From 18bd74454bed939ad4e05909e0af60f8985e4825 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Thu, 11 Apr 2019 21:12:40 -0500 Subject: [PATCH] Rename all scripts to have ".zeek" file extension --- scripts/CMakeLists.txt | 8 +- .../extract/{__load__.bro => __load__.zeek} | 0 .../files/extract/{main.bro => main.zeek} | 0 .../hash/{__load__.bro => __load__.zeek} | 0 .../base/files/hash/{main.bro => main.zeek} | 0 .../files/pe/{__load__.bro => __load__.zeek} | 0 .../base/files/pe/{consts.bro => consts.zeek} | 0 scripts/base/files/pe/{main.bro => main.zeek} | 0 .../unified2/{__load__.bro => __load__.zeek} | 0 .../files/unified2/{main.bro => main.zeek} | 0 .../x509/{__load__.bro => __load__.zeek} | 0 .../base/files/x509/{main.bro => main.zeek} | 0 .../analyzer/{__load__.bro => __load__.zeek} | 0 .../analyzer/{main.bro => main.zeek} | 0 .../broker/{__load__.bro => __load__.zeek} | 0 .../frameworks/broker/{log.bro => log.zeek} | 0 .../frameworks/broker/{main.bro => main.zeek} | 0 .../broker/{store.bro => store.zeek} | 0 .../cluster/{__load__.bro => __load__.zeek} | 0 .../cluster/{main.bro => main.zeek} | 6 +- .../cluster/nodes/{logger.bro => logger.zeek} | 0 .../nodes/{manager.bro => manager.zeek} | 0 .../cluster/nodes/{proxy.bro => proxy.zeek} | 0 .../cluster/nodes/{worker.bro => worker.zeek} | 0 .../cluster/{pools.bro => pools.zeek} | 0 ...connections.bro => setup-connections.zeek} | 0 .../config/{__load__.bro => __load__.zeek} | 0 .../config/{input.bro => input.zeek} | 0 .../frameworks/config/{main.bro => main.zeek} | 0 .../config/{weird.bro => weird.zeek} | 0 .../control/{__load__.bro => __load__.zeek} | 0 .../control/{main.bro => main.zeek} | 0 .../dpd/{__load__.bro => __load__.zeek} | 0 .../frameworks/dpd/{main.bro => main.zeek} | 0 .../files/{__load__.bro => __load__.zeek} | 0 .../magic/{__load__.bro => __load__.zeek} | 0 .../frameworks/files/{main.bro => main.zeek} | 0 .../input/{__load__.bro => __load__.zeek} | 0 .../frameworks/input/{main.bro => main.zeek} | 0 .../input/readers/{ascii.bro => ascii.zeek} | 0 .../readers/{benchmark.bro => benchmark.zeek} | 0 .../input/readers/{binary.bro => binary.zeek} | 0 .../input/readers/{config.bro => config.zeek} | 0 .../input/readers/{raw.bro => raw.zeek} | 0 .../input/readers/{sqlite.bro => sqlite.zeek} | 0 .../intel/{__load__.bro => __load__.zeek} | 0 .../intel/{cluster.bro => cluster.zeek} | 0 .../intel/{files.bro => files.zeek} | 0 .../intel/{input.bro => input.zeek} | 0 .../frameworks/intel/{main.bro => main.zeek} | 0 .../logging/{__load__.bro => __load__.zeek} | 0 .../logging/{main.bro => main.zeek} | 0 .../{__load__.bro => __load__.zeek} | 0 .../postprocessors/{scp.bro => scp.zeek} | 0 .../postprocessors/{sftp.bro => sftp.zeek} | 0 .../logging/writers/{ascii.bro => ascii.zeek} | 0 .../logging/writers/{none.bro => none.zeek} | 0 .../writers/{sqlite.bro => sqlite.zeek} | 0 .../{__load__.bro => __load__.zeek} | 0 ...and-release.bro => catch-and-release.zeek} | 0 .../netcontrol/{cluster.bro => cluster.zeek} | 0 .../netcontrol/{drop.bro => drop.zeek} | 0 .../netcontrol/{main.bro => main.zeek} | 4 +- .../{non-cluster.bro => non-cluster.zeek} | 0 .../netcontrol/{plugin.bro => plugin.zeek} | 0 .../plugins/{__load__.bro => __load__.zeek} | 0 .../plugins/{acld.bro => acld.zeek} | 0 .../plugins/{broker.bro => broker.zeek} | 0 .../plugins/{debug.bro => debug.zeek} | 0 .../plugins/{openflow.bro => openflow.zeek} | 0 .../{packetfilter.bro => packetfilter.zeek} | 0 .../netcontrol/{shunt.bro => shunt.zeek} | 0 .../netcontrol/{types.bro => types.zeek} | 0 .../notice/{__load__.bro => __load__.zeek} | 0 .../{add-geodata.bro => add-geodata.zeek} | 0 .../notice/actions/{drop.bro => drop.zeek} | 0 .../{email_admin.bro => email_admin.zeek} | 0 .../notice/actions/{page.bro => page.zeek} | 0 .../actions/{pp-alarms.bro => pp-alarms.zeek} | 0 .../frameworks/notice/{main.bro => main.zeek} | 0 .../notice/{weird.bro => weird.zeek} | 0 .../openflow/{__load__.bro => __load__.zeek} | 0 .../openflow/{cluster.bro => cluster.zeek} | 0 .../openflow/{consts.bro => consts.zeek} | 0 .../openflow/{main.bro => main.zeek} | 2 +- .../{non-cluster.bro => non-cluster.zeek} | 0 .../plugins/{__load__.bro => __load__.zeek} | 0 .../plugins/{broker.bro => broker.zeek} | 0 .../openflow/plugins/{log.bro => log.zeek} | 0 .../openflow/plugins/{ryu.bro => ryu.zeek} | 0 .../openflow/{types.bro => types.zeek} | 0 .../{__load__.bro => __load__.zeek} | 0 .../{cluster.bro => cluster.zeek} | 0 .../packet-filter/{main.bro => main.zeek} | 0 .../{netstats.bro => netstats.zeek} | 0 .../packet-filter/{utils.bro => utils.zeek} | 0 .../reporter/{__load__.bro => __load__.zeek} | 0 .../reporter/{main.bro => main.zeek} | 2 +- .../{__load__.bro => __load__.zeek} | 0 .../signatures/{main.bro => main.zeek} | 0 .../software/{__load__.bro => __load__.zeek} | 0 .../software/{main.bro => main.zeek} | 0 .../sumstats/{__load__.bro => __load__.zeek} | 0 .../sumstats/{cluster.bro => cluster.zeek} | 0 .../sumstats/{main.bro => main.zeek} | 0 .../{non-cluster.bro => non-cluster.zeek} | 0 .../plugins/{__load__.bro => __load__.zeek} | 0 .../plugins/{average.bro => average.zeek} | 0 .../{hll_unique.bro => hll_unique.zeek} | 0 .../sumstats/plugins/{last.bro => last.zeek} | 0 .../sumstats/plugins/{max.bro => max.zeek} | 0 .../sumstats/plugins/{min.bro => min.zeek} | 0 .../plugins/{sample.bro => sample.zeek} | 0 .../plugins/{std-dev.bro => std-dev.zeek} | 0 .../sumstats/plugins/{sum.bro => sum.zeek} | 0 .../sumstats/plugins/{topk.bro => topk.zeek} | 0 .../plugins/{unique.bro => unique.zeek} | 0 .../plugins/{variance.bro => variance.zeek} | 0 .../tunnels/{__load__.bro => __load__.zeek} | 0 .../tunnels/{main.bro => main.zeek} | 0 .../base/{init-bare.bro => init-bare.zeek} | 6 +- .../{init-default.bro => init-default.zeek} | 2 +- ...bifs.bro => init-frameworks-and-bifs.zeek} | 2 +- ...ding.bro => find-checksum-offloading.zeek} | 0 ...red-trace.bro => find-filtered-trace.zeek} | 0 .../base/misc/{version.bro => version.zeek} | 0 .../conn/{__load__.bro => __load__.zeek} | 0 .../conn/{contents.bro => contents.zeek} | 0 .../conn/{inactivity.bro => inactivity.zeek} | 0 .../protocols/conn/{main.bro => main.zeek} | 0 .../conn/{polling.bro => polling.zeek} | 0 .../conn/{thresholds.bro => thresholds.zeek} | 0 .../dce-rpc/{__load__.bro => __load__.zeek} | 0 .../dce-rpc/{consts.bro => consts.zeek} | 0 .../protocols/dce-rpc/{main.bro => main.zeek} | 0 .../dhcp/{__load__.bro => __load__.zeek} | 0 .../dhcp/{consts.bro => consts.zeek} | 0 .../protocols/dhcp/{main.bro => main.zeek} | 0 .../dnp3/{__load__.bro => __load__.zeek} | 0 .../dnp3/{consts.bro => consts.zeek} | 0 .../protocols/dnp3/{main.bro => main.zeek} | 0 .../dns/{__load__.bro => __load__.zeek} | 0 .../protocols/dns/{consts.bro => consts.zeek} | 0 .../protocols/dns/{main.bro => main.zeek} | 0 .../ftp/{__load__.bro => __load__.zeek} | 0 .../protocols/ftp/{files.bro => files.zeek} | 0 .../ftp/{gridftp.bro => gridftp.zeek} | 0 .../protocols/ftp/{info.bro => info.zeek} | 0 .../protocols/ftp/{main.bro => main.zeek} | 0 ...utils-commands.bro => utils-commands.zeek} | 0 .../protocols/ftp/{utils.bro => utils.zeek} | 0 .../http/{__load__.bro => __load__.zeek} | 0 .../http/{entities.bro => entities.zeek} | 0 .../protocols/http/{files.bro => files.zeek} | 0 .../protocols/http/{main.bro => main.zeek} | 0 .../protocols/http/{utils.bro => utils.zeek} | 0 .../imap/{__load__.bro => __load__.zeek} | 0 .../protocols/imap/{main.bro => main.zeek} | 0 .../irc/{__load__.bro => __load__.zeek} | 0 .../irc/{dcc-send.bro => dcc-send.zeek} | 0 .../protocols/irc/{files.bro => files.zeek} | 0 .../protocols/irc/{main.bro => main.zeek} | 0 .../krb/{__load__.bro => __load__.zeek} | 0 .../protocols/krb/{consts.bro => consts.zeek} | 0 .../protocols/krb/{files.bro => files.zeek} | 0 .../protocols/krb/{main.bro => main.zeek} | 0 .../modbus/{__load__.bro => __load__.zeek} | 0 .../modbus/{consts.bro => consts.zeek} | 0 .../protocols/modbus/{main.bro => main.zeek} | 0 .../mysql/{__load__.bro => __load__.zeek} | 0 .../mysql/{consts.bro => consts.zeek} | 0 .../protocols/mysql/{main.bro => main.zeek} | 0 .../ntlm/{__load__.bro => __load__.zeek} | 0 .../protocols/ntlm/{main.bro => main.zeek} | 0 .../pop3/{__load__.bro => __load__.zeek} | 0 .../radius/{__load__.bro => __load__.zeek} | 0 .../radius/{consts.bro => consts.zeek} | 0 .../protocols/radius/{main.bro => main.zeek} | 0 .../rdp/{__load__.bro => __load__.zeek} | 0 .../protocols/rdp/{consts.bro => consts.zeek} | 0 .../protocols/rdp/{main.bro => main.zeek} | 0 .../rfb/{__load__.bro => __load__.zeek} | 0 .../protocols/rfb/{main.bro => main.zeek} | 0 .../sip/{__load__.bro => __load__.zeek} | 0 .../protocols/sip/{main.bro => main.zeek} | 0 .../smb/{__load__.bro => __load__.zeek} | 0 ...nst-dos-error.bro => const-dos-error.zeek} | 0 ...nst-nt-status.bro => const-nt-status.zeek} | 0 .../protocols/smb/{consts.bro => consts.zeek} | 2 +- .../protocols/smb/{files.bro => files.zeek} | 0 .../protocols/smb/{main.bro => main.zeek} | 0 .../smb/{smb1-main.bro => smb1-main.zeek} | 0 .../smb/{smb2-main.bro => smb2-main.zeek} | 0 .../smtp/{__load__.bro => __load__.zeek} | 0 .../smtp/{entities.bro => entities.zeek} | 0 .../protocols/smtp/{files.bro => files.zeek} | 0 .../protocols/smtp/{main.bro => main.zeek} | 0 .../snmp/{__load__.bro => __load__.zeek} | 0 .../protocols/snmp/{main.bro => main.zeek} | 0 .../socks/{__load__.bro => __load__.zeek} | 0 .../socks/{consts.bro => consts.zeek} | 0 .../protocols/socks/{main.bro => main.zeek} | 0 .../ssh/{__load__.bro => __load__.zeek} | 0 .../protocols/ssh/{main.bro => main.zeek} | 0 .../ssl/{__load__.bro => __load__.zeek} | 0 .../protocols/ssl/{consts.bro => consts.zeek} | 0 .../ssl/{ct-list.bro => ct-list.zeek} | 0 .../protocols/ssl/{files.bro => files.zeek} | 0 .../protocols/ssl/{main.bro => main.zeek} | 4 +- ...zilla-ca-list.bro => mozilla-ca-list.zeek} | 0 .../syslog/{__load__.bro => __load__.zeek} | 0 .../syslog/{consts.bro => consts.zeek} | 0 .../protocols/syslog/{main.bro => main.zeek} | 0 .../tunnels/{__load__.bro => __load__.zeek} | 0 .../xmpp/{__load__.bro => __load__.zeek} | 0 .../protocols/xmpp/{main.bro => main.zeek} | 0 .../{active-http.bro => active-http.zeek} | 0 scripts/base/utils/{addrs.bro => addrs.zeek} | 0 .../utils/{conn-ids.bro => conn-ids.zeek} | 0 scripts/base/utils/{dir.bro => dir.zeek} | 0 ...nd-hosts.bro => directions-and-hosts.zeek} | 0 scripts/base/utils/{email.bro => email.zeek} | 0 scripts/base/utils/{exec.bro => exec.zeek} | 0 scripts/base/utils/{files.bro => files.zeek} | 0 ...geoip-distance.bro => geoip-distance.zeek} | 0 .../utils/{hash_hrw.bro => hash_hrw.zeek} | 0 scripts/base/utils/{json.bro => json.zeek} | 0 .../base/utils/{numbers.bro => numbers.zeek} | 0 scripts/base/utils/{paths.bro => paths.zeek} | 0 .../utils/{patterns.bro => patterns.zeek} | 0 scripts/base/utils/{queue.bro => queue.zeek} | 0 scripts/base/utils/{site.bro => site.zeek} | 0 .../base/utils/{strings.bro => strings.zeek} | 0 .../utils/{thresholds.bro => thresholds.zeek} | 0 scripts/base/utils/{time.bro => time.zeek} | 0 scripts/base/utils/{urls.bro => urls.zeek} | 0 scripts/broxygen/__load__.bro | 17 --- scripts/broxygen/__load__.zeek | 17 +++ .../broxygen/{example.bro => example.zeek} | 0 .../x509/{log-ocsp.bro => log-ocsp.zeek} | 0 .../{controllee.bro => controllee.zeek} | 0 .../{controller.bro => controller.zeek} | 0 ...ct-protocols.bro => detect-protocols.zeek} | 0 ...ogging.bro => packet-segment-logging.zeek} | 0 .../files/{detect-MHR.bro => detect-MHR.zeek} | 0 ...