +192,7 @@ export { global worker_count: count = 0; ## The cluster layout definition. This should be placed into a filter - ## named cluster-layout.bro somewhere in the BROPATH. It will be + ## named cluster-layout.zeek somewhere in the BROPATH. It will be ## automatically loaded if the CLUSTER_NODE environment variable is set. ## Note that BroControl handles all of this automatically. ## The table is typically indexed by node names/labels (e.g. "manager" @@ -200,7 +200,7 @@ export { const nodes: table[string] of Node = {} &redef; ## Indicates whether or not the manager will act as the logger and receive - ## logs. This value should be set in the cluster-layout.bro script (the + ## logs. This value should be set in the cluster-layout.zeek script (the ## value should be true only if no logger is specified in Cluster::nodes). ## Note that BroControl handles this automatically. const manager_is_logger = T &redef; diff --git a/scripts/base/frameworks/cluster/nodes/logger.bro b/scripts/base/frameworks/cluster/nodes/logger.zeek similarity index 100% rename from scripts/base/frameworks/cluster/nodes/logger.bro rename to scripts/base/frameworks/cluster/nodes/logger.zeek diff --git a/scripts/base/frameworks/cluster/nodes/manager.bro b/scripts/base/frameworks/cluster/nodes/manager.zeek similarity index 100% rename from scripts/base/frameworks/cluster/nodes/manager.bro rename to scripts/base/frameworks/cluster/nodes/manager.zeek diff --git a/scripts/base/frameworks/cluster/nodes/proxy.bro b/scripts/base/frameworks/cluster/nodes/proxy.zeek similarity index 100% rename from scripts/base/frameworks/cluster/nodes/proxy.bro rename to scripts/base/frameworks/cluster/nodes/proxy.zeek diff --git a/scripts/base/frameworks/cluster/nodes/worker.bro b/scripts/base/frameworks/cluster/nodes/worker.zeek similarity index 100% rename from scripts/base/frameworks/cluster/nodes/worker.bro rename to scripts/base/frameworks/cluster/nodes/worker.zeek diff --git a/scripts/base/frameworks/cluster/pools.bro b/scripts/base/frameworks/cluster/pools.zeek similarity index 100% rename from scripts/base/frameworks/cluster/pools.bro rename to scripts/base/frameworks/cluster/pools.zeek diff --git a/scripts/base/frameworks/cluster/setup-connections.bro b/scripts/base/frameworks/cluster/setup-connections.zeek similarity index 100% rename from scripts/base/frameworks/cluster/setup-connections.bro rename to scripts/base/frameworks/cluster/setup-connections.zeek diff --git a/scripts/base/frameworks/config/__load__.bro b/scripts/base/frameworks/config/__load__.zeek similarity index 100% rename from scripts/base/frameworks/config/__load__.bro rename to scripts/base/frameworks/config/__load__.zeek diff --git a/scripts/base/frameworks/config/input.bro b/scripts/base/frameworks/config/input.zeek similarity index 100% rename from scripts/base/frameworks/config/input.bro rename to scripts/base/frameworks/config/input.zeek diff --git a/scripts/base/frameworks/config/main.bro b/scripts/base/frameworks/config/main.zeek similarity index 100% rename from scripts/base/frameworks/config/main.bro rename to scripts/base/frameworks/config/main.zeek diff --git a/scripts/base/frameworks/config/weird.bro b/scripts/base/frameworks/config/weird.zeek similarity index 100% rename from scripts/base/frameworks/config/weird.bro rename to scripts/base/frameworks/config/weird.zeek diff --git a/scripts/base/frameworks/control/__load__.bro b/scripts/base/frameworks/control/__load__.zeek similarity index 100% rename from scripts/base/frameworks/control/__load__.bro rename to scripts/base/frameworks/control/__load__.zeek diff --git a/scripts/base/frameworks/control/main.bro b/scripts/base/frameworks/control/main.zeek similarity index 100% rename from scripts/base/frameworks/control/main.bro rename to scripts/base/frameworks/control/main.zeek diff --git a/scripts/base/frameworks/dpd/__load__.bro b/scripts/base/frameworks/dpd/__load__.zeek similarity index 100% rename from scripts/base/frameworks/dpd/__load__.bro rename to scripts/base/frameworks/dpd/__load__.zeek diff --git a/scripts/base/frameworks/dpd/main.bro b/scripts/base/frameworks/dpd/main.zeek similarity index 100% rename from scripts/base/frameworks/dpd/main.bro rename to scripts/base/frameworks/dpd/main.zeek diff --git a/scripts/base/frameworks/files/__load__.bro b/scripts/base/frameworks/files/__load__.zeek similarity index 100% rename from scripts/base/frameworks/files/__load__.bro rename to scripts/base/frameworks/files/__load__.zeek diff --git a/scripts/base/frameworks/files/magic/__load__.bro b/scripts/base/frameworks/files/magic/__load__.zeek similarity index 100% rename from scripts/base/frameworks/files/magic/__load__.bro rename to scripts/base/frameworks/files/magic/__load__.zeek diff --git a/scripts/base/frameworks/files/main.bro b/scripts/base/frameworks/files/main.zeek similarity index 100% rename from scripts/base/frameworks/files/main.bro rename to scripts/base/frameworks/files/main.zeek diff --git a/scripts/base/frameworks/input/__load__.bro b/scripts/base/frameworks/input/__load__.zeek similarity index 100% rename from scripts/base/frameworks/input/__load__.bro rename to scripts/base/frameworks/input/__load__.zeek diff --git a/scripts/base/frameworks/input/main.bro b/scripts/base/frameworks/input/main.zeek similarity index 100% rename from scripts/base/frameworks/input/main.bro rename to scripts/base/frameworks/input/main.zeek diff --git a/scripts/base/frameworks/input/readers/ascii.bro b/scripts/base/frameworks/input/readers/ascii.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/ascii.bro rename to scripts/base/frameworks/input/readers/ascii.zeek diff --git a/scripts/base/frameworks/input/readers/benchmark.bro b/scripts/base/frameworks/input/readers/benchmark.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/benchmark.bro rename to scripts/base/frameworks/input/readers/benchmark.zeek diff --git a/scripts/base/frameworks/input/readers/binary.bro b/scripts/base/frameworks/input/readers/binary.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/binary.bro rename to scripts/base/frameworks/input/readers/binary.zeek diff --git a/scripts/base/frameworks/input/readers/config.bro b/scripts/base/frameworks/input/readers/config.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/config.bro rename to scripts/base/frameworks/input/readers/config.zeek diff --git a/scripts/base/frameworks/input/readers/raw.bro b/scripts/base/frameworks/input/readers/raw.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/raw.bro rename to scripts/base/frameworks/input/readers/raw.zeek diff --git a/scripts/base/frameworks/input/readers/sqlite.bro b/scripts/base/frameworks/input/readers/sqlite.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/sqlite.bro rename to scripts/base/frameworks/input/readers/sqlite.zeek diff --git a/scripts/base/frameworks/intel/__load__.bro b/scripts/base/frameworks/intel/__load__.zeek similarity index 100% rename from scripts/base/frameworks/intel/__load__.bro rename to scripts/base/frameworks/intel/__load__.zeek diff --git a/scripts/base/frameworks/intel/cluster.bro b/scripts/base/frameworks/intel/cluster.zeek similarity index 100% rename from scripts/base/frameworks/intel/cluster.bro rename to scripts/base/frameworks/intel/cluster.zeek diff --git a/scripts/base/frameworks/intel/files.bro b/scripts/base/frameworks/intel/files.zeek similarity index 100% rename from scripts/base/frameworks/intel/files.bro rename to scripts/base/frameworks/intel/files.zeek diff --git a/scripts/base/frameworks/intel/input.bro b/scripts/base/frameworks/intel/input.zeek similarity index 100% rename from scripts/base/frameworks/intel/input.bro rename to scripts/base/frameworks/intel/input.zeek diff --git a/scripts/base/frameworks/intel/main.bro b/scripts/base/frameworks/intel/main.zeek similarity index 100% rename from scripts/base/frameworks/intel/main.bro rename to scripts/base/frameworks/intel/main.zeek diff --git a/scripts/base/frameworks/logging/__load__.bro b/scripts/base/frameworks/logging/__load__.zeek similarity index 100% rename from scripts/base/frameworks/logging/__load__.bro rename to scripts/base/frameworks/logging/__load__.zeek diff --git a/scripts/base/frameworks/logging/main.bro b/scripts/base/frameworks/logging/main.zeek similarity index 100% rename from scripts/base/frameworks/logging/main.bro rename to scripts/base/frameworks/logging/main.zeek diff --git a/scripts/base/frameworks/logging/postprocessors/__load__.bro b/scripts/base/frameworks/logging/postprocessors/__load__.zeek similarity index 100% rename from scripts/base/frameworks/logging/postprocessors/__load__.bro rename to scripts/base/frameworks/logging/postprocessors/__load__.zeek diff --git a/scripts/base/frameworks/logging/postprocessors/scp.bro b/scripts/base/frameworks/logging/postprocessors/scp.zeek similarity index 100% rename from scripts/base/frameworks/logging/postprocessors/scp.bro rename to scripts/base/frameworks/logging/postprocessors/scp.zeek diff --git a/scripts/base/frameworks/logging/postprocessors/sftp.bro b/scripts/base/frameworks/logging/postprocessors/sftp.zeek similarity index 100% rename from scripts/base/frameworks/logging/postprocessors/sftp.bro rename to scripts/base/frameworks/logging/postprocessors/sftp.zeek diff --git a/scripts/base/frameworks/logging/writers/ascii.bro b/scripts/base/frameworks/logging/writers/ascii.zeek similarity index 100% rename from scripts/base/frameworks/logging/writers/ascii.bro rename to scripts/base/frameworks/logging/writers/ascii.zeek diff --git a/scripts/base/frameworks/logging/writers/none.bro b/scripts/base/frameworks/logging/writers/none.zeek similarity index 100% rename from scripts/base/frameworks/logging/writers/none.bro rename to scripts/base/frameworks/logging/writers/none.zeek diff --git a/scripts/base/frameworks/logging/writers/sqlite.bro b/scripts/base/frameworks/logging/writers/sqlite.zeek similarity index 100% rename from scripts/base/frameworks/logging/writers/sqlite.bro rename to scripts/base/frameworks/logging/writers/sqlite.zeek diff --git a/scripts/base/frameworks/netcontrol/__load__.bro b/scripts/base/frameworks/netcontrol/__load__.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/__load__.bro rename to scripts/base/frameworks/netcontrol/__load__.zeek diff --git a/scripts/base/frameworks/netcontrol/catch-and-release.bro b/scripts/base/frameworks/netcontrol/catch-and-release.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/catch-and-release.bro rename to scripts/base/frameworks/netcontrol/catch-and-release.zeek diff --git a/scripts/base/frameworks/netcontrol/cluster.bro b/scripts/base/frameworks/netcontrol/cluster.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/cluster.bro rename to scripts/base/frameworks/netcontrol/cluster.zeek diff --git a/scripts/base/frameworks/netcontrol/drop.bro b/scripts/base/frameworks/netcontrol/drop.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/drop.bro rename to scripts/base/frameworks/netcontrol/drop.zeek diff --git a/scripts/base/frameworks/netcontrol/main.bro b/scripts/base/frameworks/netcontrol/main.zeek similarity index 99% rename from scripts/base/frameworks/netcontrol/main.bro rename to scripts/base/frameworks/netcontrol/main.zeek index a9418508af..110a0488dd 100644 --- a/scripts/base/frameworks/netcontrol/main.bro +++ b/scripts/base/frameworks/netcontrol/main.zeek @@ -43,8 +43,8 @@ export { # ### High-level API. # ### - # ### Note - other high level primitives are in catch-and-release.bro, shunt.bro and - # ### drop.bro + # ### Note - other high level primitives are in catch-and-release.zeek, + # ### shunt.zeek and drop.zeek ## Allows all traffic involving a specific IP address to be forwarded. ## diff --git a/scripts/base/frameworks/netcontrol/non-cluster.bro b/scripts/base/frameworks/netcontrol/non-cluster.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/non-cluster.bro rename to scripts/base/frameworks/netcontrol/non-cluster.zeek diff --git a/scripts/base/frameworks/netcontrol/plugin.bro b/scripts/base/frameworks/netcontrol/plugin.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugin.bro rename to scripts/base/frameworks/netcontrol/plugin.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/__load__.bro b/scripts/base/frameworks/netcontrol/plugins/__load__.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/__load__.bro rename to scripts/base/frameworks/netcontrol/plugins/__load__.