-files.bro => entropy-test-all-files.zeek} | 0 ...t-all-files.bro => extract-all-files.zeek} | 0 ...hash-all-files.bro => hash-all-files.zeek} | 0 .../intel/{do_expire.bro => do_expire.zeek} | 0 .../intel/{do_notice.bro => do_notice.zeek} | 0 .../intel/{removal.bro => removal.zeek} | 0 .../seen/{__load__.bro => __load__.zeek} | 0 ...-established.bro => conn-established.zeek} | 0 .../intel/seen/{dns.bro => dns.zeek} | 0 .../{file-hashes.bro => file-hashes.zeek} | 0 .../seen/{file-names.bro => file-names.zeek} | 0 .../{http-headers.bro => http-headers.zeek} | 0 .../seen/{http-url.bro => http-url.zeek} | 0 .../{pubkey-hashes.bro => pubkey-hashes.zeek} | 0 .../{smb-filenames.bro => smb-filenames.zeek} | 0 ...xtraction.bro => smtp-url-extraction.zeek} | 0 .../intel/seen/{smtp.bro => smtp.zeek} | 0 .../intel/seen/{ssl.bro => ssl.zeek} | 0 ...ere-locations.bro => where-locations.zeek} | 0 .../intel/seen/{x509.bro => x509.zeek} | 0 .../intel/{whitelist.bro => whitelist.zeek} | 0 .../notice/{__load__.bro => __load__.zeek} | 0 .../{hostnames.bro => hostnames.zeek} | 0 .../packet-filter/{shunt.bro => shunt.zeek} | 0 ...rsion-changes.bro => version-changes.zeek} | 0 .../{vulnerable.bro => vulnerable.zeek} | 0 ...ion.bro => windows-version-detection.zeek} | 0 .../barnyard2/{__load__.bro => __load__.zeek} | 0 .../barnyard2/{main.bro => main.zeek} | 0 .../barnyard2/{types.bro => types.zeek} | 0 .../{__load__.bro => __load__.zeek} | 0 .../collective-intel/{main.bro => main.zeek} | 0 .../{capture-loss.bro => capture-loss.zeek} | 0 .../{__load__.bro => __load__.zeek} | 0 .../detect-traceroute/{main.bro => main.zeek} | 0 .../{dump-events.bro => dump-events.zeek} | 0 ...load-balancing.bro => load-balancing.zeek} | 0 ...loaded-scripts.bro => loaded-scripts.zeek} | 0 .../misc/{profiling.bro => profiling.zeek} | 0 scripts/policy/misc/{scan.bro => scan.zeek} | 0 scripts/policy/misc/{stats.bro => stats.zeek} | 0 ...im-trace-file.bro => trim-trace-file.zeek} | 0 .../{weird-stats.bro => weird-stats.zeek} | 0 .../{known-hosts.bro => known-hosts.zeek} | 0 ...known-services.bro => known-services.zeek} | 0 .../{mac-logging.bro => mac-logging.zeek} | 0 .../{vlan-logging.bro => vlan-logging.zeek} | 0 .../conn/{weirds.bro => weirds.zeek} | 0 ...ated_events.bro => deprecated_events.zeek} | 0 .../dhcp/{msg-orig.bro => msg-orig.zeek} | 0 .../dhcp/{software.bro => software.zeek} | 0 .../dhcp/{sub-opts.bro => sub-opts.zeek} | 0 .../dns/{auth-addl.bro => auth-addl.zeek} | 0 ...l-names.bro => detect-external-names.zeek} | 0 ...teforcing.bro => detect-bruteforcing.zeek} | 0 .../protocols/ftp/{detect.bro => detect.zeek} | 0 .../ftp/{software.bro => software.zeek} | 0 .../{detect-sqli.bro => detect-sqli.zeek} | 0 ...detect-webapps.bro => detect-webapps.zeek} | 0 .../{header-names.bro => header-names.zeek} | 0 ...gins.bro => software-browser-plugins.zeek} | 0 .../http/{software.bro => software.zeek} | 0 ...ookies.bro => var-extraction-cookies.zeek} | 0 ...action-uri.bro => var-extraction-uri.zeek} | 0 ...ticket-logging.bro => ticket-logging.zeek} | 0 ...s-slaves.bro => known-masters-slaves.zeek} | 0 .../{track-memmap.bro => track-memmap.zeek} | 0 .../mysql/{software.bro => software.zeek} | 0 .../{indicate_ssl.bro => indicate_ssl.zeek} | 0 .../smb/{__load__.bro => __load__.zeek} | 0 .../smb/{log-cmds.bro => log-cmds.zeek} | 0 .../smtp/{blocklists.bro => blocklists.zeek} | 0 ...s-orig.bro => detect-suspicious-orig.zeek} | 0 ...ties-excerpt.bro => entities-excerpt.zeek} | 0 .../smtp/{software.bro => software.zeek} | 0 ...teforcing.bro => detect-bruteforcing.zeek} | 0 .../ssh/{geo-data.bro => geo-data.zeek} | 0 ...stnames.bro => interesting-hostnames.zeek} | 0 .../ssh/{software.bro => software.zeek} | 0 ...expiring-certs.bro => expiring-certs.zeek} | 0 ...t-certs-pem.bro => extract-certs-pem.zeek} | 0 .../ssl/{heartbleed.bro => heartbleed.zeek} | 0 .../ssl/{known-certs.bro => known-certs.zeek} | 0 ...certs-only.bro => log-hostcerts-only.zeek} | 0 .../protocols/ssl/{notary.bro => notary.zeek} | 0 ...validate-certs.bro => validate-certs.zeek} | 0 .../{validate-ocsp.bro => validate-ocsp.zeek} | 0 .../{validate-sct.bro => validate-sct.zeek} | 0 .../ssl/{weak-keys.bro => weak-keys.zeek} | 0 .../tuning/{__load__.bro => __load__.zeek} | 0 .../defaults/{__load__.bro => __load__.zeek} | 0 ..._limits.bro => extracted_file_limits.zeek} | 0 ...et-fragments.bro => packet-fragments.zeek} | 0 .../defaults/{warnings.bro => warnings.zeek} | 0 .../tuning/{json-logs.bro => json-logs.zeek} | 0 ...k-all-assets.bro => track-all-assets.zeek} | 0 scripts/site/{local.bro => local.zeek} | 0 scripts/test-all-policy.bro | 113 ------------------ scripts/test-all-policy.zeek | 113 ++++++++++++++++++ src/CMakeLists.txt | 6 +- src/Type.cc | 2 +- src/broxygen/ScriptInfo.cc | 4 +- src/broxygen/ScriptInfo.h | 2 +- src/broxygen/Target.h | 2 +- src/broxygen/broxygen.bif | 2 +- src/const.bif | 2 +- src/main.cc | 6 +- src/plugin/Manager.cc | 4 +- src/reporter.bif | 2 +- src/scan.l | 4 +- src/types.bif | 2 +- src/util.h | 2 +- 357 files changed, 169 insertions(+), 169 deletions(-) rename scripts/base/files/extract/{__load__.bro => __load__.zeek} (100%) rename scripts/base/files/extract/{main.bro => main.zeek} (100%) rename scripts/base/files/hash/{__load__.bro => __load__.zeek} (100%) rename scripts/base/files/hash/{main.bro => main.zeek} (100%) rename scripts/base/files/pe/{__load__.bro => __load__.zeek} (100%) rename scripts/base/files/pe/{consts.bro => consts.zeek} (100%) rename scripts/base/files/pe/{main.bro => main.zeek} (100%) rename scripts/base/files/unified2/{__load__.bro => __load__.zeek} (100%) rename scripts/base/files/unified2/{main.bro => main.zeek} (100%) rename scripts/base/files/x509/{__load__.bro => __load__.zeek} (100%) rename scripts/base/files/x509/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/analyzer/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/analyzer/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/broker/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/broker/{log.bro => log.zeek} (100%) rename scripts/base/frameworks/broker/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/broker/{store.bro => store.zeek} (100%) rename scripts/base/frameworks/cluster/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/cluster/{main.bro => main.zeek} (98%) rename scripts/base/frameworks/cluster/nodes/{logger.bro => logger.zeek} (100%) rename scripts/base/frameworks/cluster/nodes/{manager.bro => manager.zeek} (100%) rename scripts/base/frameworks/cluster/nodes/{proxy.bro => proxy.zeek} (100%) rename scripts/base/frameworks/cluster/nodes/{worker.bro => worker.zeek} (100%) rename scripts/base/frameworks/cluster/{pools.bro => pools.zeek} (100%) rename scripts/base/frameworks/cluster/{setup-connections.bro => setup-connections.zeek} (100%) rename scripts/base/frameworks/config/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/config/{input.bro => input.zeek} (100%) rename scripts/base/frameworks/config/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/config/{weird.bro => weird.zeek} (100%) rename scripts/base/frameworks/control/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/control/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/dpd/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/dpd/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/files/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/files/magic/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/files/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/input/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/input/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/input/readers/{ascii.bro => ascii.zeek} (100%) rename scripts/base/frameworks/input/readers/{benchmark.bro => benchmark.zeek} (100%) rename scripts/base/frameworks/input/readers/{binary.bro => binary.zeek} (100%) rename scripts/base/frameworks/input/readers/{config.bro => config.zeek} (100%) rename scripts/base/frameworks/input/readers/{raw.bro => raw.zeek} (100%) rename scripts/base/frameworks/input/readers/{sqlite.bro => sqlite.zeek} (100%) rename scripts/base/frameworks/intel/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/intel/{cluster.bro => cluster.zeek} (100%) rename scripts/base/frameworks/intel/{files.bro => files.zeek} (100%) rename scripts/base/frameworks/intel/{input.bro => input.zeek} (100%) rename scripts/base/frameworks/intel/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/logging/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/logging/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/logging/postprocessors/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/logging/postprocessors/{scp.bro => scp.zeek} (100%) rename scripts/base/frameworks/logging/postprocessors/{sftp.bro => sftp.zeek} (100%) rename scripts/base/frameworks/logging/writers/{ascii.bro => ascii.zeek} (100%) rename scripts/base/frameworks/logging/writers/{none.bro => none.zeek} (100%) rename scripts/base/frameworks/logging/writers/{sqlite.bro => sqlite.zeek} (100%) rename scripts/base/frameworks/netcontrol/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/netcontrol/{catch-and-release.bro => catch-and-release.zeek} (100%) rename scripts/base/frameworks/netcontrol/{cluster.bro => cluster.zeek} (100%) rename scripts/base/frameworks/netcontrol/{drop.bro => drop.zeek} (100%) rename scripts/base/frameworks/netcontrol/{main.bro => main.zeek} (99%) rename scripts/base/frameworks/netcontrol/{non-cluster.bro => non-cluster.zeek} (100%) rename scripts/base/frameworks/netcontrol/{plugin.bro => plugin.zeek} (100%) rename scripts/base/frameworks/netcontrol/plugins/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/netcontrol/plugins/{acld.bro => acld.zeek} (100%) rename scripts/base/frameworks/netcontrol/plugins/{broker.bro => broker.zeek} (100%) rename scripts/base/frameworks/netcontrol/plugins/{debug.bro => debug.zeek} (100%) rename scripts/base/frameworks/netcontrol/plugins/{openflow.bro => openflow.zeek} (100%) rename scripts/base/frameworks/netcontrol/plugins/{packetfilter.bro => packetfilter.zeek} (100%) rename scripts/base/frameworks/netcontrol/{shunt.bro => shunt.zeek} (100%) rename scripts/base/frameworks/netcontrol/{types.bro => types.zeek} (100%) rename scripts/base/frameworks/notice/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/notice/actions/{add-geodata.bro => add-geodata.zeek} (100%) rename scripts/base/frameworks/notice/actions/{drop.bro => drop.zeek} (100%) rename scripts/base/frameworks/notice/actions/{email_admin.bro => email_admin.zeek} (100%) rename scripts/base/frameworks/notice/actions/{page.bro => page.zeek} (100%) rename scripts/base/frameworks/notice/actions/{pp-alarms.bro => pp-alarms.zeek} (100%) rename scripts/base/frameworks/notice/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/notice/{weird.bro => weird.zeek} (100%) rename scripts/base/frameworks/openflow/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/openflow/{cluster.bro => cluster.zeek} (100%) rename scripts/base/frameworks/openflow/{consts.bro => consts.zeek} (100%) rename scripts/base/frameworks/openflow/{main.bro => main.zeek} (99%) rename scripts/base/frameworks/openflow/{non-cluster.bro => non-cluster.zeek} (100%) rename scripts/base/frameworks/openflow/plugins/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/openflow/plugins/{broker.bro => broker.zeek} (100%) rename scripts/base/frameworks/openflow/plugins/{log.bro => log.zeek} (100%) rename scripts/base/frameworks/openflow/plugins/{ryu.bro => ryu.zeek} (100%) rename scripts/base/frameworks/openflow/{types.bro => types.zeek} (100%) rename scripts/base/frameworks/packet-filter/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/packet-filter/{cluster.bro => cluster.zeek} (100%) rename scripts/base/frameworks/packet-filter/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/packet-filter/{netstats.bro => netstats.zeek} (100%) rename scripts/base/frameworks/packet-filter/{utils.bro => utils.zeek} (100%) rename scripts/base/frameworks/reporter/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/reporter/{main.bro => main.zeek} (99%) rename scripts/base/frameworks/signatures/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/signatures/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/software/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/software/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/sumstats/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/sumstats/{cluster.bro => cluster.zeek} (100%) rename scripts/base/frameworks/sumstats/{main.bro => main.zeek} (100%) rename scripts/base/frameworks/sumstats/{non-cluster.bro => non-cluster.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{average.bro => average.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{hll_unique.bro => hll_unique.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{last.bro => last.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{max.bro => max.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{min.bro => min.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{sample.bro => sample.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{std-dev.bro => std-dev.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{sum.bro => sum.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{topk.bro => topk.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{unique.bro => unique.zeek} (100%) rename scripts/base/frameworks/sumstats/plugins/{variance.bro => variance.zeek} (100%) rename scripts/base/frameworks/tunnels/{__load__.bro => __load__.zeek} (100%) rename scripts/base/frameworks/tunnels/{main.bro => main.zeek} (100%) rename scripts/base/{init-bare.bro => init-bare.zeek} (99%) rename scripts/base/{init-default.bro => init-default.zeek} (98%) rename scripts/base/{init-frameworks-and-bifs.bro => init-frameworks-and-bifs.zeek} (86%) rename scripts/base/misc/{find-checksum-offloading.bro => find-checksum-offloading.zeek} (100%) rename scripts/base/misc/{find-filtered-trace.bro => find-filtered-trace.zeek} (100%) rename scripts/base/misc/{version.bro => version.zeek} (100%) rename scripts/base/protocols/conn/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/conn/{contents.bro => contents.zeek} (100%) rename scripts/base/protocols/conn/{inactivity.bro => inactivity.zeek} (100%) rename scripts/base/protocols/conn/{main.bro => main.zeek} (100%) rename scripts/base/protocols/conn/{polling.bro => polling.zeek} (100%) rename scripts/base/protocols/conn/{thresholds.bro => thresholds.zeek} (100%) rename scripts/base/protocols/dce-rpc/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/dce-rpc/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/dce-rpc/{main.bro => main.zeek} (100%) rename scripts/base/protocols/dhcp/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/dhcp/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/dhcp/{main.bro => main.zeek} (100%) rename scripts/base/protocols/dnp3/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/dnp3/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/dnp3/{main.bro => main.zeek} (100%) rename scripts/base/protocols/dns/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/dns/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/dns/{main.bro => main.zeek} (100%) rename scripts/base/protocols/ftp/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/ftp/{files.bro => files.zeek} (100%) rename scripts/base/protocols/ftp/{gridftp.bro => gridftp.zeek} (100%) rename scripts/base/protocols/ftp/{info.bro => info.zeek} (100%) rename scripts/base/protocols/ftp/{main.bro => main.zeek} (100%) rename scripts/base/protocols/ftp/{utils-commands.bro => utils-commands.zeek} (100%) rename scripts/base/protocols/ftp/{utils.bro => utils.zeek} (100%) rename scripts/base/protocols/http/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/http/{entities.bro => entities.zeek} (100%) rename scripts/base/protocols/http/{files.bro => files.zeek} (100%) rename scripts/base/protocols/http/{main.bro => main.zeek} (100%) rename scripts/base/protocols/http/{utils.bro => utils.zeek} (100%) rename scripts/base/protocols/imap/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/imap/{main.bro => main.zeek} (100%) rename scripts/base/protocols/irc/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/irc/{dcc-send.bro => dcc-send.zeek} (100%) rename scripts/base/protocols/irc/{files.bro => files.zeek} (100%) rename scripts/base/protocols/irc/{main.bro => main.zeek} (100%) rename scripts/base/protocols/krb/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/krb/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/krb/{files.bro => files.zeek} (100%) rename scripts/base/protocols/krb/{main.bro => main.zeek} (100%) rename scripts/base/protocols/modbus/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/modbus/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/modbus/{main.bro => main.zeek} (100%) rename scripts/base/protocols/mysql/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/mysql/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/mysql/{main.bro => main.zeek} (100%) rename scripts/base/protocols/ntlm/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/ntlm/{main.bro => main.zeek} (100%) rename scripts/base/protocols/pop3/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/radius/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/radius/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/radius/{main.bro => main.zeek} (100%) rename scripts/base/protocols/rdp/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/rdp/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/rdp/{main.bro => main.zeek} (100%) rename scripts/base/protocols/rfb/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/rfb/{main.bro => main.zeek} (100%) rename scripts/base/protocols/sip/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/sip/{main.bro => main.zeek} (100%) rename scripts/base/protocols/smb/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/smb/{const-dos-error.bro => const-dos-error.zeek} (100%) rename scripts/base/protocols/smb/{const-nt-status.bro => const-nt-status.zeek} (100%) rename scripts/base/protocols/smb/{consts.bro => consts.zeek} (99%) rename scripts/base/protocols/smb/{files.bro => files.zeek} (100%) rename scripts/base/protocols/smb/{main.bro => main.zeek} (100%) rename scripts/base/protocols/smb/{smb1-main.bro => smb1-main.zeek} (100%) rename scripts/base/protocols/smb/{smb2-main.bro => smb2-main.zeek} (100%) rename scripts/base/protocols/smtp/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/smtp/{entities.bro => entities.zeek} (100%) rename scripts/base/protocols/smtp/{files.bro => files.zeek} (100%) rename scripts/base/protocols/smtp/{main.bro => main.zeek} (100%) rename scripts/base/protocols/snmp/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/snmp/{main.bro => main.zeek} (100%) rename scripts/base/protocols/socks/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/socks/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/socks/{main.bro => main.zeek} (100%) rename scripts/base/protocols/ssh/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/ssh/{main.bro => main.zeek} (100%) rename scripts/base/protocols/ssl/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/ssl/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/ssl/{ct-list.bro => ct-list.zeek} (100%) rename scripts/base/protocols/ssl/{files.bro => files.zeek} (100%) rename scripts/base/protocols/ssl/{main.bro => main.zeek} (99%) rename scripts/base/protocols/ssl/{mozilla-ca-list.bro => mozilla-ca-list.zeek} (100%) rename scripts/base/protocols/syslog/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/syslog/{consts.bro => consts.zeek} (100%) rename scripts/base/protocols/syslog/{main.bro => main.zeek} (100%) rename scripts/base/protocols/tunnels/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/xmpp/{__load__.bro => __load__.zeek} (100%) rename scripts/base/protocols/xmpp/{main.bro => main.zeek} (100%) rename scripts/base/utils/{active-http.bro => active-http.zeek} (100%) rename scripts/base/utils/{addrs.bro => addrs.zeek} (100%) rename scripts/base/utils/{conn-ids.bro => conn-ids.zeek} (100%) rename scripts/base/utils/{dir.bro => dir.zeek} (100%) rename scripts/base/utils/{directions-and-hosts.bro => directions-and-hosts.zeek} (100%) rename scripts/base/utils/{email.bro => email.zeek} (100%) rename scripts/base/utils/{exec.bro => exec.zeek} (100%) rename scripts/base/utils/{files.bro => files.zeek} (100%) rename