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/acld.bro b/scripts/base/frameworks/netcontrol/plugins/acld.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/acld.bro rename to scripts/base/frameworks/netcontrol/plugins/acld.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/broker.bro b/scripts/base/frameworks/netcontrol/plugins/broker.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/broker.bro rename to scripts/base/frameworks/netcontrol/plugins/broker.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/debug.bro b/scripts/base/frameworks/netcontrol/plugins/debug.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/debug.bro rename to scripts/base/frameworks/netcontrol/plugins/debug.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/openflow.bro b/scripts/base/frameworks/netcontrol/plugins/openflow.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/openflow.bro rename to scripts/base/frameworks/netcontrol/plugins/openflow.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/packetfilter.bro b/scripts/base/frameworks/netcontrol/plugins/packetfilter.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/packetfilter.bro rename to scripts/base/frameworks/netcontrol/plugins/packetfilter.zeek diff --git a/scripts/base/frameworks/netcontrol/shunt.bro b/scripts/base/frameworks/netcontrol/shunt.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/shunt.bro rename to scripts/base/frameworks/netcontrol/shunt.zeek diff --git a/scripts/base/frameworks/netcontrol/types.bro b/scripts/base/frameworks/netcontrol/types.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/types.bro rename to scripts/base/frameworks/netcontrol/types.zeek diff --git a/scripts/base/frameworks/notice/__load__.bro b/scripts/base/frameworks/notice/__load__.zeek similarity index 100% rename from scripts/base/frameworks/notice/__load__.bro rename to scripts/base/frameworks/notice/__load__.zeek diff --git a/scripts/base/frameworks/notice/actions/add-geodata.bro b/scripts/base/frameworks/notice/actions/add-geodata.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/add-geodata.bro rename to scripts/base/frameworks/notice/actions/add-geodata.zeek diff --git a/scripts/base/frameworks/notice/actions/drop.bro b/scripts/base/frameworks/notice/actions/drop.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/drop.bro rename to scripts/base/frameworks/notice/actions/drop.zeek diff --git a/scripts/base/frameworks/notice/actions/email_admin.bro b/scripts/base/frameworks/notice/actions/email_admin.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/email_admin.bro rename to scripts/base/frameworks/notice/actions/email_admin.zeek diff --git a/scripts/base/frameworks/notice/actions/page.bro b/scripts/base/frameworks/notice/actions/page.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/page.bro rename to scripts/base/frameworks/notice/actions/page.zeek diff --git a/scripts/base/frameworks/notice/actions/pp-alarms.bro b/scripts/base/frameworks/notice/actions/pp-alarms.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/pp-alarms.bro rename to scripts/base/frameworks/notice/actions/pp-alarms.zeek diff --git a/scripts/base/frameworks/notice/main.bro b/scripts/base/frameworks/notice/main.zeek similarity index 100% rename from scripts/base/frameworks/notice/main.bro rename to scripts/base/frameworks/notice/main.zeek diff --git a/scripts/base/frameworks/notice/weird.bro b/scripts/base/frameworks/notice/weird.zeek similarity index 100% rename from scripts/base/frameworks/notice/weird.bro rename to scripts/base/frameworks/notice/weird.zeek diff --git a/scripts/base/frameworks/openflow/__load__.bro b/scripts/base/frameworks/openflow/__load__.zeek similarity index 100% rename from scripts/base/frameworks/openflow/__load__.bro rename to scripts/base/frameworks/openflow/__load__.zeek diff --git a/scripts/base/frameworks/openflow/cluster.bro b/scripts/base/frameworks/openflow/cluster.zeek similarity index 100% rename from scripts/base/frameworks/openflow/cluster.bro rename to scripts/base/frameworks/openflow/cluster.zeek diff --git a/scripts/base/frameworks/openflow/consts.bro b/scripts/base/frameworks/openflow/consts.zeek similarity index 100% rename from scripts/base/frameworks/openflow/consts.bro rename to scripts/base/frameworks/openflow/consts.zeek diff --git a/scripts/base/frameworks/openflow/main.bro b/scripts/base/frameworks/openflow/main.zeek similarity index 99% rename from scripts/base/frameworks/openflow/main.bro rename to scripts/base/frameworks/openflow/main.zeek index 5740e90056..ecddea7cb3 100644 --- a/scripts/base/frameworks/openflow/main.bro +++ b/scripts/base/frameworks/openflow/main.zeek @@ -251,7 +251,7 @@ function controller_init_done(controller: Controller) event OpenFlow::controller_activated(controller$state$_name, controller); } -# Functions that are called from cluster.bro and non-cluster.bro +# Functions that are called from cluster.zeek and non-cluster.zeek function register_controller_impl(tpe: OpenFlow::Plugin, name: string, controller: Controller) { diff --git a/scripts/base/frameworks/openflow/non-cluster.bro b/scripts/base/frameworks/openflow/non-cluster.zeek similarity index 100% rename from scripts/base/frameworks/openflow/non-cluster.bro rename to scripts/base/frameworks/openflow/non-cluster.zeek diff --git a/scripts/base/frameworks/openflow/plugins/__load__.bro b/scripts/base/frameworks/openflow/plugins/__load__.zeek similarity index 100% rename from scripts/base/frameworks/openflow/plugins/__load__.bro rename to scripts/base/frameworks/openflow/plugins/__load__.zeek diff --git a/scripts/base/frameworks/openflow/plugins/broker.bro b/scripts/base/frameworks/openflow/plugins/broker.zeek similarity index 100% rename from scripts/base/frameworks/openflow/plugins/broker.bro rename to scripts/base/frameworks/openflow/plugins/broker.zeek diff --git a/scripts/base/frameworks/openflow/plugins/log.bro b/scripts/base/frameworks/openflow/plugins/log.zeek similarity index 100% rename from scripts/base/frameworks/openflow/plugins/log.bro rename to scripts/base/frameworks/openflow/plugins/log.zeek diff --git a/scripts/base/frameworks/openflow/plugins/ryu.bro b/scripts/base/frameworks/openflow/plugins/ryu.zeek similarity index 100% rename from scripts/base/frameworks/openflow/plugins/ryu.bro rename to scripts/base/frameworks/openflow/plugins/ryu.zeek diff --git a/scripts/base/frameworks/openflow/types.bro b/scripts/base/frameworks/openflow/types.zeek similarity index 100% rename from scripts/base/frameworks/openflow/types.bro rename to scripts/base/frameworks/openflow/types.zeek diff --git a/scripts/base/frameworks/packet-filter/__load__.bro b/scripts/base/frameworks/packet-filter/__load__.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/__load__.bro rename to scripts/base/frameworks/packet-filter/__load__.zeek diff --git a/scripts/base/frameworks/packet-filter/cluster.bro b/scripts/base/frameworks/packet-filter/cluster.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/cluster.bro rename to scripts/base/frameworks/packet-filter/cluster.zeek diff --git a/scripts/base/frameworks/packet-filter/main.bro b/scripts/base/frameworks/packet-filter/main.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/main.bro rename to scripts/base/frameworks/packet-filter/main.zeek diff --git a/scripts/base/frameworks/packet-filter/netstats.bro b/scripts/base/frameworks/packet-filter/netstats.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/netstats.bro rename to scripts/base/frameworks/packet-filter/netstats.zeek diff --git a/scripts/base/frameworks/packet-filter/utils.bro b/scripts/base/frameworks/packet-filter/utils.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/utils.bro rename to scripts/base/frameworks/packet-filter/utils.zeek diff --git a/scripts/base/frameworks/reporter/__load__.bro b/scripts/base/frameworks/reporter/__load__.zeek similarity index 100% rename from scripts/base/frameworks/reporter/__load__.bro rename to scripts/base/frameworks/reporter/__load__.zeek diff --git a/scripts/base/frameworks/reporter/main.bro b/scripts/base/frameworks/reporter/main.zeek similarity index 99% rename from scripts/base/frameworks/reporter/main.bro rename to scripts/base/frameworks/reporter/main.zeek index 8cba29bdc2..ea97048049 100644 --- a/scripts/base/frameworks/reporter/main.bro +++ b/scripts/base/frameworks/reporter/main.zeek @@ -9,7 +9,7 @@ ##! Note that this framework deals with the handling of internally generated ##! reporter messages, for the interface ##! into actually creating reporter messages from the scripting layer, use -##! the built-in functions in :doc:`/scripts/base/bif/reporter.bif.bro`. +##! the built-in functions in :doc:`/scripts/base/bif/reporter.bif.zeek`. module Reporter; diff --git a/scripts/base/frameworks/signatures/__load__.bro b/scripts/base/frameworks/signatures/__load__.zeek similarity index 100% rename from scripts/base/frameworks/signatures/__load__.bro rename to scripts/base/frameworks/signatures/__load__.zeek diff --git a/scripts/base/frameworks/signatures/main.bro b/scripts/base/frameworks/signatures/main.zeek similarity index 100% rename from scripts/base/frameworks/signatures/main.bro rename to scripts/base/frameworks/signatures/main.zeek diff --git a/scripts/base/frameworks/software/__load__.bro b/scripts/base/frameworks/software/__load__.zeek similarity index 100% rename from scripts/base/frameworks/software/__load__.bro rename to scripts/base/frameworks/software/__load__.zeek diff --git a/scripts/base/frameworks/software/main.bro b/scripts/base/frameworks/software/main.zeek similarity index 100% rename from scripts/base/frameworks/software/main.bro rename to scripts/base/frameworks/software/main.zeek diff --git a/scripts/base/frameworks/sumstats/__load__.bro b/scripts/base/frameworks/sumstats/__load__.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/__load__.bro rename to scripts/base/frameworks/sumstats/__load__.zeek diff --git a/scripts/base/frameworks/sumstats/cluster.bro b/scripts/base/frameworks/sumstats/cluster.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/cluster.bro rename to scripts/base/frameworks/sumstats/cluster.zeek diff --git a/scripts/base/frameworks/sumstats/main.bro b/scripts/base/frameworks/sumstats/main.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/main.bro rename to scripts/base/frameworks/sumstats/main.zeek diff --git a/scripts/base/frameworks/sumstats/non-cluster.bro b/scripts/base/frameworks/sumstats/non-cluster.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/non-cluster.bro rename to scripts/base/frameworks/sumstats/non-cluster.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/__load__.bro b/scripts/base/frameworks/sumstats/plugins/__load__.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/__load__.bro rename to scripts/base/frameworks/sumstats/plugins/__load__.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/average.bro b/scripts/base/frameworks/sumstats/plugins/average.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/average.bro rename to scripts/base/frameworks/sumstats/plugins/average.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/hll_unique.bro b/scripts/base/frameworks/sumstats/plugins/hll_unique.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/hll_unique.bro rename to scripts/base/frameworks/sumstats/plugins/hll_unique.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/last.bro b/scripts/base/frameworks/sumstats/plugins/last.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/last.bro rename to scripts/base/frameworks/sumstats/plugins/last.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/max.bro b/scripts/base/frameworks/sumstats/plugins/max.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/max.bro rename to scripts/base/frameworks/sumstats/plugins/max.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/min.bro b/scripts/base/frameworks/sumstats/plugins/min.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/min.bro rename to scripts/base/frameworks/sumstats/plugins/min.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/sample.bro b/scripts/base/frameworks/sumstats/plugins/sample.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/sample.bro rename to scripts/base/frameworks/sumstats/plugins/sample.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/std-dev.bro b/scripts/base/frameworks/sumstats/plugins/std-dev.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/std-dev.bro rename to scripts/base/frameworks/sumstats/plugins/std-dev.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/sum.bro b/scripts/base/frameworks/sumstats/plugins/sum.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/sum.bro rename to scripts/base/frameworks/sumstats/plugins/sum.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/topk.bro b/scripts/base/frameworks/sumstats/plugins/topk.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/topk.bro rename to scripts/base/frameworks/sumstats/plugins/topk.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/unique.bro b/scripts/base/frameworks/sumstats/plugins/unique.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/unique.bro rename to scripts/base/frameworks/sumstats/plugins/unique.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/variance.bro b/scripts/base/frameworks/sumstats/plugins/variance.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/variance.bro rename to scripts/base/frameworks/sumstats/plugins/variance.zeek diff --git a/scripts/base/frameworks/tunnels/__load__.bro b/scripts/base/frameworks/tunnels/__load__.zeek similarity index 100% rename from scripts/base/frameworks/tunnels/__load__.bro rename to scripts/base/frameworks/tunnels/__load__.zeek diff --git a/scripts/base/frameworks/tunnels/main.bro b/scripts/base/frameworks/tunnels/main.zeek similarity index 100% rename from scripts/base/frameworks/tunnels/main.bro rename to scripts/base/frameworks/tunnels/main.zeek diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.zeek similarity index 99% rename from scripts/base/init-bare.bro rename to scripts/base/init-bare.zeek index 0c32cebcc5..3c1c6f98fb 100644 --- a/scripts/base/init-bare.bro +++ b/scripts/base/init-bare.zeek @@ -480,7 +480,7 @@ type NetStats: record { pkts_dropped: count &default=0; ##< Packets reported dropped by the system. ## Packets seen on the link. Note that this may differ ## from *pkts_recvd* because of a potential capture_filter. See - ## :doc:`/scripts/base/frameworks/packet-filter/main.bro`. Depending on the + ## :doc:`/scripts/base/frameworks/packet-filter/main.zeek`. Depending on the ## packet capture system, this value may not be available and will then ## be always set to zero. pkts_link: count &default=0; @@ -4629,13 +4629,13 @@ const log_max_size = 0.0 &redef; const log_encryption_key = "" &redef; ## Write profiling info into this file in regular intervals. The easiest way to -## activate profiling is loading :doc:`/scripts/policy/misc/profiling.bro`. +## activate profiling is loading :doc:`/scripts/policy/misc/profiling.zeek`. ## ## .. bro:see:: profiling_interval expensive_profiling_multiple segment_profiling global profiling_file: file &redef; ## Update interval for profiling (0 disables). The easiest way to activate -## profiling is loading :doc:`/scripts/policy/misc/profiling.bro`. +## profiling is loading :doc:`/scripts/policy/misc/profiling.zeek`. ## ## .. bro:see:: profiling_file expensive_profiling_multiple segment_profiling const profiling_interval = 0 secs &redef; diff --git a/scripts/base/init-default.bro b/scripts/base/init-default.zeek similarity index 98% rename from scripts/base/init-default.bro rename to scripts/base/init-default.zeek index 463f5c2942..6982b0b2f4 100644 --- a/scripts/base/init-default.bro +++ b/scripts/base/init-default.zeek @@ -25,7 +25,7 @@ @load base/utils/urls # This has some deep interplay between types and BiFs so it's -# loaded in base/init-bare.bro +# loaded in base/init-bare.zeek #@load base/frameworks/logging @load base/frameworks/notice @load base/frameworks/analyzer diff --git a/scripts/base/init-frameworks-and-bifs.bro b/scripts/base/init-frameworks-and-bifs.zeek similarity index 86% rename from scripts/base/init-frameworks-and-bifs.bro rename to scripts/base/init-frameworks-and-bifs.zeek index f772e2d223..19897e7ffb 100644 --- a/scripts/base/init-frameworks-and-bifs.bro +++ b/scripts/base/init-frameworks-and-bifs.zeek @@ -1,7 +1,7 @@ # Load these frameworks here because they use fairly deep integration with # BiFs and script-land defined types. They are also more likely to # make use of calling BIFs for variable initializations, and that -# can't be done until init-bare.bro has been loaded completely (hence +# can't be done until init-bare.zeek has been loaded completely (hence # the separate file). @load base/frameworks/logging @load base/frameworks/broker diff --git a/scripts/base/misc/find-checksum-offloading.bro b/scripts/base/misc/find-checksum-offloading.zeek similarity index 100% rename from scripts/base/misc/find-checksum-offloading.bro rename to scripts/base/misc/find-checksum-offloading.zeek diff --git a/scripts/base/misc/find-filtered-trace.bro b/scripts/base/misc/find-filtered-trace.zeek similarity index 100% rename from scripts/base/misc/find-filtered-trace.bro rename to scripts/base/misc/find-filtered-trace.zeek diff --git a/scripts/base/misc/version.bro b/scripts/base/misc/version.zeek similarity index 100% rename from scripts/base/misc/version.bro rename to scripts/base/misc/version.zeek diff --git a/scripts/base/protocols/conn/__load__.bro b/scripts/base/protocols/conn/__load__.zeek similarity index 100% rename from scripts/base/protocols/conn/__load__.bro rename to scripts/base/protocols/conn/__load__.zeek diff --git a/scripts/base/protocols/conn/contents.bro b/scripts/base/protocols/conn/contents.zeek similarity index 100% rename from scripts/base/protocols/conn/contents.bro rename to scripts/base/protocols/conn/contents.zeek diff --git a/scripts/base/protocols/conn/inactivity.bro b/scripts/base/protocols/conn/inactivity.zeek similarity index 100% rename from scripts/base/protocols/conn/inactivity.bro rename to scripts/base/protocols/conn/inactivity.zeek diff --git a/scripts/base/protocols/conn/main.bro b/scripts/base/protocols/conn/main.zeek similarity index 100% rename from scripts/base/protocols/conn/main.bro rename to scripts/base/protocols/conn/main.zeek diff --git a/scripts/base/protocols/conn/polling.bro b/scripts/base/protocols/conn/polling.zeek similarity index 100% rename from scripts/base/protocols/conn/polling.bro rename to scripts/base/protocols/conn/polling.zeek diff --git a/scripts/base/protocols/conn/thresholds.bro b/scripts/base/protocols/conn/thresholds.zeek similarity index 100% rename from scripts/base/protocols/conn/thresholds.bro rename to scripts/base/protocols/conn/thresholds.zeek diff --git a/scripts/base/protocols/dce-rpc/__load__.bro b/scripts/base/protocols/dce-rpc/__load__.zeek similarity index 100% rename from scripts/base/protocols/dce-rpc/__load__.bro rename to scripts/base/protocols/dce-rpc/__load__.zeek diff --git a/scripts/base/protocols/dce-rpc/consts.bro b/scripts/base/protocols/dce-rpc/consts.zeek similarity index 100% rename from scripts/base/protocols/dce-rpc/consts.bro rename to scripts/base/protocols/dce-rpc/consts.zeek diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.zeek similarity index 100% rename from scripts/base/protocols/dce-rpc/main.bro rename to scripts/base/protocols/dce-rpc/main.zeek diff --git a/scripts/base/protocols/dhcp/__load__.bro b/scripts/base/protocols/dhcp/__load__.zeek similarity index 100% rename from scripts/base/protocols/dhcp/__load__.bro rename to scripts/base/protocols/dhcp/__load__.zeek diff --git a/scripts/base/protocols/dhcp/consts.bro b/scripts/base/protocols/dhcp/consts.zeek similarity index 100% rename from scripts/base/protocols/dhcp/consts.bro rename to scripts/base/protocols/dhcp/consts.zeek diff --git a/scripts/base/protocols/dhcp/main.bro b/scripts/base/protocols/dhcp/main.zeek similarity index 100% rename from scripts/base/protocols/dhcp/main.bro rename to scripts/base/protocols/dhcp/main.zeek diff --git a/scripts/base/protocols/dnp3/__load__.bro b/scripts/base/protocols/dnp3/__load__.zeek similarity index 100% rename from scripts/base/protocols/dnp3/__load__.bro rename to scripts/base/protocols/dnp3/__load__.zeek diff --git a/scripts/base/protocols/dnp3/consts.bro b/scripts/base/protocols/dnp3/consts.zeek similarity index 100% rename from scripts/base/protocols/dnp3/consts.bro rename to scripts/base/protocols/dnp3/consts.zeek diff --git a/scripts/base/protocols/dnp3/main.bro b/scripts/base/protocols/dnp3/main.zeek similarity index 100% rename from scripts/base/protocols/dnp3/main.bro rename to scripts/base/protocols/dnp3/main.zeek diff --git a/scripts/base/protocols/dns/__load__.bro b/scripts/base/protocols/dns/__load__.zeek similarity index 100% rename from scripts/base/protocols/dns/__load__.bro rename to scripts/base/protocols/dns/__load__.zeek diff --git a/scripts/base/protocols/dns/consts.bro b/scripts/base/protocols/dns/consts.zeek similarity index 100% rename from scripts/base/protocols/dns/consts.bro rename to scripts/base/protocols/dns/consts.zeek diff --git a/scripts/base/protocols/dns/main.bro b/scripts/base/protocols/dns/main.zeek similarity index 100% rename from scripts/base/protocols/dns/main.bro rename to scripts/base/protocols/dns/main.zeek diff --git a/scripts/base/protocols/ftp/__load__.bro b/scripts/base/protocols/ftp/__load__.zeek similarity index 100% rename from scripts/base/protocols/ftp/__load__.bro rename to scripts/base/protocols/ftp/__load__.zeek diff --git a/scripts/base/protocols/ftp/files.bro b/scripts/base/protocols/ftp/files.zeek similarity index 100% rename from scripts/base/protocols/ftp/files.bro rename to scripts/base/protocols/ftp/files.zeek diff --git a/scripts/base/protocols/ftp/gridftp.bro b/scripts/base/protocols/ftp/gridftp.zeek similarity index 100% rename from scripts/base/protocols/ftp/gridftp.bro rename to scripts/base/protocols/ftp/gridftp.zeek diff --git a/scripts/base/protocols/ftp/info.bro b/scripts/base/protocols/ftp/info.zeek similarity index 100% rename from scripts/base/protocols/ftp/info.bro rename to scripts/base/protocols/ftp/info.zeek diff --git a/scripts/base/protocols/ftp/main.bro b/scripts/base/protocols/ftp/main.zeek similarity index 100% rename from scripts/base/protocols/ftp/main.bro rename to scripts/base/protocols/ftp/main.zeek diff --git a/scripts/base/protocols/ftp/utils-commands.bro b/scripts/base/protocols/ftp/utils-commands.zeek similarity index 100% rename from scripts/base/protocols/ftp/utils-commands.bro rename to scripts/base/protocols/ftp/utils-commands.zeek diff --git a/scripts/base/protocols/ftp/utils.bro b/scripts/base/protocols/ftp/utils.zeek similarity index 100% rename from scripts/base/protocols/ftp/utils.bro rename to scripts/base/protocols/ftp/utils.zeek diff --git a/scripts/base/protocols/http/__load__.bro b/scripts/base/protocols/http/__load__.zeek similarity index 100% rename from scripts/base/protocols/http/__load__.bro rename to scripts/base/protocols/http/__load__.zeek diff --git a/scripts/base/protocols/http/entities.bro b/scripts/base/protocols/http/entities.zeek similarity index 100% rename from scripts/base/protocols/http/entities.bro rename to scripts/base/protocols/http/entities.zeek diff --git a/scripts/base/protocols/http/files.bro b/scripts/base/protocols/http/files.zeek similarity index 100% rename from scripts/base/protocols/http/files.bro rename to scripts/base/protocols/http/files.zeek diff --git a/scripts/base/protocols/http/main.bro b/scripts/base/protocols/http/main.zeek similarity index 100% rename from scripts/base/protocols/http/main.bro rename to scripts/base/protocols/http/main.zeek diff --git a/scripts/base/protocols/http/utils.bro b/scripts/base/protocols/http/utils.zeek similarity index 100% rename from scripts/base/protocols/http/utils.bro rename to scripts/base/protocols/http/utils.zeek diff --git a/scripts/base/protocols/imap/__load__.bro b/scripts/base/protocols/imap/__load__.zeek similarity index 100% rename from scripts/base/protocols/imap/__load__.bro rename to scripts/base/protocols/imap/__load__.zeek diff --git a/scripts/base/protocols/imap/main.bro b/scripts/base/protocols/imap/main.zeek similarity index 100% rename from scripts/base/protocols/imap/main.bro rename to scripts/base/protocols/imap/main.zeek diff --git a/scripts/base/protocols/irc/__load__.bro b/scripts/base/protocols/irc/__load__.zeek similarity index 100% rename from scripts/base/protocols/irc/__load__.bro rename to scripts/base/protocols/irc/__load__.zeek diff --git