scripts/base/utils/{geoip-distance.bro => geoip-distance.zeek} (100%) rename scripts/base/utils/{hash_hrw.bro => hash_hrw.zeek} (100%) rename scripts/base/utils/{json.bro => json.zeek} (100%) rename scripts/base/utils/{numbers.bro => numbers.zeek} (100%) rename scripts/base/utils/{paths.bro => paths.zeek} (100%) rename scripts/base/utils/{patterns.bro => patterns.zeek} (100%) rename scripts/base/utils/{queue.bro => queue.zeek} (100%) rename scripts/base/utils/{site.bro => site.zeek} (100%) rename scripts/base/utils/{strings.bro => strings.zeek} (100%) rename scripts/base/utils/{thresholds.bro => thresholds.zeek} (100%) rename scripts/base/utils/{time.bro => time.zeek} (100%) rename scripts/base/utils/{urls.bro => urls.zeek} (100%) delete mode 100644 scripts/broxygen/__load__.bro create mode 100644 scripts/broxygen/__load__.zeek rename scripts/broxygen/{example.bro => example.zeek} (100%) rename scripts/policy/files/x509/{log-ocsp.bro => log-ocsp.zeek} (100%) rename scripts/policy/frameworks/control/{controllee.bro => controllee.zeek} (100%) rename scripts/policy/frameworks/control/{controller.bro => controller.zeek} (100%) rename scripts/policy/frameworks/dpd/{detect-protocols.bro => detect-protocols.zeek} (100%) rename scripts/policy/frameworks/dpd/{packet-segment-logging.bro => packet-segment-logging.zeek} (100%) rename scripts/policy/frameworks/files/{detect-MHR.bro => detect-MHR.zeek} (100%) rename scripts/policy/frameworks/files/{entropy-test-all-files.bro => entropy-test-all-files.zeek} (100%) rename scripts/policy/frameworks/files/{extract-all-files.bro => extract-all-files.zeek} (100%) rename scripts/policy/frameworks/files/{hash-all-files.bro => hash-all-files.zeek} (100%) rename scripts/policy/frameworks/intel/{do_expire.bro => do_expire.zeek} (100%) rename scripts/policy/frameworks/intel/{do_notice.bro => do_notice.zeek} (100%) rename scripts/policy/frameworks/intel/{removal.bro => removal.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{__load__.bro => __load__.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{conn-established.bro => conn-established.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{dns.bro => dns.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{file-hashes.bro => file-hashes.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{file-names.bro => file-names.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{http-headers.bro => http-headers.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{http-url.bro => http-url.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{pubkey-hashes.bro => pubkey-hashes.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{smb-filenames.bro => smb-filenames.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{smtp-url-extraction.bro => smtp-url-extraction.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{smtp.bro => smtp.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{ssl.bro => ssl.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{where-locations.bro => where-locations.zeek} (100%) rename scripts/policy/frameworks/intel/seen/{x509.bro => x509.zeek} (100%) rename scripts/policy/frameworks/intel/{whitelist.bro => whitelist.zeek} (100%) rename scripts/policy/frameworks/notice/{__load__.bro => __load__.zeek} (100%) rename scripts/policy/frameworks/notice/extend-email/{hostnames.bro => hostnames.zeek} (100%) rename scripts/policy/frameworks/packet-filter/{shunt.bro => shunt.zeek} (100%) rename scripts/policy/frameworks/software/{version-changes.bro => version-changes.zeek} (100%) rename scripts/policy/frameworks/software/{vulnerable.bro => vulnerable.zeek} (100%) rename scripts/policy/frameworks/software/{windows-version-detection.bro => windows-version-detection.zeek} (100%) rename scripts/policy/integration/barnyard2/{__load__.bro => __load__.zeek} (100%) rename scripts/policy/integration/barnyard2/{main.bro => main.zeek} (100%) rename scripts/policy/integration/barnyard2/{types.bro => types.zeek} (100%) rename scripts/policy/integration/collective-intel/{__load__.bro => __load__.zeek} (100%) rename scripts/policy/integration/collective-intel/{main.bro => main.zeek} (100%) rename scripts/policy/misc/{capture-loss.bro => capture-loss.zeek} (100%) rename scripts/policy/misc/detect-traceroute/{__load__.bro => __load__.zeek} (100%) rename scripts/policy/misc/detect-traceroute/{main.bro => main.zeek} (100%) rename scripts/policy/misc/{dump-events.bro => dump-events.zeek} (100%) rename scripts/policy/misc/{load-balancing.bro => load-balancing.zeek} (100%) rename scripts/policy/misc/{loaded-scripts.bro => loaded-scripts.zeek} (100%) rename scripts/policy/misc/{profiling.bro => profiling.zeek} (100%) rename scripts/policy/misc/{scan.bro => scan.zeek} (100%) rename scripts/policy/misc/{stats.bro => stats.zeek} (100%) rename scripts/policy/misc/{trim-trace-file.bro => trim-trace-file.zeek} (100%) rename scripts/policy/misc/{weird-stats.bro => weird-stats.zeek} (100%) rename scripts/policy/protocols/conn/{known-hosts.bro => known-hosts.zeek} (100%) rename scripts/policy/protocols/conn/{known-services.bro => known-services.zeek} (100%) rename scripts/policy/protocols/conn/{mac-logging.bro => mac-logging.zeek} (100%) rename scripts/policy/protocols/conn/{vlan-logging.bro => vlan-logging.zeek} (100%) rename scripts/policy/protocols/conn/{weirds.bro => weirds.zeek} (100%) rename scripts/policy/protocols/dhcp/{deprecated_events.bro => deprecated_events.zeek} (100%) rename scripts/policy/protocols/dhcp/{msg-orig.bro => msg-orig.zeek} (100%) rename scripts/policy/protocols/dhcp/{software.bro => software.zeek} (100%) rename scripts/policy/protocols/dhcp/{sub-opts.bro => sub-opts.zeek} (100%) rename scripts/policy/protocols/dns/{auth-addl.bro => auth-addl.zeek} (100%) rename scripts/policy/protocols/dns/{detect-external-names.bro => detect-external-names.zeek} (100%) rename scripts/policy/protocols/ftp/{detect-bruteforcing.bro => detect-bruteforcing.zeek} (100%) rename scripts/policy/protocols/ftp/{detect.bro => detect.zeek} (100%) rename scripts/policy/protocols/ftp/{software.bro => software.zeek} (100%) rename scripts/policy/protocols/http/{detect-sqli.bro => detect-sqli.zeek} (100%) rename scripts/policy/protocols/http/{detect-webapps.bro => detect-webapps.zeek} (100%) rename scripts/policy/protocols/http/{header-names.bro => header-names.zeek} (100%) rename scripts/policy/protocols/http/{software-browser-plugins.bro => software-browser-plugins.zeek} (100%) rename scripts/policy/protocols/http/{software.bro => software.zeek} (100%) rename scripts/policy/protocols/http/{var-extraction-cookies.bro => var-extraction-cookies.zeek} (100%) rename scripts/policy/protocols/http/{var-extraction-uri.bro => var-extraction-uri.zeek} (100%) rename scripts/policy/protocols/krb/{ticket-logging.bro => ticket-logging.zeek} (100%) rename scripts/policy/protocols/modbus/{known-masters-slaves.bro => known-masters-slaves.zeek} (100%) rename scripts/policy/protocols/modbus/{track-memmap.bro => track-memmap.zeek} (100%) rename scripts/policy/protocols/mysql/{software.bro => software.zeek} (100%) rename scripts/policy/protocols/rdp/{indicate_ssl.bro => indicate_ssl.zeek} (100%) rename scripts/policy/protocols/smb/{__load__.bro => __load__.zeek} (100%) rename scripts/policy/protocols/smb/{log-cmds.bro => log-cmds.zeek} (100%) rename scripts/policy/protocols/smtp/{blocklists.bro => blocklists.zeek} (100%) rename scripts/policy/protocols/smtp/{detect-suspicious-orig.bro => detect-suspicious-orig.zeek} (100%) rename scripts/policy/protocols/smtp/{entities-excerpt.bro => entities-excerpt.zeek} (100%) rename scripts/policy/protocols/smtp/{software.bro => software.zeek} (100%) rename scripts/policy/protocols/ssh/{detect-bruteforcing.bro => detect-bruteforcing.zeek} (100%) rename scripts/policy/protocols/ssh/{geo-data.bro => geo-data.zeek} (100%) rename scripts/policy/protocols/ssh/{interesting-hostnames.bro => interesting-hostnames.zeek} (100%) rename scripts/policy/protocols/ssh/{software.bro => software.zeek} (100%) rename scripts/policy/protocols/ssl/{expiring-certs.bro => expiring-certs.zeek} (100%) rename scripts/policy/protocols/ssl/{extract-certs-pem.bro => extract-certs-pem.zeek} (100%) rename scripts/policy/protocols/ssl/{heartbleed.bro => heartbleed.zeek} (100%) rename scripts/policy/protocols/ssl/{known-certs.bro => known-certs.zeek} (100%) rename scripts/policy/protocols/ssl/{log-hostcerts-only.bro => log-hostcerts-only.zeek} (100%) rename scripts/policy/protocols/ssl/{notary.bro => notary.zeek} (100%) rename scripts/policy/protocols/ssl/{validate-certs.bro => validate-certs.zeek} (100%) rename scripts/policy/protocols/ssl/{validate-ocsp.bro => validate-ocsp.zeek} (100%) rename scripts/policy/protocols/ssl/{validate-sct.bro => validate-sct.zeek} (100%) rename scripts/policy/protocols/ssl/{weak-keys.bro => weak-keys.zeek} (100%) rename scripts/policy/tuning/{__load__.bro => __load__.zeek} (100%) rename scripts/policy/tuning/defaults/{__load__.bro => __load__.zeek} (100%) rename scripts/policy/tuning/defaults/{extracted_file_limits.bro => extracted_file_limits.zeek} (100%) rename scripts/policy/tuning/defaults/{packet-fragments.bro => packet-fragments.zeek} (100%) rename scripts/policy/tuning/defaults/{warnings.bro => warnings.zeek} (100%) rename scripts/policy/tuning/{json-logs.bro => json-logs.zeek} (100%) rename scripts/policy/tuning/{track-all-assets.bro => track-all-assets.zeek} (100%) rename scripts/site/{local.bro => local.zeek} (100%) delete mode 100644 scripts/test-all-policy.bro create mode 100644 scripts/test-all-policy.zeek diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt index 96c682871a..189c9b9df8 100644 --- a/scripts/CMakeLists.txt +++ b/scripts/CMakeLists.txt @@ -2,8 +2,8 @@ include(InstallPackageConfigFile) install(DIRECTORY ./ DESTINATION ${BRO_SCRIPT_INSTALL_PATH} FILES_MATCHING PATTERN "site/local*" EXCLUDE - PATTERN "test-all-policy.bro" EXCLUDE - PATTERN "*.bro" + PATTERN "test-all-policy.zeek" EXCLUDE + PATTERN "*.zeek" PATTERN "*.sig" PATTERN "*.fp" ) @@ -11,6 +11,6 @@ install(DIRECTORY ./ DESTINATION ${BRO_SCRIPT_INSTALL_PATH} FILES_MATCHING # Install all local* scripts as config files since they are meant to be # user modify-able. InstallPackageConfigFile( - ${CMAKE_CURRENT_SOURCE_DIR}/site/local.bro + ${CMAKE_CURRENT_SOURCE_DIR}/site/local.zeek ${BRO_SCRIPT_INSTALL_PATH}/site - local.bro) + local.zeek) diff --git a/scripts/base/files/extract/__load__.bro b/scripts/base/files/extract/__load__.zeek similarity index 100% rename from scripts/base/files/extract/__load__.bro rename to scripts/base/files/extract/__load__.zeek diff --git a/scripts/base/files/extract/main.bro