a/scripts/base/protocols/irc/dcc-send.bro b/scripts/base/protocols/irc/dcc-send.zeek similarity index 100% rename from scripts/base/protocols/irc/dcc-send.bro rename to scripts/base/protocols/irc/dcc-send.zeek diff --git a/scripts/base/protocols/irc/files.bro b/scripts/base/protocols/irc/files.zeek similarity index 100% rename from scripts/base/protocols/irc/files.bro rename to scripts/base/protocols/irc/files.zeek diff --git a/scripts/base/protocols/irc/main.bro b/scripts/base/protocols/irc/main.zeek similarity index 100% rename from scripts/base/protocols/irc/main.bro rename to scripts/base/protocols/irc/main.zeek diff --git a/scripts/base/protocols/krb/__load__.bro b/scripts/base/protocols/krb/__load__.zeek similarity index 100% rename from scripts/base/protocols/krb/__load__.bro rename to scripts/base/protocols/krb/__load__.zeek diff --git a/scripts/base/protocols/krb/consts.bro b/scripts/base/protocols/krb/consts.zeek similarity index 100% rename from scripts/base/protocols/krb/consts.bro rename to scripts/base/protocols/krb/consts.zeek diff --git a/scripts/base/protocols/krb/files.bro b/scripts/base/protocols/krb/files.zeek similarity index 100% rename from scripts/base/protocols/krb/files.bro rename to scripts/base/protocols/krb/files.zeek diff --git a/scripts/base/protocols/krb/main.bro b/scripts/base/protocols/krb/main.zeek similarity index 100% rename from scripts/base/protocols/krb/main.bro rename to scripts/base/protocols/krb/main.zeek diff --git a/scripts/base/protocols/modbus/__load__.bro b/scripts/base/protocols/modbus/__load__.zeek similarity index 100% rename from scripts/base/protocols/modbus/__load__.bro rename to scripts/base/protocols/modbus/__load__.zeek diff --git a/scripts/base/protocols/modbus/consts.bro b/scripts/base/protocols/modbus/consts.zeek similarity index 100% rename from scripts/base/protocols/modbus/consts.bro rename to scripts/base/protocols/modbus/consts.zeek diff --git a/scripts/base/protocols/modbus/main.bro b/scripts/base/protocols/modbus/main.zeek similarity index 100% rename from scripts/base/protocols/modbus/main.bro rename to scripts/base/protocols/modbus/main.zeek diff --git a/scripts/base/protocols/mysql/__load__.bro b/scripts/base/protocols/mysql/__load__.zeek similarity index 100% rename from scripts/base/protocols/mysql/__load__.bro rename to scripts/base/protocols/mysql/__load__.zeek diff --git a/scripts/base/protocols/mysql/consts.bro b/scripts/base/protocols/mysql/consts.zeek similarity index 100% rename from scripts/base/protocols/mysql/consts.bro rename to scripts/base/protocols/mysql/consts.zeek diff --git a/scripts/base/protocols/mysql/main.bro b/scripts/base/protocols/mysql/main.zeek similarity index 100% rename from scripts/base/protocols/mysql/main.bro rename to scripts/base/protocols/mysql/main.zeek diff --git a/scripts/base/protocols/ntlm/__load__.bro b/scripts/base/protocols/ntlm/__load__.zeek similarity index 100% rename from scripts/base/protocols/ntlm/__load__.bro rename to scripts/base/protocols/ntlm/__load__.zeek diff --git a/scripts/base/protocols/ntlm/main.bro b/scripts/base/protocols/ntlm/main.zeek similarity index 100% rename from scripts/base/protocols/ntlm/main.bro rename to scripts/base/protocols/ntlm/main.zeek diff --git a/scripts/base/protocols/pop3/__load__.bro b/scripts/base/protocols/pop3/__load__.zeek similarity index 100% rename from scripts/base/protocols/pop3/__load__.bro rename to scripts/base/protocols/pop3/__load__.zeek diff --git a/scripts/base/protocols/radius/__load__.bro b/scripts/base/protocols/radius/__load__.zeek similarity index 100% rename from scripts/base/protocols/radius/__load__.bro rename to scripts/base/protocols/radius/__load__.zeek diff --git a/scripts/base/protocols/radius/consts.bro b/scripts/base/protocols/radius/consts.zeek similarity index 100% rename from scripts/base/protocols/radius/consts.bro rename to scripts/base/protocols/radius/consts.zeek diff --git a/scripts/base/protocols/radius/main.bro b/scripts/base/protocols/radius/main.zeek similarity index 100% rename from scripts/base/protocols/radius/main.bro rename to scripts/base/protocols/radius/main.zeek diff --git a/scripts/base/protocols/rdp/__load__.bro b/scripts/base/protocols/rdp/__load__.zeek similarity index 100% rename from scripts/base/protocols/rdp/__load__.bro rename to scripts/base/protocols/rdp/__load__.zeek diff --git a/scripts/base/protocols/rdp/consts.bro b/scripts/base/protocols/rdp/consts.zeek similarity index 100% rename from scripts/base/protocols/rdp/consts.bro rename to scripts/base/protocols/rdp/consts.zeek diff --git a/scripts/base/protocols/rdp/main.bro b/scripts/base/protocols/rdp/main.zeek similarity index 100% rename from scripts/base/protocols/rdp/main.bro rename to scripts/base/protocols/rdp/main.zeek diff --git a/scripts/base/protocols/rfb/__load__.bro b/scripts/base/protocols/rfb/__load__.zeek similarity index 100% rename from scripts/base/protocols/rfb/__load__.bro rename to scripts/base/protocols/rfb/__load__.zeek diff --git a/scripts/base/protocols/rfb/main.bro b/scripts/base/protocols/rfb/main.zeek similarity index 100% rename from scripts/base/protocols/rfb/main.bro rename to scripts/base/protocols/rfb/main.zeek diff --git a/scripts/base/protocols/sip/__load__.bro b/scripts/base/protocols/sip/__load__.zeek similarity index 100% rename from scripts/base/protocols/sip/__load__.bro rename to scripts/base/protocols/sip/__load__.zeek diff --git a/scripts/base/protocols/sip/main.bro b/scripts/base/protocols/sip/main.zeek similarity index 100% rename from scripts/base/protocols/sip/main.bro rename to scripts/base/protocols/sip/main.zeek diff --git a/scripts/base/protocols/smb/__load__.bro b/scripts/base/protocols/smb/__load__.zeek similarity index 100% rename from scripts/base/protocols/smb/__load__.bro rename to scripts/base/protocols/smb/__load__.zeek diff --git a/scripts/base/protocols/smb/const-dos-error.bro b/scripts/base/protocols/smb/const-dos-error.zeek similarity index 100% rename from scripts/base/protocols/smb/const-dos-error.bro rename to scripts/base/protocols/smb/const-dos-error.zeek diff --git a/scripts/base/protocols/smb/const-nt-status.bro b/scripts/base/protocols/smb/const-nt-status.zeek similarity index 100% rename from scripts/base/protocols/smb/const-nt-status.bro rename to scripts/base/protocols/smb/const-nt-status.zeek diff --git a/scripts/base/protocols/smb/consts.bro b/scripts/base/protocols/smb/consts.zeek similarity index 99% rename from scripts/base/protocols/smb/consts.bro rename to scripts/base/protocols/smb/consts.zeek index f36d029be9..32a03dd17d 100644 --- a/scripts/base/protocols/smb/consts.bro +++ b/scripts/base/protocols/smb/consts.zeek @@ -12,7 +12,7 @@ export { ## Heuristic detection of named pipes when the pipe ## mapping isn't seen. This variable is defined in - ## init-bare.bro. + ## init-bare.zeek. redef SMB::pipe_filenames = { "spoolss", "winreg", diff --git a/scripts/base/protocols/smb/files.bro b/scripts/base/protocols/smb/files.zeek similarity index 100% rename from scripts/base/protocols/smb/files.bro rename to scripts/base/protocols/smb/files.zeek diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.zeek similarity index 100% rename from scripts/base/protocols/smb/main.bro rename to scripts/base/protocols/smb/main.zeek diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.zeek similarity index 100% rename from scripts/base/protocols/smb/smb1-main.bro rename to scripts/base/protocols/smb/smb1-main.zeek diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.zeek similarity index 100% rename from scripts/base/protocols/smb/smb2-main.bro rename to scripts/base/protocols/smb/smb2-main.zeek diff --git a/scripts/base/protocols/smtp/__load__.bro b/scripts/base/protocols/smtp/__load__.zeek similarity index 100% rename from scripts/base/protocols/smtp/__load__.bro rename to scripts/base/protocols/smtp/__load__.zeek diff --git a/scripts/base/protocols/smtp/entities.bro b/scripts/base/protocols/smtp/entities.zeek similarity index 100% rename from scripts/base/protocols/smtp/entities.bro rename to scripts/base/protocols/smtp/entities.zeek diff --git a/scripts/base/protocols/smtp/files.bro b/scripts/base/protocols/smtp/files.zeek similarity index 100% rename from scripts/base/protocols/smtp/files.bro rename to scripts/base/protocols/smtp/files.zeek diff --git a/scripts/base/protocols/smtp/main.bro b/scripts/base/protocols/smtp/main.zeek similarity index 100% rename from scripts/base/protocols/smtp/main.bro rename to scripts/base/protocols/smtp/main.zeek diff --git a/scripts/base/protocols/snmp/__load__.bro b/scripts/base/protocols/snmp/__load__.zeek similarity index 100% rename from scripts/base/protocols/snmp/__load__.bro rename to scripts/base/protocols/snmp/__load__.zeek diff --git a/scripts/base/protocols/snmp/main.bro b/scripts/base/protocols/snmp/main.zeek similarity index 100% rename from scripts/base/protocols/snmp/main.bro rename to scripts/base/protocols/snmp/main.zeek diff --git a/scripts/base/protocols/socks/__load__.bro b/scripts/base/protocols/socks/__load__.zeek similarity index 100% rename from scripts/base/protocols/socks/__load__.bro rename to scripts/base/protocols/socks/__load__.zeek diff --git a/scripts/base/protocols/socks/consts.bro b/scripts/base/protocols/socks/consts.zeek similarity index 100% rename from scripts/base/protocols/socks/consts.bro rename to scripts/base/protocols/socks/consts.zeek diff --git a/scripts/base/protocols/socks/main.bro b/scripts/base/protocols/socks/main.zeek similarity index 100% rename from scripts/base/protocols/socks/main.bro rename to scripts/base/protocols/socks/main.zeek diff --git a/scripts/base/protocols/ssh/__load__.bro b/scripts/base/protocols/ssh/__load__.zeek similarity index 100% rename from scripts/base/protocols/ssh/__load__.bro rename to scripts/base/protocols/ssh/__load__.zeek diff --git a/scripts/base/protocols/ssh/main.bro b/scripts/base/protocols/ssh/main.zeek similarity index 100% rename from scripts/base/protocols/ssh/main.bro rename to scripts/base/protocols/ssh/main.zeek diff --git a/scripts/base/protocols/ssl/__load__.bro b/scripts/base/protocols/ssl/__load__.zeek similarity index 100% rename from scripts/base/protocols/ssl/__load__.bro rename to scripts/base/protocols/ssl/__load__.zeek diff --git a/scripts/base/protocols/ssl/consts.bro b/scripts/base/protocols/ssl/consts.zeek similarity index 100% rename from scripts/base/protocols/ssl/consts.bro rename to scripts/base/protocols/ssl/consts.zeek diff --git a/scripts/base/protocols/ssl/ct-list.bro b/scripts/base/protocols/ssl/ct-list.zeek similarity index 100% rename from scripts/base/protocols/ssl/ct-list.bro rename to scripts/base/protocols/ssl/ct-list.zeek diff --git a/scripts/base/protocols/ssl/files.bro b/scripts/base/protocols/ssl/files.zeek similarity index 100% rename from scripts/base/protocols/ssl/files.bro rename to scripts/base/protocols/ssl/files.zeek diff --git a/scripts/base/protocols/ssl/main.bro b/scripts/base/protocols/ssl/main.zeek similarity index 99% rename from scripts/base/protocols/ssl/main.bro rename to scripts/base/protocols/ssl/main.zeek index 8abb6e1d3f..73a8639891 100644 --- a/scripts/base/protocols/ssl/main.bro +++ b/scripts/base/protocols/ssl/main.zeek @@ -69,7 +69,7 @@ export { logged: bool &default=F; }; - ## The default root CA bundle. By default, the mozilla-ca-list.bro + ## The default root CA bundle. By default, the mozilla-ca-list.zeek ## script sets this to Mozilla's root CA list. const root_certs: table[string] of string = {} &redef; @@ -88,7 +88,7 @@ export { url: string; }; - ## The Certificate Transparency log bundle. By default, the ct-list.bro + ## The Certificate Transparency log bundle. By default, the ct-list.zeek ## script sets this to the current list of known logs. Entries ## are indexed by (binary) log-id. option ct_logs: table[string] of CTInfo = {}; diff --git a/scripts/base/protocols/ssl/mozilla-ca-list.bro b/scripts/base/protocols/ssl/mozilla-ca-list.zeek similarity index 100% rename from scripts/base/protocols/ssl/mozilla-ca-list.bro rename to scripts/base/protocols/ssl/mozilla-ca-list.zeek diff --git a/scripts/base/protocols/syslog/__load__.bro b/scripts/base/protocols/syslog/__load__.zeek similarity index 100% rename from scripts/base/protocols/syslog/__load__.bro rename to scripts/base/protocols/syslog/__load__.zeek diff --git a/scripts/base/protocols/syslog/consts.bro b/scripts/base/protocols/syslog/consts.zeek similarity index 100% rename from scripts/base/protocols/syslog/consts.bro rename to scripts/base/protocols/syslog/consts.zeek diff --git a/scripts/base/protocols/syslog/main.bro b/scripts/base/protocols/syslog/main.zeek similarity index 100% rename from scripts/base/protocols/syslog/main.bro rename to scripts/base/protocols/syslog/main.zeek diff --git a/scripts/base/protocols/tunnels/__load__.bro b/scripts/base/protocols/tunnels/__load__.zeek similarity index 100% rename from scripts/base/protocols/tunnels/__load__.bro rename to scripts/base/protocols/tunnels/__load__.zeek diff --git a/scripts/base/protocols/xmpp/__load__.bro b/scripts/base/protocols/xmpp/__load__.zeek similarity index 100% rename from scripts/base/protocols/xmpp/__load__.bro rename to scripts/base/protocols/xmpp/__load__.zeek diff --git a/scripts/base/protocols/xmpp/main.bro b/scripts/base/protocols/xmpp/main.zeek similarity index 100% rename from scripts/base/protocols/xmpp/main.bro rename to scripts/base/protocols/xmpp/main.zeek diff --git a/scripts/base/utils/active-http.bro b/scripts/base/utils/active-http.zeek similarity index 100% rename from scripts/base/utils/active-http.bro rename to scripts/base/utils/active-http.zeek diff --git a/scripts/base/utils/addrs.bro b/scripts/base/utils/addrs.zeek similarity index 100% rename from scripts/base/utils/addrs.bro rename to scripts/base/utils/addrs.zeek diff --git a/scripts/base/utils/conn-ids.bro b/scripts/base/utils/conn-ids.zeek similarity index 100% rename from scripts/base/utils/conn-ids.bro rename to scripts/base/utils/conn-ids.zeek diff --git a/scripts/base/utils/dir.bro b/scripts/base/utils/dir.zeek similarity index 100% rename from scripts/base/utils/dir.bro rename to scripts/base/utils/dir.zeek diff --git a/scripts/base/utils/directions-and-hosts.bro b/scripts/base/utils/directions-and-hosts.zeek similarity index 100% rename from scripts/base/utils/directions-and-hosts.bro rename to scripts/base/utils/directions-and-hosts.zeek diff --git a/scripts/base/utils/email.bro b/scripts/base/utils/email.zeek similarity index 100% rename from scripts/base/utils/email.bro rename to scripts/base/utils/email.zeek diff --git a/scripts/base/utils/exec.bro b/scripts/base/utils/exec.zeek similarity index 100% rename from scripts/base/utils/exec.bro rename to scripts/base/utils/exec.zeek diff --git a/scripts/base/utils/files.bro b/scripts/base/utils/files.zeek similarity index 100% rename from scripts/base/utils/files.bro rename to scripts/base/utils/files.zeek diff --git a/scripts/base/utils/geoip-distance.bro b/scripts/base/utils/geoip-distance.zeek similarity index 100% rename from scripts/base/utils/geoip-distance.bro rename to scripts/base/utils/geoip-distance.zeek diff --git a/scripts/base/utils/hash_hrw.bro b/scripts/base/utils/hash_hrw.zeek similarity index 100% rename from scripts/base/utils/hash_hrw.bro rename to scripts/base/utils/hash_hrw.zeek diff --git a/scripts/base/utils/json.bro b/scripts/base/utils/json.zeek similarity index 100% rename from scripts/base/utils/json.bro rename to scripts/base/utils/json.zeek diff --git a/scripts/base/utils/numbers.bro b/scripts/base/utils/numbers.zeek similarity index 100% rename from scripts/base/utils/numbers.bro rename to scripts/base/utils/numbers.zeek diff --git a/scripts/base/utils/paths.bro b/scripts/base/utils/paths.zeek similarity index 100% rename from scripts/base/utils/paths.bro rename to scripts/base/utils/paths.zeek diff --git a/scripts/base/utils/patterns.bro b/scripts/base/utils/patterns.zeek similarity index 100% rename from scripts/base/utils/patterns.bro rename to scripts/base/utils/patterns.zeek diff --git a/scripts/base/utils/queue.bro b/scripts/base/utils/queue.zeek similarity index 100% rename from scripts/base/utils/queue.bro rename to scripts/base/utils/queue.zeek diff --git a/scripts/base/utils/site.bro b/scripts/base/utils/site.zeek similarity index 100% rename from scripts/base/utils/site.bro rename to scripts/base/utils/site.zeek diff --git a/scripts/base/utils/strings.bro b/scripts/base/utils/strings.zeek similarity index 100% rename from scripts/base/utils/strings.bro rename to scripts/base/utils/strings.zeek diff --git a/scripts/base/utils/thresholds.bro b/scripts/base/utils/thresholds.zeek similarity index 100% rename from scripts/base/utils/thresholds.bro rename to scripts/base/utils/thresholds.zeek diff --git a/scripts/base/utils/time.bro b/scripts/base/utils/time.zeek similarity index 100% rename from scripts/base/utils/time.bro rename to scripts/base/utils/time.zeek diff --git a/scripts/base/utils/urls.bro b/scripts/base/utils/urls.zeek similarity index 100% rename from scripts/base/utils/urls.bro rename to scripts/base/utils/urls.zeek diff --git a/scripts/broxygen/__load__.bro b/scripts/broxygen/__load__.bro deleted file mode 100644 index 5d4ac5ea03..0000000000 --- a/scripts/broxygen/__load__.bro +++ /dev/null @@ -1,17 +0,0 @@ -@load test-all-policy.bro - -# Scripts which are commented out in test-all-policy.bro. -@load protocols/ssl/notary.bro -@load frameworks/control/controllee.bro -@load frameworks/control/controller.bro -@load frameworks/files/extract-all-files.bro -@load policy/misc/dump-events.bro -@load policy/protocols/dhcp/deprecated_events.bro -@load policy/protocols/smb/__load__.bro - -@load ./example.bro - -event bro_init() - { - terminate(); - } diff --git a/scripts/broxygen/__load__.zeek b/scripts/broxygen/__load__.zeek new file mode 100644 index 0000000000..51e119a2c6 --- /dev/null +++ b/scripts/broxygen/__load__.zeek @@ -0,0 +1,17 @@ +@load test-all-policy.zeek + +# Scripts which are commented out in test-all-policy.zeek. +@load protocols/ssl/notary.zeek +@load frameworks/control/controllee.zeek +@load frameworks/control/controller.zeek +@load frameworks/files/extract-all-files.zeek +@load policy/misc/dump-events.zeek +@load policy/protocols/dhcp/deprecated_events.zeek +@load policy/protocols/smb/__load__.zeek + +@load ./example.zeek + +event bro_init() + { + terminate(); + } diff --git a/scripts/broxygen/example.bro b/scripts/broxygen/example.zeek similarity index 100% rename from scripts/broxygen/example.bro rename to scripts/broxygen/example.zeek diff --git a/scripts/policy/files/x509/log-ocsp.bro b/scripts/policy/files/x509/log-ocsp.zeek similarity index 100% rename from scripts/policy/files/x509/log-ocsp.bro rename to scripts/policy/files/x509/log-ocsp.zeek diff --git a/scripts/policy/frameworks/control/controllee.bro b/scripts/policy/frameworks/control/controllee.zeek similarity index 100% rename from scripts/policy/frameworks/control/controllee.bro rename to scripts/policy/frameworks/control/controllee.zeek diff --git a/scripts/policy/frameworks/control/controller.bro b/scripts/policy/frameworks/control/controller.zeek similarity index 100% rename from scripts/policy/frameworks/control/controller.bro rename to scripts/policy/frameworks/control/controller.zeek diff --git a/scripts/policy/frameworks/dpd/detect-protocols.bro b/scripts/policy/frameworks/dpd/detect-protocols.zeek similarity index 100% rename from scripts/policy/frameworks/dpd/detect-protocols.bro rename to scripts/policy/frameworks/dpd/detect-protocols.zeek diff --git a/scripts/policy/frameworks/dpd/packet-segment-logging.bro b/scripts/policy/frameworks/dpd/packet-segment-logging.zeek similarity index 100% rename from scripts/policy/frameworks/dpd/packet-segment-logging.bro rename to scripts/policy/frameworks/dpd/packet-segment-logging.zeek diff --git a/scripts/policy/frameworks/files/detect-MHR.bro b/scripts/policy/frameworks/files/detect-MHR.zeek similarity index 100% rename from scripts/policy/frameworks/files/detect-MHR.bro rename to scripts/policy/frameworks/files/detect-MHR.zeek diff --git a/scripts/policy/frameworks/files/entropy-test-all-files.bro b/scripts/policy/frameworks/files/entropy-test-all-files.zeek similarity index 100% rename from scripts/policy/frameworks/files/entropy-test-all-files.bro rename to scripts/policy/frameworks/files/entropy-test-all-files.zeek diff --git a/scripts/policy/frameworks/files/extract-all-files.bro b/scripts/policy/frameworks/files/extract-all-files.zeek similarity index 100% rename from scripts/policy/frameworks/files/extract-all-files.bro rename to scripts/policy/frameworks/files/extract-all-files.zeek diff --git a/scripts/policy/frameworks/files/hash-all-files.bro b/scripts/policy/frameworks/files/hash-all-files.zeek similarity index 100% rename from scripts/policy/frameworks/files/hash-all-files.bro rename to scripts/policy/frameworks/files/hash-all-files.zeek diff --git a/scripts/policy/frameworks/intel/do_expire.bro b/scripts/policy/frameworks/intel/do_expire.zeek similarity index 100% rename from scripts/policy/frameworks/intel/do_expire.bro rename to scripts/policy/frameworks/intel/do_expire.zeek diff --git a/scripts/policy/frameworks/intel/do_notice.bro b/scripts/policy/frameworks/intel/do_notice.zeek similarity index 100% rename from scripts/policy/frameworks/intel/do_notice.bro rename to scripts/policy/frameworks/intel/do_notice.zeek diff --git a/scripts/policy/frameworks/intel/removal.bro b/scripts/policy/frameworks/intel/removal.zeek similarity index 100% rename from scripts/policy/frameworks/intel/removal.bro rename to scripts/policy/frameworks/intel/removal.zeek diff --git a/scripts/policy/frameworks/intel/seen/__load__.bro b/scripts/policy/frameworks/intel/seen/__load__.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/__load__.bro rename to scripts/policy/frameworks/intel/seen/__load__.zeek diff --git a/scripts/policy/frameworks/intel/seen/conn-established.bro b/scripts/policy/frameworks/intel/seen/conn-established.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/conn-established.bro rename to scripts/policy/frameworks/intel/seen/conn-established.zeek diff --git a/scripts/policy/frameworks/intel/seen/dns.bro b/scripts/policy/frameworks/intel/seen/dns.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/dns.bro rename to scripts/policy/frameworks/intel/seen/dns.zeek diff --git a/scripts/policy/frameworks/intel/seen/file-hashes.bro b/scripts/policy/frameworks/intel/seen/file-hashes.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/file-hashes.bro rename to scripts/policy/frameworks/intel/seen/file-hashes.zeek diff --git a/scripts/policy/frameworks/intel/seen/file-names.bro b/scripts/policy/frameworks/intel/seen/file-names.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/file-names.bro rename to scripts/policy/frameworks/intel/seen/file-names.zeek diff --git a/scripts/policy/frameworks/intel/seen/http-headers.bro b/scripts/policy/frameworks/intel/seen/http-headers.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/http-headers.bro rename to scripts/policy/frameworks/intel/seen/http-headers.zeek diff --git a/scripts/policy/frameworks/intel/seen/http-url.bro b/scripts/policy/frameworks/intel/seen/http-url.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/http-url.bro rename to scripts/policy/frameworks/intel/seen/http-url.zeek diff --git a/scripts/policy/frameworks/intel/seen/pubkey-hashes.bro b/scripts/policy/frameworks/intel/seen/pubkey-hashes.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/pubkey-hashes.bro rename to scripts/policy/frameworks/intel/seen/pubkey-hashes.zeek diff --git a/scripts/policy/frameworks/intel/seen/smb-filenames.bro b/scripts/policy/frameworks/intel/seen/smb-filenames.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/smb-filenames.bro rename to scripts/policy/frameworks/intel/seen/smb-filenames.zeek diff --git a/scripts/policy/frameworks/intel/seen/smtp-url-extraction.bro b/scripts/policy/frameworks/intel/seen/smtp-url-extraction.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/smtp-url-extraction.bro rename to scripts/policy/frameworks/intel/seen/smtp-url-extraction.zeek diff --git a/scripts/policy/frameworks/intel/seen/smtp.bro b/scripts/policy/frameworks/intel/seen/smtp.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/smtp.bro rename to scripts/policy/frameworks/intel/seen/smtp.zeek diff --git a/scripts/policy/frameworks/intel/seen/ssl.bro b/scripts/policy/frameworks/intel/seen/ssl.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/ssl.bro rename to scripts/policy/frameworks/intel/seen/ssl.zeek diff --git a/scripts/policy/frameworks/intel/seen/where-locations.bro b/scripts/policy/frameworks/intel/seen/where-locations.