b/scripts/base/files/extract/main.zeek similarity index 100% rename from scripts/base/files/extract/main.bro rename to scripts/base/files/extract/main.zeek diff --git a/scripts/base/files/hash/__load__.bro b/scripts/base/files/hash/__load__.zeek similarity index 100% rename from scripts/base/files/hash/__load__.bro rename to scripts/base/files/hash/__load__.zeek diff --git a/scripts/base/files/hash/main.bro b/scripts/base/files/hash/main.zeek similarity index 100% rename from scripts/base/files/hash/main.bro rename to scripts/base/files/hash/main.zeek diff --git a/scripts/base/files/pe/__load__.bro b/scripts/base/files/pe/__load__.zeek similarity index 100% rename from scripts/base/files/pe/__load__.bro rename to scripts/base/files/pe/__load__.zeek diff --git a/scripts/base/files/pe/consts.bro b/scripts/base/files/pe/consts.zeek similarity index 100% rename from scripts/base/files/pe/consts.bro rename to scripts/base/files/pe/consts.zeek diff --git a/scripts/base/files/pe/main.bro b/scripts/base/files/pe/main.zeek similarity index 100% rename from scripts/base/files/pe/main.bro rename to scripts/base/files/pe/main.zeek diff --git a/scripts/base/files/unified2/__load__.bro b/scripts/base/files/unified2/__load__.zeek similarity index 100% rename from scripts/base/files/unified2/__load__.bro rename to scripts/base/files/unified2/__load__.zeek diff --git a/scripts/base/files/unified2/main.bro b/scripts/base/files/unified2/main.zeek similarity index 100% rename from scripts/base/files/unified2/main.bro rename to scripts/base/files/unified2/main.zeek diff --git a/scripts/base/files/x509/__load__.bro b/scripts/base/files/x509/__load__.zeek similarity index 100% rename from scripts/base/files/x509/__load__.bro rename to scripts/base/files/x509/__load__.zeek diff --git a/scripts/base/files/x509/main.bro b/scripts/base/files/x509/main.zeek similarity index 100% rename from scripts/base/files/x509/main.bro rename to scripts/base/files/x509/main.zeek diff --git a/scripts/base/frameworks/analyzer/__load__.bro b/scripts/base/frameworks/analyzer/__load__.zeek similarity index 100% rename from scripts/base/frameworks/analyzer/__load__.bro rename to scripts/base/frameworks/analyzer/__load__.zeek diff --git a/scripts/base/frameworks/analyzer/main.bro b/scripts/base/frameworks/analyzer/main.zeek similarity index 100% rename from scripts/base/frameworks/analyzer/main.bro rename to scripts/base/frameworks/analyzer/main.zeek diff --git a/scripts/base/frameworks/broker/__load__.bro b/scripts/base/frameworks/broker/__load__.zeek similarity index 100% rename from scripts/base/frameworks/broker/__load__.bro rename to scripts/base/frameworks/broker/__load__.zeek diff --git a/scripts/base/frameworks/broker/log.bro b/scripts/base/frameworks/broker/log.zeek similarity index 100% rename from scripts/base/frameworks/broker/log.bro rename to scripts/base/frameworks/broker/log.zeek diff --git a/scripts/base/frameworks/broker/main.bro b/scripts/base/frameworks/broker/main.zeek similarity index 100% rename from scripts/base/frameworks/broker/main.bro rename to scripts/base/frameworks/broker/main.zeek diff --git a/scripts/base/frameworks/broker/store.bro b/scripts/base/frameworks/broker/store.zeek similarity index 100% rename from scripts/base/frameworks/broker/store.bro rename to scripts/base/frameworks/broker/store.zeek diff --git a/scripts/base/frameworks/cluster/__load__.bro b/scripts/base/frameworks/cluster/__load__.zeek similarity index 100% rename from scripts/base/frameworks/cluster/__load__.bro rename to scripts/base/frameworks/cluster/__load__.zeek diff --git a/scripts/base/frameworks/cluster/main.bro b/scripts/base/frameworks/cluster/main.zeek similarity index 98% rename from scripts/base/frameworks/cluster/main.bro rename to scripts/base/frameworks/cluster/main.zeek index 2d492454d4..2cb0401eea 100644 --- a/scripts/base/frameworks/cluster/main.bro +++ b/scripts/base/frameworks/cluster/main.zeek @@ -1,6 +1,6 @@ ##! A framework for establishing and controlling a cluster of Bro instances. ##! In order to use the cluster framework, a script named -##! ``cluster-layout.bro`` must exist somewhere in Bro's script search path +##! ``cluster-layout.zeek`` must exist somewhere in Bro's script search path ##! which has a cluster definition of the :bro:id:`Cluster::nodes` variable. ##! The ``CLUSTER_NODE`` environment variable or :bro:id:`Cluster::node` ##! must also be sent and the cluster framework loaded as a package like @@ -192,7 +192,7 @@ export { global worker_count: count = 0; ## The cluster layout definition. This should be placed into a filter - ## named cluster-layout.bro somewhere in the BROPATH. It will be + ## named cluster-layout.zeek somewhere in the BROPATH. It will be ## automatically loaded if the CLUSTER_NODE environment variable is set. ## Note that BroControl handles all of this automatically. ## The table is typically indexed by node names/labels (e.g. "manager" @@ -200,7 +200,7 @@ export { const nodes: table[string] of Node = {} &redef; ## Indicates whether or not the manager will act as the logger and receive - ## logs. This value should be set in the cluster-layout.bro script (the + ## logs. This value should be set in the cluster-layout.zeek script (the ## value should be true only if no logger is specified in Cluster::nodes). ## Note that BroControl handles this automatically. const manager_is_logger = T &redef; diff --git a/scripts/base/frameworks/cluster/nodes/logger.bro b/scripts/base/frameworks/cluster/nodes/logger.zeek similarity index 100% rename from scripts/base/frameworks/cluster/nodes/logger.bro rename to scripts/base/frameworks/cluster/nodes/logger.zeek diff --git a/scripts/base/frameworks/cluster/nodes/manager.bro b/scripts/base/frameworks/cluster/nodes/manager.zeek similarity index 100% rename from scripts/base/frameworks/cluster/nodes/manager.bro rename to scripts/base/frameworks/cluster/nodes/manager.zeek diff --git a/scripts/base/frameworks/cluster/nodes/proxy.bro b/scripts/base/frameworks/cluster/nodes/proxy.zeek similarity index 100% rename from scripts/base/frameworks/cluster/nodes/proxy.bro rename to scripts/base/frameworks/cluster/nodes/proxy.zeek diff --git a/scripts/base/frameworks/cluster/nodes/worker.bro b/scripts/base/frameworks/cluster/nodes/worker.zeek similarity index 100% rename from scripts/base/frameworks/cluster/nodes/worker.bro rename to scripts/base/frameworks/cluster/nodes/worker.zeek diff --git a/scripts/base/frameworks/cluster/pools.bro b/scripts/base/frameworks/cluster/pools.zeek similarity index 100% rename from scripts/base/frameworks/cluster/pools.bro rename to scripts/base/frameworks/cluster/pools.zeek diff --git a/scripts/base/frameworks/cluster/setup-connections.bro b/scripts/base/frameworks/cluster/setup-connections.zeek similarity index 100% rename from scripts/base/frameworks/cluster/setup-connections.bro rename to scripts/base/frameworks/cluster/setup-connections.zeek diff --git a/scripts/base/frameworks/config/__load__.bro b/scripts/base/frameworks/config/__load__.zeek similarity index 100% rename from scripts/base/frameworks/config/__load__.bro rename to scripts/base/frameworks/config/__load__.zeek diff --git a/scripts/base/frameworks/config/input.bro b/scripts/base/frameworks/config/input.zeek similarity index 100% rename from scripts/base/frameworks/config/input.bro rename to scripts/base/frameworks/config/input.zeek diff --git a/scripts/base/frameworks/config/main.bro b/scripts/base/frameworks/config/main.zeek similarity index 100% rename from scripts/base/frameworks/config/main.bro rename to scripts/base/frameworks/config/main.zeek diff --git a/scripts/base/frameworks/config/weird.bro b/scripts/base/frameworks/config/weird.zeek similarity index 100% rename from scripts/base/frameworks/config/weird.bro rename to scripts/base/frameworks/config/weird.zeek diff --git a/scripts/base/frameworks/control/__load__.bro b/scripts/base/frameworks/control/__load__.zeek similarity index 100% rename from scripts/base/frameworks/control/__load__.bro rename to scripts/base/frameworks/control/__load__.zeek diff --git a/scripts/base/frameworks/control/main.bro b/scripts/base/frameworks/control/main.zeek similarity index 100% rename from scripts/base/frameworks/control/main.bro rename to scripts/base/frameworks/control/main.zeek diff --git a/scripts/base/frameworks/dpd/__load__.bro b/scripts/base/frameworks/dpd/__load__.zeek similarity index 100% rename from scripts/base/frameworks/dpd/__load__.bro rename to scripts/base/frameworks/dpd/__load__.zeek diff --git a/scripts/base/frameworks/dpd/main.bro b/scripts/base/frameworks/dpd/main.zeek similarity index 100% rename from scripts/base/frameworks/dpd/main.bro rename to scripts/base/frameworks/dpd/main.zeek diff --git a/scripts/base/frameworks/files/__load__.bro b/scripts/base/frameworks/files/__load__.zeek similarity index 100% rename from scripts/base/frameworks/files/__load__.bro rename to scripts/base/frameworks/files/__load__.zeek diff --git a/scripts/base/frameworks/files/magic/__load__.bro b/scripts/base/frameworks/files/magic/__load__.zeek similarity index 100% rename from scripts/base/frameworks/files/magic/__load__.bro rename to scripts/base/frameworks/files/magic/__load__.zeek diff --git a/scripts/base/frameworks/files/main.bro b/scripts/base/frameworks/files/main.zeek similarity index 100% rename from scripts/base/frameworks/files/main.bro rename to scripts/base/frameworks/files/main.zeek diff --git a/scripts/base/frameworks/input/__load__.bro b/scripts/base/frameworks/input/__load__.zeek similarity index 100% rename from scripts/base/frameworks/input/__load__.bro rename to scripts/base/frameworks/input/__load__.zeek diff --git a/scripts/base/frameworks/input/main.bro b/scripts/base/frameworks/input/main.zeek similarity index 100% rename from scripts/base/frameworks/input/main.bro rename to scripts/base/frameworks/input/main.zeek diff --git a/scripts/base/frameworks/input/readers/ascii.bro b/scripts/base/frameworks/input/readers/ascii.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/ascii.bro rename to scripts/base/frameworks/input/readers/ascii.zeek diff --git a/scripts/base/frameworks/input/readers/benchmark.bro b/scripts/base/frameworks/input/readers/benchmark.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/benchmark.bro rename to scripts/base/frameworks/input/readers/benchmark.zeek diff --git a/scripts/base/frameworks/input/readers/binary.bro b/scripts/base/frameworks/input/readers/binary.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/binary.bro rename to scripts/base/frameworks/input/readers/binary.zeek diff --git a/scripts/base/frameworks/input/readers/config.bro b/scripts/base/frameworks/input/readers/config.