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/where-locations.bro rename to scripts/policy/frameworks/intel/seen/where-locations.zeek diff --git a/scripts/policy/frameworks/intel/seen/x509.bro b/scripts/policy/frameworks/intel/seen/x509.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/x509.bro rename to scripts/policy/frameworks/intel/seen/x509.zeek diff --git a/scripts/policy/frameworks/intel/whitelist.bro b/scripts/policy/frameworks/intel/whitelist.zeek similarity index 100% rename from scripts/policy/frameworks/intel/whitelist.bro rename to scripts/policy/frameworks/intel/whitelist.zeek diff --git a/scripts/policy/frameworks/notice/__load__.bro b/scripts/policy/frameworks/notice/__load__.zeek similarity index 100% rename from scripts/policy/frameworks/notice/__load__.bro rename to scripts/policy/frameworks/notice/__load__.zeek diff --git a/scripts/policy/frameworks/notice/extend-email/hostnames.bro b/scripts/policy/frameworks/notice/extend-email/hostnames.zeek similarity index 100% rename from scripts/policy/frameworks/notice/extend-email/hostnames.bro rename to scripts/policy/frameworks/notice/extend-email/hostnames.zeek diff --git a/scripts/policy/frameworks/packet-filter/shunt.bro b/scripts/policy/frameworks/packet-filter/shunt.zeek similarity index 100% rename from scripts/policy/frameworks/packet-filter/shunt.bro rename to scripts/policy/frameworks/packet-filter/shunt.zeek diff --git a/scripts/policy/frameworks/software/version-changes.bro b/scripts/policy/frameworks/software/version-changes.zeek similarity index 100% rename from scripts/policy/frameworks/software/version-changes.bro rename to scripts/policy/frameworks/software/version-changes.zeek diff --git a/scripts/policy/frameworks/software/vulnerable.bro b/scripts/policy/frameworks/software/vulnerable.zeek similarity index 100% rename from scripts/policy/frameworks/software/vulnerable.bro rename to scripts/policy/frameworks/software/vulnerable.zeek diff --git a/scripts/policy/frameworks/software/windows-version-detection.bro b/scripts/policy/frameworks/software/windows-version-detection.zeek similarity index 100% rename from scripts/policy/frameworks/software/windows-version-detection.bro rename to scripts/policy/frameworks/software/windows-version-detection.zeek diff --git a/scripts/policy/integration/barnyard2/__load__.bro b/scripts/policy/integration/barnyard2/__load__.zeek similarity index 100% rename from scripts/policy/integration/barnyard2/__load__.bro rename to scripts/policy/integration/barnyard2/__load__.zeek diff --git a/scripts/policy/integration/barnyard2/main.bro b/scripts/policy/integration/barnyard2/main.zeek similarity index 100% rename from scripts/policy/integration/barnyard2/main.bro rename to scripts/policy/integration/barnyard2/main.zeek diff --git a/scripts/policy/integration/barnyard2/types.bro b/scripts/policy/integration/barnyard2/types.zeek similarity index 100% rename from scripts/policy/integration/barnyard2/types.bro rename to scripts/policy/integration/barnyard2/types.zeek diff --git a/scripts/policy/integration/collective-intel/__load__.bro b/scripts/policy/integration/collective-intel/__load__.zeek similarity index 100% rename from scripts/policy/integration/collective-intel/__load__.bro rename to scripts/policy/integration/collective-intel/__load__.zeek diff --git a/scripts/policy/integration/collective-intel/main.bro b/scripts/policy/integration/collective-intel/main.zeek similarity index 100% rename from scripts/policy/integration/collective-intel/main.bro rename to scripts/policy/integration/collective-intel/main.zeek diff --git a/scripts/policy/misc/capture-loss.bro b/scripts/policy/misc/capture-loss.zeek similarity index 100% rename from scripts/policy/misc/capture-loss.bro rename to scripts/policy/misc/capture-loss.zeek diff --git a/scripts/policy/misc/detect-traceroute/__load__.bro b/scripts/policy/misc/detect-traceroute/__load__.zeek similarity index 100% rename from scripts/policy/misc/detect-traceroute/__load__.bro rename to scripts/policy/misc/detect-traceroute/__load__.zeek diff --git a/scripts/policy/misc/detect-traceroute/main.bro b/scripts/policy/misc/detect-traceroute/main.zeek similarity index 100% rename from scripts/policy/misc/detect-traceroute/main.bro rename to scripts/policy/misc/detect-traceroute/main.zeek diff --git a/scripts/policy/misc/dump-events.bro b/scripts/policy/misc/dump-events.zeek similarity index 100% rename from scripts/policy/misc/dump-events.bro rename to scripts/policy/misc/dump-events.zeek diff --git a/scripts/policy/misc/load-balancing.bro b/scripts/policy/misc/load-balancing.zeek similarity index 100% rename from scripts/policy/misc/load-balancing.bro rename to scripts/policy/misc/load-balancing.zeek diff --git a/scripts/policy/misc/loaded-scripts.bro b/scripts/policy/misc/loaded-scripts.zeek similarity index 100% rename from scripts/policy/misc/loaded-scripts.bro rename to scripts/policy/misc/loaded-scripts.zeek diff --git a/scripts/policy/misc/profiling.bro b/scripts/policy/misc/profiling.zeek similarity index 100% rename from scripts/policy/misc/profiling.bro rename to scripts/policy/misc/profiling.zeek diff --git a/scripts/policy/misc/scan.bro b/scripts/policy/misc/scan.zeek similarity index 100% rename from scripts/policy/misc/scan.bro rename to scripts/policy/misc/scan.zeek diff --git a/scripts/policy/misc/stats.bro b/scripts/policy/misc/stats.zeek similarity index 100% rename from scripts/policy/misc/stats.bro rename to scripts/policy/misc/stats.zeek diff --git a/scripts/policy/misc/trim-trace-file.bro b/scripts/policy/misc/trim-trace-file.zeek similarity index 100% rename from scripts/policy/misc/trim-trace-file.bro rename to scripts/policy/misc/trim-trace-file.zeek diff --git a/scripts/policy/misc/weird-stats.bro b/scripts/policy/misc/weird-stats.zeek similarity index 100% rename from scripts/policy/misc/weird-stats.bro rename to scripts/policy/misc/weird-stats.zeek diff --git a/scripts/policy/protocols/conn/known-hosts.bro b/scripts/policy/protocols/conn/known-hosts.zeek similarity index 100% rename from scripts/policy/protocols/conn/known-hosts.bro rename to scripts/policy/protocols/conn/known-hosts.zeek diff --git a/scripts/policy/protocols/conn/known-services.bro b/scripts/policy/protocols/conn/known-services.zeek similarity index 100% rename from scripts/policy/protocols/conn/known-services.bro rename to scripts/policy/protocols/conn/known-services.zeek diff --git a/scripts/policy/protocols/conn/mac-logging.bro b/scripts/policy/protocols/conn/mac-logging.zeek similarity index 100% rename from scripts/policy/protocols/conn/mac-logging.bro rename to scripts/policy/protocols/conn/mac-logging.zeek diff --git a/scripts/policy/protocols/conn/vlan-logging.bro b/scripts/policy/protocols/conn/vlan-logging.zeek similarity index 100% rename from scripts/policy/protocols/conn/vlan-logging.bro rename to scripts/policy/protocols/conn/vlan-logging.zeek diff --git a/scripts/policy/protocols/conn/weirds.bro b/scripts/policy/protocols/conn/weirds.zeek similarity index 100% rename from scripts/policy/protocols/conn/weirds.bro rename to scripts/policy/protocols/conn/weirds.zeek diff --git a/scripts/policy/protocols/dhcp/deprecated_events.bro b/scripts/policy/protocols/dhcp/deprecated_events.zeek similarity index 100% rename from scripts/policy/protocols/dhcp/deprecated_events.bro rename to scripts/policy/protocols/dhcp/deprecated_events.zeek diff --git a/scripts/policy/protocols/dhcp/msg-orig.bro b/scripts/policy/protocols/dhcp/msg-orig.zeek similarity index 100% rename from scripts/policy/protocols/dhcp/msg-orig.bro rename to scripts/policy/protocols/dhcp/msg-orig.zeek diff --git a/scripts/policy/protocols/dhcp/software.bro b/scripts/policy/protocols/dhcp/software.zeek similarity index 100% rename from scripts/policy/protocols/dhcp/software.bro rename to scripts/policy/protocols/dhcp/software.zeek diff --git a/scripts/policy/protocols/dhcp/sub-opts.bro b/scripts/policy/protocols/dhcp/sub-opts.zeek similarity index 100% rename from scripts/policy/protocols/dhcp/sub-opts.bro rename to scripts/policy/protocols/dhcp/sub-opts.zeek diff --git a/scripts/policy/protocols/dns/auth-addl.bro b/scripts/policy/protocols/dns/auth-addl.zeek similarity index 100% rename from scripts/policy/protocols/dns/auth-addl.bro rename to scripts/policy/protocols/dns/auth-addl.zeek diff --git a/scripts/policy/protocols/dns/detect-external-names.bro b/scripts/policy/protocols/dns/detect-external-names.zeek similarity index 100% rename from scripts/policy/protocols/dns/detect-external-names.bro rename to scripts/policy/protocols/dns/detect-external-names.zeek diff --git a/scripts/policy/protocols/ftp/detect-bruteforcing.bro b/scripts/policy/protocols/ftp/detect-bruteforcing.zeek similarity index 100% rename from scripts/policy/protocols/ftp/detect-bruteforcing.bro rename to scripts/policy/protocols/ftp/detect-bruteforcing.zeek diff --git a/scripts/policy/protocols/ftp/detect.bro b/scripts/policy/protocols/ftp/detect.zeek similarity index 100% rename from scripts/policy/protocols/ftp/detect.bro rename to scripts/policy/protocols/ftp/detect.zeek diff --git a/scripts/policy/protocols/ftp/software.bro b/scripts/policy/protocols/ftp/software.zeek similarity index 100% rename from scripts/policy/protocols/ftp/software.bro rename to scripts/policy/protocols/ftp/software.zeek diff --git a/scripts/policy/protocols/http/detect-sqli.bro b/scripts/policy/protocols/http/detect-sqli.zeek similarity index 100% rename from scripts/policy/protocols/http/detect-sqli.bro rename to scripts/policy/protocols/http/detect-sqli.zeek diff --git a/scripts/policy/protocols/http/detect-webapps.bro b/scripts/policy/protocols/http/detect-webapps.zeek similarity index 100% rename from scripts/policy/protocols/http/detect-webapps.bro rename to scripts/policy/protocols/http/detect-webapps.zeek diff --git a/scripts/policy/protocols/http/header-names.bro b/scripts/policy/protocols/http/header-names.zeek similarity index 100% rename from scripts/policy/protocols/http/header-names.bro rename to scripts/policy/protocols/http/header-names.zeek diff --git a/scripts/policy/protocols/http/software-browser-plugins.bro b/scripts/policy/protocols/http/software-browser-plugins.zeek similarity index 100% rename from scripts/policy/protocols/http/software-browser-plugins.bro rename to scripts/policy/protocols/http/software-browser-plugins.zeek diff --git a/scripts/policy/protocols/http/software.bro b/scripts/policy/protocols/http/software.zeek similarity index 100% rename from scripts/policy/protocols/http/software.bro rename to scripts/policy/protocols/http/software.zeek diff --git a/scripts/policy/protocols/http/var-extraction-cookies.bro b/scripts/policy/protocols/http/var-extraction-cookies.zeek similarity index 100% rename from scripts/policy/protocols/http/var-extraction-cookies.bro rename to scripts/policy/protocols/http/var-extraction-cookies.zeek diff --git a/scripts/policy/protocols/http/var-extraction-uri.bro b/scripts/policy/protocols/http/var-extraction-uri.zeek similarity index 100% rename from scripts/policy/protocols/http/var-extraction-uri.bro rename to scripts/policy/protocols/http/var-extraction-uri.zeek diff --git a/scripts/policy/protocols/krb/ticket-logging.bro b/scripts/policy/protocols/krb/ticket-logging.zeek similarity index 100% rename from scripts/policy/protocols/krb/ticket-logging.bro rename to scripts/policy/protocols/krb/ticket-logging.zeek diff --git a/scripts/policy/protocols/modbus/known-masters-slaves.bro b/scripts/policy/protocols/modbus/known-masters-slaves.zeek similarity index 100% rename from scripts/policy/protocols/modbus/known-masters-slaves.bro rename to scripts/policy/protocols/modbus/known-masters-slaves.zeek diff --git a/scripts/policy/protocols/modbus/track-memmap.bro b/scripts/policy/protocols/modbus/track-memmap.zeek similarity index 100% rename from scripts/policy/protocols/modbus/track-memmap.bro rename to scripts/policy/protocols/modbus/track-memmap.zeek diff --git a/scripts/policy/protocols/mysql/software.bro b/scripts/policy/protocols/mysql/software.zeek similarity index 100% rename from scripts/policy/protocols/mysql/software.bro rename to scripts/policy/protocols/mysql/software.zeek diff --git a/scripts/policy/protocols/rdp/indicate_ssl.bro b/scripts/policy/protocols/rdp/indicate_ssl.zeek