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/config.bro rename to scripts/base/frameworks/input/readers/config.zeek diff --git a/scripts/base/frameworks/input/readers/raw.bro b/scripts/base/frameworks/input/readers/raw.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/raw.bro rename to scripts/base/frameworks/input/readers/raw.zeek diff --git a/scripts/base/frameworks/input/readers/sqlite.bro b/scripts/base/frameworks/input/readers/sqlite.zeek similarity index 100% rename from scripts/base/frameworks/input/readers/sqlite.bro rename to scripts/base/frameworks/input/readers/sqlite.zeek diff --git a/scripts/base/frameworks/intel/__load__.bro b/scripts/base/frameworks/intel/__load__.zeek similarity index 100% rename from scripts/base/frameworks/intel/__load__.bro rename to scripts/base/frameworks/intel/__load__.zeek diff --git a/scripts/base/frameworks/intel/cluster.bro b/scripts/base/frameworks/intel/cluster.zeek similarity index 100% rename from scripts/base/frameworks/intel/cluster.bro rename to scripts/base/frameworks/intel/cluster.zeek diff --git a/scripts/base/frameworks/intel/files.bro b/scripts/base/frameworks/intel/files.zeek similarity index 100% rename from scripts/base/frameworks/intel/files.bro rename to scripts/base/frameworks/intel/files.zeek diff --git a/scripts/base/frameworks/intel/input.bro b/scripts/base/frameworks/intel/input.zeek similarity index 100% rename from scripts/base/frameworks/intel/input.bro rename to scripts/base/frameworks/intel/input.zeek diff --git a/scripts/base/frameworks/intel/main.bro b/scripts/base/frameworks/intel/main.zeek similarity index 100% rename from scripts/base/frameworks/intel/main.bro rename to scripts/base/frameworks/intel/main.zeek diff --git a/scripts/base/frameworks/logging/__load__.bro b/scripts/base/frameworks/logging/__load__.zeek similarity index 100% rename from scripts/base/frameworks/logging/__load__.bro rename to scripts/base/frameworks/logging/__load__.zeek diff --git a/scripts/base/frameworks/logging/main.bro b/scripts/base/frameworks/logging/main.zeek similarity index 100% rename from scripts/base/frameworks/logging/main.bro rename to scripts/base/frameworks/logging/main.zeek diff --git a/scripts/base/frameworks/logging/postprocessors/__load__.bro b/scripts/base/frameworks/logging/postprocessors/__load__.zeek similarity index 100% rename from scripts/base/frameworks/logging/postprocessors/__load__.bro rename to scripts/base/frameworks/logging/postprocessors/__load__.zeek diff --git a/scripts/base/frameworks/logging/postprocessors/scp.bro b/scripts/base/frameworks/logging/postprocessors/scp.zeek similarity index 100% rename from scripts/base/frameworks/logging/postprocessors/scp.bro rename to scripts/base/frameworks/logging/postprocessors/scp.zeek diff --git a/scripts/base/frameworks/logging/postprocessors/sftp.bro b/scripts/base/frameworks/logging/postprocessors/sftp.zeek similarity index 100% rename from scripts/base/frameworks/logging/postprocessors/sftp.bro rename to scripts/base/frameworks/logging/postprocessors/sftp.zeek diff --git a/scripts/base/frameworks/logging/writers/ascii.bro b/scripts/base/frameworks/logging/writers/ascii.zeek similarity index 100% rename from scripts/base/frameworks/logging/writers/ascii.bro rename to scripts/base/frameworks/logging/writers/ascii.zeek diff --git a/scripts/base/frameworks/logging/writers/none.bro b/scripts/base/frameworks/logging/writers/none.zeek similarity index 100% rename from scripts/base/frameworks/logging/writers/none.bro rename to scripts/base/frameworks/logging/writers/none.zeek diff --git a/scripts/base/frameworks/logging/writers/sqlite.bro b/scripts/base/frameworks/logging/writers/sqlite.zeek similarity index 100% rename from scripts/base/frameworks/logging/writers/sqlite.bro rename to scripts/base/frameworks/logging/writers/sqlite.zeek diff --git a/scripts/base/frameworks/netcontrol/__load__.bro b/scripts/base/frameworks/netcontrol/__load__.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/__load__.bro rename to scripts/base/frameworks/netcontrol/__load__.zeek diff --git a/scripts/base/frameworks/netcontrol/catch-and-release.bro b/scripts/base/frameworks/netcontrol/catch-and-release.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/catch-and-release.bro rename to scripts/base/frameworks/netcontrol/catch-and-release.zeek diff --git a/scripts/base/frameworks/netcontrol/cluster.bro b/scripts/base/frameworks/netcontrol/cluster.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/cluster.bro rename to scripts/base/frameworks/netcontrol/cluster.zeek diff --git a/scripts/base/frameworks/netcontrol/drop.bro b/scripts/base/frameworks/netcontrol/drop.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/drop.bro rename to scripts/base/frameworks/netcontrol/drop.zeek diff --git a/scripts/base/frameworks/netcontrol/main.bro b/scripts/base/frameworks/netcontrol/main.zeek similarity index 99% rename from scripts/base/frameworks/netcontrol/main.bro rename to scripts/base/frameworks/netcontrol/main.zeek index a9418508af..110a0488dd 100644 --- a/scripts/base/frameworks/netcontrol/main.bro +++ b/scripts/base/frameworks/netcontrol/main.zeek @@ -43,8 +43,8 @@ export { # ### High-level API. # ### - # ### Note - other high level primitives are in catch-and-release.bro, shunt.bro and - # ### drop.bro + # ### Note - other high level primitives are in catch-and-release.zeek, + # ### shunt.zeek and drop.zeek ## Allows all traffic involving a specific IP address to be forwarded. ## diff --git a/scripts/base/frameworks/netcontrol/non-cluster.bro b/scripts/base/frameworks/netcontrol/non-cluster.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/non-cluster.bro rename to scripts/base/frameworks/netcontrol/non-cluster.zeek diff --git a/scripts/base/frameworks/netcontrol/plugin.bro b/scripts/base/frameworks/netcontrol/plugin.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugin.bro rename to scripts/base/frameworks/netcontrol/plugin.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/__load__.bro b/scripts/base/frameworks/netcontrol/plugins/__load__.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/__load__.bro rename to scripts/base/frameworks/netcontrol/plugins/__load__.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/acld.bro b/scripts/base/frameworks/netcontrol/plugins/acld.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/acld.bro rename to scripts/base/frameworks/netcontrol/plugins/acld.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/broker.bro b/scripts/base/frameworks/netcontrol/plugins/broker.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/broker.bro rename to scripts/base/frameworks/netcontrol/plugins/broker.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/debug.bro b/scripts/base/frameworks/netcontrol/plugins/debug.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/debug.bro rename to scripts/base/frameworks/netcontrol/plugins/debug.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/openflow.bro b/scripts/base/frameworks/netcontrol/plugins/openflow.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/openflow.bro rename to scripts/base/frameworks/netcontrol/plugins/openflow.zeek diff --git a/scripts/base/frameworks/netcontrol/plugins/packetfilter.bro b/scripts/base/frameworks/netcontrol/plugins/packetfilter.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/plugins/packetfilter.bro rename to scripts/base/frameworks/netcontrol/plugins/packetfilter.zeek diff --git a/scripts/base/frameworks/netcontrol/shunt.bro b/scripts/base/frameworks/netcontrol/shunt.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/shunt.bro rename to scripts/base/frameworks/netcontrol/shunt.zeek diff --git a/scripts/base/frameworks/netcontrol/types.bro b/scripts/base/frameworks/netcontrol/types.zeek similarity index 100% rename from scripts/base/frameworks/netcontrol/types.bro rename to scripts/base/frameworks/netcontrol/types.zeek diff --git a/scripts/base/frameworks/notice/__load__.bro b/scripts/base/frameworks/notice/__load__.zeek similarity index 100% rename from scripts/base/frameworks/notice/__load__.bro rename to scripts/base/frameworks/notice/__load__.zeek diff --git a/scripts/base/frameworks/notice/actions/add-geodata.bro b/scripts/base/frameworks/notice/actions/add-geodata.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/add-geodata.bro rename to scripts/base/frameworks/notice/actions/add-geodata.zeek diff --git a/scripts/base/frameworks/notice/actions/drop.bro b/scripts/base/frameworks/notice/actions/drop.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/drop.bro rename to scripts/base/frameworks/notice/actions/drop.zeek diff --git a/scripts/base/frameworks/notice/actions/email_admin.bro b/scripts/base/frameworks/notice/actions/email_admin.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/email_admin.bro rename to scripts/base/frameworks/notice/actions/email_admin.zeek diff --git a/scripts/base/frameworks/notice/actions/page.bro b/scripts/base/frameworks/notice/actions/page.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/page.bro rename to scripts/base/frameworks/notice/actions/page.zeek diff --git a/scripts/base/frameworks/notice/actions/pp-alarms.bro b/scripts/base/frameworks/notice/actions/pp-alarms.zeek similarity index 100% rename from scripts/base/frameworks/notice/actions/pp-alarms.bro rename to scripts/base/frameworks/notice/actions/pp-alarms.zeek diff --git a/scripts/base/frameworks/notice/main.bro b/scripts/base/frameworks/notice/main.zeek similarity index 100% rename from scripts/base/frameworks/notice/main.bro rename to scripts/base/frameworks/notice/main.zeek diff --git a/scripts/base/frameworks/notice/weird.bro b/scripts/base/frameworks/notice/weird.zeek similarity index 100% rename from scripts/base/frameworks/notice/weird.bro rename to scripts/base/frameworks/notice/weird.zeek diff --git a/scripts/base/frameworks/openflow/__load__.bro b/scripts/base/frameworks/openflow/__load__.zeek similarity index 100% rename from scripts/base/frameworks/openflow/__load__.bro rename to scripts/base/frameworks/openflow/__load__.zeek diff --git a/scripts/base/frameworks/openflow/cluster.bro b/scripts/base/frameworks/openflow/cluster.zeek similarity index 100% rename from scripts/base/frameworks/openflow/cluster.bro rename to scripts/base/frameworks/openflow/cluster.zeek diff --git a/scripts/base/frameworks/openflow/consts.bro b/scripts/base/frameworks/openflow/consts.zeek similarity index 100% rename from scripts/base/frameworks/openflow/consts.bro rename to scripts/base/frameworks/openflow/consts.zeek diff --git a/scripts/base/frameworks/openflow/main.bro b/scripts/base/frameworks/openflow/main.zeek