similarity index 100% rename from scripts/policy/protocols/rdp/indicate_ssl.bro rename to scripts/policy/protocols/rdp/indicate_ssl.zeek diff --git a/scripts/policy/protocols/smb/__load__.bro b/scripts/policy/protocols/smb/__load__.zeek similarity index 100% rename from scripts/policy/protocols/smb/__load__.bro rename to scripts/policy/protocols/smb/__load__.zeek diff --git a/scripts/policy/protocols/smb/log-cmds.bro b/scripts/policy/protocols/smb/log-cmds.zeek similarity index 100% rename from scripts/policy/protocols/smb/log-cmds.bro rename to scripts/policy/protocols/smb/log-cmds.zeek diff --git a/scripts/policy/protocols/smtp/blocklists.bro b/scripts/policy/protocols/smtp/blocklists.zeek similarity index 100% rename from scripts/policy/protocols/smtp/blocklists.bro rename to scripts/policy/protocols/smtp/blocklists.zeek diff --git a/scripts/policy/protocols/smtp/detect-suspicious-orig.bro b/scripts/policy/protocols/smtp/detect-suspicious-orig.zeek similarity index 100% rename from scripts/policy/protocols/smtp/detect-suspicious-orig.bro rename to scripts/policy/protocols/smtp/detect-suspicious-orig.zeek diff --git a/scripts/policy/protocols/smtp/entities-excerpt.bro b/scripts/policy/protocols/smtp/entities-excerpt.zeek similarity index 100% rename from scripts/policy/protocols/smtp/entities-excerpt.bro rename to scripts/policy/protocols/smtp/entities-excerpt.zeek diff --git a/scripts/policy/protocols/smtp/software.bro b/scripts/policy/protocols/smtp/software.zeek similarity index 100% rename from scripts/policy/protocols/smtp/software.bro rename to scripts/policy/protocols/smtp/software.zeek diff --git a/scripts/policy/protocols/ssh/detect-bruteforcing.bro b/scripts/policy/protocols/ssh/detect-bruteforcing.zeek similarity index 100% rename from scripts/policy/protocols/ssh/detect-bruteforcing.bro rename to scripts/policy/protocols/ssh/detect-bruteforcing.zeek diff --git a/scripts/policy/protocols/ssh/geo-data.bro b/scripts/policy/protocols/ssh/geo-data.zeek similarity index 100% rename from scripts/policy/protocols/ssh/geo-data.bro rename to scripts/policy/protocols/ssh/geo-data.zeek diff --git a/scripts/policy/protocols/ssh/interesting-hostnames.bro b/scripts/policy/protocols/ssh/interesting-hostnames.zeek similarity index 100% rename from scripts/policy/protocols/ssh/interesting-hostnames.bro rename to scripts/policy/protocols/ssh/interesting-hostnames.zeek diff --git a/scripts/policy/protocols/ssh/software.bro b/scripts/policy/protocols/ssh/software.zeek similarity index 100% rename from scripts/policy/protocols/ssh/software.bro rename to scripts/policy/protocols/ssh/software.zeek diff --git a/scripts/policy/protocols/ssl/expiring-certs.bro b/scripts/policy/protocols/ssl/expiring-certs.zeek similarity index 100% rename from scripts/policy/protocols/ssl/expiring-certs.bro rename to scripts/policy/protocols/ssl/expiring-certs.zeek diff --git a/scripts/policy/protocols/ssl/extract-certs-pem.bro b/scripts/policy/protocols/ssl/extract-certs-pem.zeek similarity index 100% rename from scripts/policy/protocols/ssl/extract-certs-pem.bro rename to scripts/policy/protocols/ssl/extract-certs-pem.zeek diff --git a/scripts/policy/protocols/ssl/heartbleed.bro b/scripts/policy/protocols/ssl/heartbleed.zeek similarity index 100% rename from scripts/policy/protocols/ssl/heartbleed.bro rename to scripts/policy/protocols/ssl/heartbleed.zeek diff --git a/scripts/policy/protocols/ssl/known-certs.bro b/scripts/policy/protocols/ssl/known-certs.zeek similarity index 100% rename from scripts/policy/protocols/ssl/known-certs.bro rename to scripts/policy/protocols/ssl/known-certs.zeek diff --git a/scripts/policy/protocols/ssl/log-hostcerts-only.bro b/scripts/policy/protocols/ssl/log-hostcerts-only.zeek similarity index 100% rename from scripts/policy/protocols/ssl/log-hostcerts-only.bro rename to scripts/policy/protocols/ssl/log-hostcerts-only.zeek diff --git a/scripts/policy/protocols/ssl/notary.bro b/scripts/policy/protocols/ssl/notary.zeek similarity index 100% rename from scripts/policy/protocols/ssl/notary.bro rename to scripts/policy/protocols/ssl/notary.zeek diff --git a/scripts/policy/protocols/ssl/validate-certs.bro b/scripts/policy/protocols/ssl/validate-certs.zeek similarity index 100% rename from scripts/policy/protocols/ssl/validate-certs.bro rename to scripts/policy/protocols/ssl/validate-certs.zeek diff --git a/scripts/policy/protocols/ssl/validate-ocsp.bro b/scripts/policy/protocols/ssl/validate-ocsp.zeek similarity index 100% rename from scripts/policy/protocols/ssl/validate-ocsp.bro rename to scripts/policy/protocols/ssl/validate-ocsp.zeek diff --git a/scripts/policy/protocols/ssl/validate-sct.bro b/scripts/policy/protocols/ssl/validate-sct.zeek similarity index 100% rename from scripts/policy/protocols/ssl/validate-sct.bro rename to scripts/policy/protocols/ssl/validate-sct.zeek diff --git a/scripts/policy/protocols/ssl/weak-keys.bro b/scripts/policy/protocols/ssl/weak-keys.zeek similarity index 100% rename from scripts/policy/protocols/ssl/weak-keys.bro rename to scripts/policy/protocols/ssl/weak-keys.zeek diff --git a/scripts/policy/tuning/__load__.bro b/scripts/policy/tuning/__load__.zeek similarity index 100% rename from scripts/policy/tuning/__load__.bro rename to scripts/policy/tuning/__load__.zeek diff --git a/scripts/policy/tuning/defaults/__load__.bro b/scripts/policy/tuning/defaults/__load__.zeek similarity index 100% rename from scripts/policy/tuning/defaults/__load__.bro rename to scripts/policy/tuning/defaults/__load__.zeek diff --git a/scripts/policy/tuning/defaults/extracted_file_limits.bro b/scripts/policy/tuning/defaults/extracted_file_limits.zeek similarity index 100% rename from scripts/policy/tuning/defaults/extracted_file_limits.bro rename to scripts/policy/tuning/defaults/extracted_file_limits.zeek diff --git a/scripts/policy/tuning/defaults/packet-fragments.bro b/scripts/policy/tuning/defaults/packet-fragments.zeek similarity index 100% rename from scripts/policy/tuning/defaults/packet-fragments.bro rename to scripts/policy/tuning/defaults/packet-fragments.zeek diff --git a/scripts/policy/tuning/defaults/warnings.bro b/scripts/policy/tuning/defaults/warnings.zeek similarity index 100% rename from scripts/policy/tuning/defaults/warnings.bro rename to scripts/policy/tuning/defaults/warnings.zeek diff --git a/scripts/policy/tuning/json-logs.bro b/scripts/policy/tuning/json-logs.zeek similarity index 100% rename from scripts/policy/tuning/json-logs.bro rename to scripts/policy/tuning/json-logs.zeek diff --git a/scripts/policy/tuning/track-all-assets.bro b/scripts/policy/tuning/track-all-assets.zeek similarity index 100% rename from scripts/policy/tuning/track-all-assets.bro rename to scripts/policy/tuning/track-all-assets.zeek diff --git a/scripts/site/local.bro b/scripts/site/local.zeek similarity index 100% rename from scripts/site/local.bro rename to scripts/site/local.zeek diff --git a/scripts/test-all-policy.bro b/scripts/test-all-policy.bro deleted file mode 100644 index be2efbbc19..0000000000 --- a/scripts/test-all-policy.bro +++ /dev/null @@ -1,113 +0,0 @@ -# This file loads ALL policy scripts that are part of the Bro distribution. -# -# This is rarely makes sense, and is for testing only. -# -# Note that we have a unit test that makes sure that all policy files shipped are -# actually loaded here. If we have files that are part of the distribution yet -# can't be loaded here, these must still be listed here with their load command -# commented out. - -# The base/ scripts are all loaded by default and not included here. - -# @load frameworks/control/controllee.bro -# @load frameworks/control/controller.bro -@load frameworks/dpd/detect-protocols.bro -@load frameworks/dpd/packet-segment-logging.bro -@load frameworks/intel/do_notice.bro -@load frameworks/intel/do_expire.bro -@load frameworks/intel/whitelist.bro -@load frameworks/intel/removal.bro -@load frameworks/intel/seen/__load__.bro -@load frameworks/intel/seen/conn-established.bro -@load frameworks/intel/seen/dns.bro -@load frameworks/intel/seen/file-hashes.bro -@load frameworks/intel/seen/file-names.bro -@load frameworks/intel/seen/http-headers.bro -@load frameworks/intel/seen/http-url.bro -@load frameworks/intel/seen/pubkey-hashes.bro -@load frameworks/intel/seen/smb-filenames.bro -@load frameworks/intel/seen/smtp-url-extraction.bro -@load frameworks/intel/seen/smtp.bro -@load frameworks/intel/seen/ssl.bro -@load frameworks/intel/seen/where-locations.bro -@load frameworks/intel/seen/x509.bro -@load frameworks/files/detect-MHR.bro -@load frameworks/files/entropy-test-all-files.bro -#@load frameworks/files/extract-all-files.bro -@load frameworks/files/hash-all-files.bro -@load frameworks/notice/__load__.bro -@load frameworks/notice/extend-email/hostnames.bro -@load files/x509/log-ocsp.bro -@load frameworks/packet-filter/shunt.bro -@load frameworks/software/version-changes.bro -@load frameworks/software/vulnerable.bro -@load frameworks/software/windows-version-detection.bro -@load integration/barnyard2/__load__.bro -@load integration/barnyard2/main.bro -@load integration/barnyard2/types.bro -@load integration/collective-intel/__load__.bro -@load integration/collective-intel/main.bro -@load misc/capture-loss.bro -@load misc/detect-traceroute/__load__.bro -@load misc/detect-traceroute/main.bro -# @load misc/dump-events.bro -@load misc/load-balancing.bro -@load misc/loaded-scripts.bro -@load misc/profiling.bro -@load misc/scan.bro -@load misc/stats.bro -@load misc/weird-stats.bro -@load misc/trim-trace-file.bro -@load protocols/conn/known-hosts.bro -@load protocols/conn/known-services.bro -@load protocols/conn/mac-logging.bro -@load protocols/conn/vlan-logging.bro -@load protocols/conn/weirds.bro -#@load protocols/dhcp/deprecated_events.bro -@load protocols/dhcp/msg-orig.bro -@load protocols/dhcp/software.bro -@load protocols/dhcp/sub-opts.bro -@load protocols/dns/auth-addl.bro -@load protocols/dns/detect-external-names.bro -@load protocols/ftp/detect-bruteforcing.bro -@load protocols/ftp/detect.bro -@load protocols/ftp/software.bro -@load protocols/http/detect-sqli.bro -@load protocols/http/detect-webapps.bro -@load protocols/http/header-names.bro -@load protocols/http/software-browser-plugins.bro -@load protocols/http/software.bro -@load protocols/http/var-extraction-cookies.bro -@load protocols/http/var-extraction-uri.bro -@load protocols/krb/ticket-logging.bro -@load protocols/modbus/known-masters-slaves.bro -@load protocols/modbus/track-memmap.bro -@load protocols/mysql/software.bro -@load protocols/rdp/indicate_ssl.bro -#@load protocols/smb/__load__.bro -@load protocols/smb/log-cmds.bro -@load protocols/smtp/blocklists.bro -@load protocols/smtp/detect-suspicious-orig.bro -@load protocols/smtp/entities-excerpt.bro -@load protocols/smtp/software.bro -@load protocols/ssh/detect-bruteforcing.bro -@load protocols/ssh/geo-data.bro -@load protocols/ssh/interesting-hostnames.bro -@load protocols/ssh/software.bro -@load protocols/ssl/expiring-certs.bro -@load protocols/ssl/extract-certs-pem.bro -@load protocols/ssl/heartbleed.bro -@load protocols/ssl/known-certs.bro -@load protocols/ssl/log-hostcerts-only.bro -#@load protocols/ssl/notary.bro -@load protocols/ssl/validate-certs.bro -@load protocols/ssl/validate-ocsp.bro -@load protocols/ssl/validate-sct.bro -@load protocols/ssl/weak-keys.bro -@load tuning/__load__.bro -@load tuning/defaults/__load__.bro -@load tuning/defaults/extracted_file_limits.bro -@load tuning/defaults/packet-fragments.bro -@load tuning/defaults/warnings.bro -@load tuning/json-logs.bro -@load tuning/track-all-assets.bro diff --git a/scripts/test-all-policy.zeek b/scripts/test-all-policy.zeek new file mode 100644 index 0000000000..26408b6d44 --- /dev/null +++ b/scripts/test-all-policy.zeek @@ -0,0 +1,113 @@ +# This file loads ALL policy scripts that are part of the Bro distribution. +# +# This is rarely makes sense, and is for testing only. +# +# Note that we have a unit test that makes sure that all policy files shipped are +# actually loaded here. If we have files that are part of the distribution yet +# can't be loaded here, these must still be listed here with their load command +# commented out. + +# The base/ scripts are all loaded by default and not included here. + +# @load frameworks/control/controllee.zeek +# @load frameworks/control/controller.zeek +@load frameworks/dpd/detect-protocols.zeek +@load frameworks/dpd/packet-segment-logging.zeek +@load frameworks/intel/do_notice.zeek +@load frameworks/intel/do_expire.zeek +@load frameworks/intel/whitelist.zeek +@load frameworks/intel/removal.zeek +@load frameworks/intel/seen/__load__.zeek +@load frameworks/intel/seen/conn-established.zeek +@load frameworks/intel/seen/dns.zeek +@load frameworks/intel/seen/file-hashes.zeek +@load frameworks/intel/seen/file-names.zeek +@load frameworks/intel/seen/http-headers.zeek +@load frameworks/intel/seen/http-url.zeek +@load frameworks/intel/seen/pubkey-hashes.zeek +@load frameworks/intel/seen/smb-filenames.zeek +@load frameworks/intel/seen/smtp-url-extraction.zeek +@load frameworks/intel/seen/smtp.zeek +@load frameworks/intel/seen/ssl.zeek +@load frameworks/intel/seen/where-locations.zeek +@load frameworks/intel/seen/x509.zeek +@load frameworks/files/detect-MHR.zeek +@load frameworks/files/entropy-test-all-files.zeek +#@load frameworks/files/extract-all-files.zeek +@load frameworks/files/hash-all-files.zeek +@load frameworks/notice/__load__.zeek +@load frameworks/notice/extend-email/hostnames.zeek +@load files/x509/log-ocsp.zeek +@load frameworks/packet-filter/shunt.zeek +@load frameworks/software/version-changes.zeek +@load frameworks/software/vulnerable.zeek +@load frameworks/software/windows-version-detection.zeek +@load integration/barnyard2/__load__.zeek +@load integration/barnyard2/main.zeek +@load integration/barnyard2/types.zeek +@load integration/collective-intel/__load__.zeek +@load integration/collective-intel/main.zeek +@load misc/capture-loss.zeek +@load misc/detect-traceroute/__load__.zeek +@load misc/detect-traceroute/main.zeek +# @load misc/dump-events.zeek +@load misc/load-balancing.zeek +@load misc/loaded-scripts.zeek +@load misc/profiling.zeek +@load misc/scan.zeek +@load misc/stats.zeek +@load misc/weird-stats.zeek +@load misc/trim-trace-file.zeek +@load protocols/conn/known-hosts.zeek +@load protocols/conn/known-services.zeek +@load protocols/conn/mac-logging.zeek +@load protocols/conn/vlan-logging.zeek +@load protocols/conn/weirds.zeek +#@load protocols/dhcp/deprecated_events.zeek +@load protocols/dhcp/msg-orig.zeek +@load protocols/dhcp/software.zeek +@load protocols/dhcp/sub-opts.zeek +@load protocols/dns/auth-addl.zeek +@load protocols/dns/detect-external-names.zeek +@load protocols/ftp/detect-bruteforcing.zeek +@load protocols/ftp/detect.zeek +@load protocols/ftp/software.zeek +@load protocols/http/detect-sqli.zeek +@load protocols/http/detect-webapps.zeek +@load protocols/http/header-names.zeek +@load protocols/http/software-browser-plugins.zeek +@load protocols/http/software.zeek +@load protocols/http/var-extraction-cookies.zeek +@load protocols/http/var-extraction-uri.zeek +@load protocols/krb/ticket-logging.zeek +@load protocols/modbus/known-masters-slaves.zeek +@load protocols/modbus/track-memmap.zeek +@load protocols/mysql/software.zeek +@load protocols/rdp/indicate_ssl.zeek +#@load protocols/smb/__load__.zeek +@load protocols/smb/log-cmds.zeek +@load protocols/smtp/blocklists.zeek +@load protocols/smtp/detect-suspicious-orig.zeek +@load protocols/smtp/entities-excerpt.zeek +@load protocols/smtp/software.zeek +@load protocols/ssh/detect-bruteforcing.zeek +@load protocols/ssh/geo-data.zeek +@load protocols/ssh/interesting-hostnames.zeek +@load protocols/ssh/software.zeek +@load protocols/ssl/expiring-certs.zeek +@load protocols/ssl/extract-certs-pem.zeek +@load protocols/ssl/heartbleed.zeek +@load protocols/ssl/known-certs.zeek +@load protocols/ssl/log-hostcerts-only.zeek +#@load protocols/ssl/notary.zeek +@load protocols/ssl/validate-certs.zeek +@load protocols/ssl/validate-ocsp.zeek +@load protocols/ssl/validate-sct.zeek +@load protocols/ssl/weak-keys.zeek +@load tuning/__load__.zeek +@load tuning/defaults/__load__.zeek +@load tuning/defaults/extracted_file_limits.zeek +@load tuning/defaults/packet-fragments.zeek +@load tuning/defaults/warnings.zeek +@load tuning/json-logs.zeek +@load tuning/track-all-assets.zeek diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index f3dfd42d85..35fb70f5de 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -385,17 +385,17 @@ add_dependencies(generate_outputs_stage2b generate_outputs_stage1) add_custom_target(generate_outputs) add_dependencies(generate_outputs generate_outputs_stage2a generate_outputs_stage2b) -# Build __load__.bro files for standard *.bif.bro. +# Build __load__.zeek files for standard *.bif.zeek. bro_bif_create_loader(bif_loader "${bro_BASE_BIF_SCRIPTS}") add_dependencies(bif_loader ${bro_SUBDIRS}) add_dependencies(bro bif_loader) -# Build __load__.bro files for plugins/*.bif.bro. +# Build __load__.zeek files for plugins/*.bif.zeek. bro_bif_create_loader(bif_loader_plugins "${bro_PLUGIN_BIF_SCRIPTS}") add_dependencies(bif_loader_plugins ${bro_SUBDIRS}) add_dependencies(bro bif_loader_plugins) -# Install *.bif.bro. +# Install *.bif.zeek. install(DIRECTORY ${CMAKE_BINARY_DIR}/scripts/base/bif DESTINATION ${BRO_SCRIPT_INSTALL_PATH}/base) # Create plugin directory at install time. diff --git a/src/Type.cc b/src/Type.cc index 77a5ac6d16..741f1cfc0f 100644 --- a/src/Type.cc +++ b/src/Type.cc @@ -1510,7 +1510,7 @@ void EnumType::CheckAndAddName(const string& module_name, const char* name, else { // We allow double-definitions if matching exactly. This is so that - // we can define an enum both in a *.bif and *.bro for avoiding + // we can define an enum both in a *.bif and *.zeek for avoiding // cyclic dependencies. string fullname = make_full_var_name(module_name.c_str(), name); if ( id->Name() != fullname diff --git a/src/broxygen/ScriptInfo.cc b/src/broxygen/ScriptInfo.cc index da6ba6b44a..7ecf212a44 100644 --- a/src/broxygen/ScriptInfo.cc +++ b/src/broxygen/ScriptInfo.cc @@ -253,12 +253,12 @@ void ScriptInfo::DoInitPostScript() // The following enum types are automatically created internally in Bro, // so just manually associating them with scripts for now. - if ( name == "base/frameworks/input/main.bro" ) + if ( name == "base/frameworks/input/main.zeek" ) { auto id = global_scope()->Lookup("Input::Reader"); types.push_back(new IdentifierInfo(id, this)); } - else if ( name == "base/frameworks/logging/main.bro" ) + else if ( name == "base/frameworks/logging/main.zeek" ) { auto id = global_scope()->Lookup("Log::Writer"); types.push_back(new IdentifierInfo(id, this)); diff --git a/src/broxygen/ScriptInfo.h b/src/broxygen/ScriptInfo.h index d7328ef7c8..dd43e15a4e 100644 --- a/src/broxygen/ScriptInfo.h +++ b/src/broxygen/ScriptInfo.h @@ -77,7 +77,7 @@ public: { redefs.insert(info); } /** - * @return Whether the script is a package loader (i.e. "__load__.bro"). + * @return Whether the script is a package loader (i.e. "__load__.zeek"). */ bool IsPkgLoader() const { return is_pkg_loader; } diff --git a/src/broxygen/Target.h b/src/broxygen/Target.h index 9a5a23107c..7f18697eaf 100644 --- a/src/broxygen/Target.h +++ b/src/broxygen/Target.h @@ -41,7 +41,7 @@ struct TargetFile { /** * A Broxygen target abstract base class. A target is generally any portion of * documentation that Bro can build. It's identified by a type (e.g. script, - * identifier, package), a pattern (e.g. "example.bro", "HTTP::Info"), and + * identifier, package), a pattern (e.g. "example.zeek", "HTTP::Info"), and * a path to an output file. */ class Target { diff --git a/src/broxygen/broxygen.bif b/src/broxygen/broxygen.bif index d1b3028edc..4b2f5653b2 100644 --- a/src/broxygen/broxygen.bif +++ b/src/broxygen/broxygen.bif @@ -35,7 +35,7 @@ function get_identifier_comments%(name: string%): string ## ## name: the name of a Bro script. It must be a relative path to where ## it is located within a particular component of BROPATH and use -## the same file name extension/suffix as the actual file (e.g. ".bro"). +## the same file name extension/suffix as the actual file (e.g. ".zeek"). ## ## Returns: summary comments associated with script with *name*. If ## *name* is not a known script, an empty string is returned. diff --git a/src/const.bif b/src/const.bif index 6d60ac707b..9da5950259 100644 --- a/src/const.bif +++ b/src/const.bif @@ -1,6 +1,6 @@ ##! Declaration of various scripting-layer constants that the Bro core uses ##! internally. Documentation and default values for the scripting-layer -##! variables themselves are found in :doc:`/scripts/base/init-bare.bro`. +##! variables themselves are found in :doc:`/scripts/base/init-bare.zeek`. const ignore_keep_alive_rexmit: bool; const skip_http_data: bool; diff --git a/src/main.cc b/src/main.cc index 473f3a72e7..782c49edde 100644 --- a/src/main.cc +++ b/src/main.cc @@ -823,11 +823,11 @@ int main(int argc, char** argv) broxygen_mgr = new broxygen::Manager(broxygen_config, bro_argv[0]); - add_essential_input_file("base/init-bare.bro"); - add_essential_input_file("base/init-frameworks-and-bifs.bro"); + add_essential_input_file("base/init-bare.zeek"); + add_essential_input_file("base/init-frameworks-and-bifs.zeek"); if ( ! bare_mode ) - add_input_file("base/init-default.bro"); + add_input_file("base/init-default.zeek"); plugin_mgr->SearchDynamicPlugins(bro_plugin_path()); diff --git a/src/plugin/Manager.cc b/src/plugin/Manager.cc index e098d955c1..47f7ba1ed9 100644 --- a/src/plugin/Manager.cc +++ b/src/plugin/Manager.cc @@ -185,7 +185,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_ string init; - // First load {scripts}/__preload__.bro automatically. + // First load {scripts}/__preload__.zeek automatically. for (const string& ext : script_extensions) { init = dir + "scripts/__preload__" + ext; @@ -198,7 +198,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_ } } - // Load {bif,scripts}/__load__.bro automatically. + // Load {bif,scripts}/__load__.zeek automatically. for (const string& ext : script_extensions) { init = dir + "lib/bif/__load__" + ext; diff --git a/src/reporter.bif b/src/reporter.bif index 4a58e2728b..038182574e 100644 --- a/src/reporter.bif +++ b/src/reporter.bif @@ -4,7 +4,7 @@ ##! If event handlers do exist, it's assumed they take care of determining ##! how/where to output the messages. ##! -##! See :doc:`/scripts/base/frameworks/reporter/main.bro` for a convenient +##! See :doc:`/scripts/base/frameworks/reporter/main.zeek` for a convenient ##! reporter message logging framework. module Reporter; diff --git a/src/scan.l b/src/scan.l index 4da18b125f..fb8ca20f8e 100644 --- a/src/scan.l +++ b/src/scan.l @@ -923,7 +923,7 @@ int yywrap() if ( ! did_builtin_init && file_stack.length() == 1 ) { // ### This is a gross hack - we know that the first file - // we parse is init-bare.bro, and after it it's safe to initialize + // we parse is init-bare.zeek, and after it it's safe to initialize // the built-ins. Furthermore, we want to initialize the // built-in's *right* after parsing bro.init, so that other // source files can use built-in's when initializing globals. @@ -961,7 +961,7 @@ int yywrap() // prefixed and flattened version of the loaded file in BROPATH. The // flattening involves taking the path in BROPATH in which the // scanned file lives and replacing '/' path separators with a '.' If - // the scanned file is "__load__.bro", that part of the flattened + // the scanned file is "__load__.zeek", that part of the flattened // file name is discarded. If the prefix is non-empty, it gets placed // in front of the flattened path, separated with another '.' std::list::iterator it; diff --git a/src/types.bif b/src/types.bif index babccb0f0d..79f5780f52 100644 --- a/src/types.bif +++ b/src/types.bif @@ -141,7 +141,7 @@ enum createmode_t %{ %} # Declare record types that we want to access from the event engine. These are -# defined in init-bare.bro. +# defined in init-bare.zeek. type info_t: record; type fattr_t: record; type sattr_t: record; diff --git a/src/util.h b/src/util.h index bd1566080f..b63b74a3f7 100644 --- a/src/util.h +++ b/src/util.h @@ -309,7 +309,7 @@ std::string implode_string_vector(const std::vector& v, /** * Flatten a script name by replacing '/' path separators with '.'. - * @param file A path to a Bro script. If it is a __load__.bro, that part + * @param file A path to a Bro script. If it is a __load__.zeek, that part * is discarded when constructing the flattened the name. * @param prefix A string to prepend to the flattened script name. * @return The flattened script name.