similarity index 99% rename from scripts/base/frameworks/openflow/main.bro rename to scripts/base/frameworks/openflow/main.zeek index 5740e90056..ecddea7cb3 100644 --- a/scripts/base/frameworks/openflow/main.bro +++ b/scripts/base/frameworks/openflow/main.zeek @@ -251,7 +251,7 @@ function controller_init_done(controller: Controller) event OpenFlow::controller_activated(controller$state$_name, controller); } -# Functions that are called from cluster.bro and non-cluster.bro +# Functions that are called from cluster.zeek and non-cluster.zeek function register_controller_impl(tpe: OpenFlow::Plugin, name: string, controller: Controller) { diff --git a/scripts/base/frameworks/openflow/non-cluster.bro b/scripts/base/frameworks/openflow/non-cluster.zeek similarity index 100% rename from scripts/base/frameworks/openflow/non-cluster.bro rename to scripts/base/frameworks/openflow/non-cluster.zeek diff --git a/scripts/base/frameworks/openflow/plugins/__load__.bro b/scripts/base/frameworks/openflow/plugins/__load__.zeek similarity index 100% rename from scripts/base/frameworks/openflow/plugins/__load__.bro rename to scripts/base/frameworks/openflow/plugins/__load__.zeek diff --git a/scripts/base/frameworks/openflow/plugins/broker.bro b/scripts/base/frameworks/openflow/plugins/broker.zeek similarity index 100% rename from scripts/base/frameworks/openflow/plugins/broker.bro rename to scripts/base/frameworks/openflow/plugins/broker.zeek diff --git a/scripts/base/frameworks/openflow/plugins/log.bro b/scripts/base/frameworks/openflow/plugins/log.zeek similarity index 100% rename from scripts/base/frameworks/openflow/plugins/log.bro rename to scripts/base/frameworks/openflow/plugins/log.zeek diff --git a/scripts/base/frameworks/openflow/plugins/ryu.bro b/scripts/base/frameworks/openflow/plugins/ryu.zeek similarity index 100% rename from scripts/base/frameworks/openflow/plugins/ryu.bro rename to scripts/base/frameworks/openflow/plugins/ryu.zeek diff --git a/scripts/base/frameworks/openflow/types.bro b/scripts/base/frameworks/openflow/types.zeek similarity index 100% rename from scripts/base/frameworks/openflow/types.bro rename to scripts/base/frameworks/openflow/types.zeek diff --git a/scripts/base/frameworks/packet-filter/__load__.bro b/scripts/base/frameworks/packet-filter/__load__.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/__load__.bro rename to scripts/base/frameworks/packet-filter/__load__.zeek diff --git a/scripts/base/frameworks/packet-filter/cluster.bro b/scripts/base/frameworks/packet-filter/cluster.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/cluster.bro rename to scripts/base/frameworks/packet-filter/cluster.zeek diff --git a/scripts/base/frameworks/packet-filter/main.bro b/scripts/base/frameworks/packet-filter/main.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/main.bro rename to scripts/base/frameworks/packet-filter/main.zeek diff --git a/scripts/base/frameworks/packet-filter/netstats.bro b/scripts/base/frameworks/packet-filter/netstats.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/netstats.bro rename to scripts/base/frameworks/packet-filter/netstats.zeek diff --git a/scripts/base/frameworks/packet-filter/utils.bro b/scripts/base/frameworks/packet-filter/utils.zeek similarity index 100% rename from scripts/base/frameworks/packet-filter/utils.bro rename to scripts/base/frameworks/packet-filter/utils.zeek diff --git a/scripts/base/frameworks/reporter/__load__.bro b/scripts/base/frameworks/reporter/__load__.zeek similarity index 100% rename from scripts/base/frameworks/reporter/__load__.bro rename to scripts/base/frameworks/reporter/__load__.zeek diff --git a/scripts/base/frameworks/reporter/main.bro b/scripts/base/frameworks/reporter/main.zeek similarity index 99% rename from scripts/base/frameworks/reporter/main.bro rename to scripts/base/frameworks/reporter/main.zeek index 8cba29bdc2..ea97048049 100644 --- a/scripts/base/frameworks/reporter/main.bro +++ b/scripts/base/frameworks/reporter/main.zeek @@ -9,7 +9,7 @@ ##! Note that this framework deals with the handling of internally generated ##! reporter messages, for the interface ##! into actually creating reporter messages from the scripting layer, use -##! the built-in functions in :doc:`/scripts/base/bif/reporter.bif.bro`. +##! the built-in functions in :doc:`/scripts/base/bif/reporter.bif.zeek`. module Reporter; diff --git a/scripts/base/frameworks/signatures/__load__.bro b/scripts/base/frameworks/signatures/__load__.zeek similarity index 100% rename from scripts/base/frameworks/signatures/__load__.bro rename to scripts/base/frameworks/signatures/__load__.zeek diff --git a/scripts/base/frameworks/signatures/main.bro b/scripts/base/frameworks/signatures/main.zeek similarity index 100% rename from scripts/base/frameworks/signatures/main.bro rename to scripts/base/frameworks/signatures/main.zeek diff --git a/scripts/base/frameworks/software/__load__.bro b/scripts/base/frameworks/software/__load__.zeek similarity index 100% rename from scripts/base/frameworks/software/__load__.bro rename to scripts/base/frameworks/software/__load__.zeek diff --git a/scripts/base/frameworks/software/main.bro b/scripts/base/frameworks/software/main.zeek similarity index 100% rename from scripts/base/frameworks/software/main.bro rename to scripts/base/frameworks/software/main.zeek diff --git a/scripts/base/frameworks/sumstats/__load__.bro b/scripts/base/frameworks/sumstats/__load__.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/__load__.bro rename to scripts/base/frameworks/sumstats/__load__.zeek diff --git a/scripts/base/frameworks/sumstats/cluster.bro b/scripts/base/frameworks/sumstats/cluster.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/cluster.bro rename to scripts/base/frameworks/sumstats/cluster.zeek diff --git a/scripts/base/frameworks/sumstats/main.bro b/scripts/base/frameworks/sumstats/main.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/main.bro rename to scripts/base/frameworks/sumstats/main.zeek diff --git a/scripts/base/frameworks/sumstats/non-cluster.bro b/scripts/base/frameworks/sumstats/non-cluster.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/non-cluster.bro rename to scripts/base/frameworks/sumstats/non-cluster.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/__load__.bro b/scripts/base/frameworks/sumstats/plugins/__load__.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/__load__.bro rename to scripts/base/frameworks/sumstats/plugins/__load__.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/average.bro b/scripts/base/frameworks/sumstats/plugins/average.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/average.bro rename to scripts/base/frameworks/sumstats/plugins/average.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/hll_unique.bro b/scripts/base/frameworks/sumstats/plugins/hll_unique.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/hll_unique.bro rename to scripts/base/frameworks/sumstats/plugins/hll_unique.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/last.bro b/scripts/base/frameworks/sumstats/plugins/last.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/last.bro rename to scripts/base/frameworks/sumstats/plugins/last.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/max.bro b/scripts/base/frameworks/sumstats/plugins/max.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/max.bro rename to scripts/base/frameworks/sumstats/plugins/max.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/min.bro b/scripts/base/frameworks/sumstats/plugins/min.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/min.bro rename to scripts/base/frameworks/sumstats/plugins/min.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/sample.bro b/scripts/base/frameworks/sumstats/plugins/sample.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/sample.bro rename to scripts/base/frameworks/sumstats/plugins/sample.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/std-dev.bro b/scripts/base/frameworks/sumstats/plugins/std-dev.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/std-dev.bro rename to scripts/base/frameworks/sumstats/plugins/std-dev.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/sum.bro b/scripts/base/frameworks/sumstats/plugins/sum.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/sum.bro rename to scripts/base/frameworks/sumstats/plugins/sum.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/topk.bro b/scripts/base/frameworks/sumstats/plugins/topk.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/topk.bro rename to scripts/base/frameworks/sumstats/plugins/topk.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/unique.bro b/scripts/base/frameworks/sumstats/plugins/unique.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/unique.bro rename to scripts/base/frameworks/sumstats/plugins/unique.zeek diff --git a/scripts/base/frameworks/sumstats/plugins/variance.bro b/scripts/base/frameworks/sumstats/plugins/variance.zeek similarity index 100% rename from scripts/base/frameworks/sumstats/plugins/variance.bro rename to scripts/base/frameworks/sumstats/plugins/variance.zeek diff --git a/scripts/base/frameworks/tunnels/__load__.bro b/scripts/base/frameworks/tunnels/__load__.zeek similarity index 100% rename from scripts/base/frameworks/tunnels/__load__.bro rename to scripts/base/frameworks/tunnels/__load__.zeek diff --git a/scripts/base/frameworks/tunnels/main.bro b/scripts/base/frameworks/tunnels/main.zeek similarity index 100% rename from scripts/base/frameworks/tunnels/main.bro rename to scripts/base/frameworks/tunnels/main.zeek diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.zeek similarity index 99% rename from scripts/base/init-bare.bro rename to scripts/base/init-bare.zeek index 0c32cebcc5..3c1c6f98fb 100644 --- a/scripts/base/init-bare.bro +++ b/scripts/base/init-bare.zeek @@ -480,7 +480,7 @@ type NetStats: record { pkts_dropped: count &default=0; ##< Packets reported dropped by the system. ## Packets seen on the link. Note that this may differ ## from *pkts_recvd* because of a potential capture_filter. See - ## :doc:`/scripts/base/frameworks/packet-filter/main.bro`. Depending on the + ## :doc:`/scripts/base/frameworks/packet-filter/main.zeek`. Depending on the ## packet capture system, this value may not be available and will then ## be always set to zero. pkts_link: count &default=0; @@ -4629,13 +4629,13 @@ const log_max_size = 0.0 &redef; const log_encryption_key = "" &redef; ## Write profiling info into this file in regular intervals. The easiest way to -## activate profiling is loading :doc:`/scripts/policy/misc/profiling.bro`. +## activate profiling is loading :doc:`/scripts/policy/misc/profiling.zeek`. ## ## .. bro:see:: profiling_interval expensive_profiling_multiple segment_profiling global profiling_file: file &redef; ## Update interval for profiling (0 disables). The easiest way to activate -## profiling is loading :doc:`/scripts/policy/misc/profiling.bro`. +## profiling is loading :doc:`/scripts/policy/misc/profiling.zeek`. ## ## .. bro:see:: profiling_file expensive_profiling_multiple segment_profiling const profiling_interval = 0 secs &redef; diff --git a/scripts/base/init-default.bro b/scripts/base/init-default.zeek similarity index 98% rename from scripts/base/init-default.bro rename to scripts/base/init-default.zeek index 463f5c2942..6982b0b2f4 100644 --- a/scripts/base/init-default.bro +++ b/scripts/base/init-default.zeek @@ -25,7 +25,7 @@ @load base/utils/urls # This has some deep interplay between types and BiFs so it's -# loaded in base/init-bare.bro +# loaded in base/init-bare.zeek #@load base/frameworks/logging @load base/frameworks/notice @load base/frameworks/analyzer diff --git a/scripts/base/init-frameworks-and-bifs.bro b/scripts/base/init-frameworks-and-bifs.zeek similarity index 86% rename from scripts/base/init-frameworks-and-bifs.bro rename to scripts/base/init-frameworks-and-bifs.zeek index f772e2d223..19897e7ffb 100644 --- a/scripts/base/init-frameworks-and-bifs.bro +++ b/scripts/base/init-frameworks-and-bifs.zeek @@ -1,7 +1,7 @@ # Load these frameworks here because they use fairly deep integration with # BiFs and script-land defined types. They are also more likely to # make use of calling BIFs for variable initializations, and that -# can't be done until init-bare.bro has been loaded completely (hence +# can't be done until init-bare.zeek has been loaded completely (hence # the separate file). @load base/frameworks/logging @load base/frameworks/broker diff --git a/scripts/base/misc/find-checksum-offloading.bro b/scripts/base/misc/find-checksum-offloading.zeek similarity index 100% rename from scripts/base/misc/find-checksum-offloading.bro rename to scripts/base/misc/find-checksum-offloading.zeek diff --git a/scripts/base/misc/find-filtered-trace.bro b/scripts/base/misc/find-filtered-trace.zeek similarity index 100% rename from scripts/base/misc/find-filtered-trace.bro rename to scripts/base/misc/find-filtered-trace.zeek diff --git a/scripts/base/misc/version.bro b/scripts/base/misc/version.zeek similarity index 100% rename from scripts/base/misc/version.bro rename to scripts/base/misc/version.zeek diff --git a/scripts/base/protocols/conn/__load__.bro b/scripts/base/protocols/conn/__load__.zeek similarity index 100% rename from scripts/base/protocols/conn/__load__.bro rename to scripts/base/protocols/conn/__load__.zeek diff --git a/scripts/base/protocols/conn/contents.bro b/scripts/base/protocols/conn/contents.zeek similarity index 100% rename from scripts/base/protocols/conn/contents.bro rename to scripts/base/protocols/conn/contents.zeek diff --git a/scripts/base/protocols/conn/inactivity.bro b/scripts/base/protocols/conn/inactivity.zeek similarity index 100% rename from scripts/base/protocols/conn/inactivity.bro rename to scripts/base/protocols/conn/inactivity.zeek diff --git a/scripts/base/protocols/conn/main.bro b/scripts/base/protocols/conn/main.zeek similarity index 100% rename from scripts/base/protocols/conn/main.bro rename to scripts/base/protocols/conn/main.zeek diff --git a/scripts/base/protocols/conn/polling.bro b/scripts/base/protocols/conn/polling.zeek similarity index 100% rename from scripts/base/protocols/conn/polling.bro rename to scripts/base/protocols/conn/polling.zeek diff --git a/scripts/base/protocols/conn/thresholds.bro b/scripts/base/protocols/conn/thresholds.zeek similarity index 100% rename from scripts/base/protocols/conn/thresholds.bro rename to scripts/base/protocols/conn/thresholds.zeek diff --git a/scripts/base/protocols/dce-rpc/__load__.bro b/scripts/base/protocols/dce-rpc/__load__.zeek similarity index 100% rename from scripts/base/protocols/dce-rpc/__load__.bro rename to scripts/base/protocols/dce-rpc/__load__.zeek diff --git a/scripts/base/protocols/dce-rpc/consts.bro b/scripts/base/protocols/dce-rpc/consts.zeek similarity index 100% rename from scripts/base/protocols/dce-rpc/consts.bro rename to scripts/base/protocols/dce-rpc/consts.zeek diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.zeek similarity index 100% rename from scripts/base/protocols/dce-rpc/main.bro rename to scripts/base/protocols/dce-rpc/main.zeek diff --git a/scripts/base/protocols/dhcp/__load__.bro b/scripts/base/protocols/dhcp/__load__.zeek similarity index 100% rename from scripts/base/protocols/dhcp/__load__.bro rename to scripts/base/protocols/dhcp/__load__.zeek diff --git a/scripts/base/protocols/dhcp/consts.bro b/scripts/base/protocols/dhcp/consts.zeek similarity index 100% rename from scripts/base/protocols/dhcp/consts.bro rename to scripts/base/protocols/dhcp/consts.zeek diff --git a/scripts/base/protocols/dhcp/main.bro b/scripts/base/protocols/dhcp/main.zeek similarity index 100% rename from scripts/base/protocols/dhcp/main.bro rename to scripts/base/protocols/dhcp/main.zeek diff --git a/scripts/base/protocols/dnp3/__load__.bro b/scripts/base/protocols/dnp3/__load__.zeek similarity index 100% rename from scripts/base/protocols/dnp3/__load__.bro rename to scripts/base/protocols/dnp3/__load__.zeek diff --git a/scripts/base/protocols/dnp3/consts.bro b/scripts/base/protocols/dnp3/consts.zeek similarity index 100% rename from scripts/base/protocols/dnp3/consts.bro rename to scripts/base/protocols/dnp3/consts.zeek diff --git a/scripts/base/protocols/dnp3/main.bro b/scripts/base/protocols/dnp3/main.zeek similarity index 100% rename from scripts/base/protocols/dnp3/main.bro rename to scripts/base/protocols/dnp3/main.zeek diff --git a/scripts/base/protocols/dns/__load__.bro b/scripts/base/protocols/dns/__load__.zeek similarity index 100% rename from scripts/base/protocols/dns/__load__.bro rename to scripts/base/protocols/dns/__load__.zeek diff --git a/scripts/base/protocols/dns/consts.bro b/scripts/base/protocols/dns/consts.zeek similarity index 100% rename from scripts/base/protocols/dns/consts.bro rename to scripts/base/protocols/dns/consts.zeek diff --git a/scripts/base/protocols/dns/main.bro b/scripts/base/protocols/dns/main.zeek similarity index 100% rename from scripts/base/protocols/dns/main.bro rename to scripts/base/protocols/dns/main.zeek diff --git a/scripts/base/protocols/ftp/__load__.bro b/scripts/base/protocols/ftp/__load__.zeek similarity index 100% rename from scripts/base/protocols/ftp/__load__.bro rename to scripts/base/protocols/ftp/__load__.zeek diff --git a/scripts/base/protocols/ftp/files.bro b/scripts/base/protocols/ftp/files.zeek similarity index 100% rename from scripts/base/protocols/ftp/files.bro rename to scripts/base/protocols/ftp/files.zeek diff --git a/scripts/base/protocols/ftp/gridftp.bro b/scripts/base/protocols/ftp/gridftp.zeek similarity index 100% rename from scripts/base/protocols/ftp/gridftp.bro rename to scripts/base/protocols/ftp/gridftp.zeek diff --git a/scripts/base/protocols/ftp/info.bro b/scripts/base/protocols/ftp/info.zeek similarity index 100% rename from scripts/base/protocols/ftp/info.bro rename to scripts/base/protocols/ftp/info.zeek diff --git a/scripts/base/protocols/ftp/main.bro b/scripts/base/protocols/ftp/main.zeek similarity index 100% rename from scripts/base/protocols/ftp/main.bro rename to scripts/base/protocols/ftp/main.zeek diff --git a/scripts/base/protocols/ftp/utils-commands.bro b/scripts/base/protocols/ftp/utils-commands.zeek similarity index 100% rename from scripts/base/protocols/ftp/utils-commands.bro rename to scripts/base/protocols/ftp/utils-commands.zeek diff --git a/scripts/base/protocols/ftp/utils.bro b/scripts/base/protocols/ftp/utils.zeek similarity index 100% rename from scripts/base/protocols/ftp/utils.bro rename to scripts/base/protocols/ftp/utils.zeek diff --git a/scripts/base/protocols/http/__load__.bro b/scripts/base/protocols/http/__load__.zeek similarity index 100% rename from scripts/base/protocols/http/__load__.bro rename to scripts/base/protocols/http/__load__.zeek diff --git a/scripts/base/protocols/http/entities.bro b/scripts/base/protocols/http/entities.zeek similarity index 100% rename from scripts/base/protocols/http/entities.bro rename to scripts/base/protocols/http/entities.zeek diff --git a/scripts/base/protocols/http/files.bro b/scripts/base/protocols/http/files.zeek similarity index 100% rename from scripts/base/protocols/http/files.bro rename to scripts/base/protocols/http/files.zeek diff --git a/scripts/base/protocols/http/main.bro b/scripts/base/protocols/http/main.zeek similarity index 100% rename from scripts/base/protocols/http/main.bro rename to scripts/base/protocols/http/main.zeek diff --git a/scripts/base/protocols/http/utils.bro b/scripts/base/protocols/http/utils.zeek similarity index 100% rename from scripts/base/protocols/http/utils.bro rename to scripts/base/protocols/http/utils.zeek diff --git a/scripts/base/protocols/imap/__load__.bro b/scripts/base/protocols/imap/__load__.zeek similarity index 100% rename from scripts/base/protocols/imap/__load__.bro rename to scripts/base/protocols/imap/__load__.zeek diff --git a/scripts/base/protocols/imap/main.bro b/scripts/base/protocols/imap/main.zeek similarity index 100% rename from scripts/base/protocols/imap/main.bro rename to scripts/base/protocols/imap/main.zeek diff --git a/scripts/base/protocols/irc/__load__.bro b/scripts/base/protocols/irc/__load__.zeek similarity index 100% rename from scripts/base/protocols/irc/__load__.bro rename to scripts/base/protocols/irc/__load__.zeek diff --git a/scripts/base/protocols/irc/dcc-send.bro b/scripts/base/protocols/irc/dcc-send.zeek similarity index 100% rename from scripts/base/protocols/irc/dcc-send.bro rename to scripts/base/protocols/irc/dcc-send.zeek diff --git a/scripts/base/protocols/irc/files.bro b/scripts/base/protocols/irc/files.zeek similarity index 100% rename from scripts/base/protocols/irc/files.bro rename to scripts/base/protocols/irc/files.zeek diff --git a/scripts/base/protocols/irc/main.bro b/scripts/base/protocols/irc/main.zeek similarity index 100% rename from scripts/base/protocols/irc/main.bro rename to scripts/base/protocols/irc/main.zeek diff --git a/scripts/base/protocols/krb/__load__.bro b/scripts/base/protocols/krb/__load__.zeek similarity index 100% rename from scripts/base/protocols/krb/__load__.bro rename to scripts/base/protocols/krb/__load__.zeek diff --git a/scripts/base/protocols/krb/consts.bro b/scripts/base/protocols/krb/consts.zeek similarity index 100% rename from scripts/base/protocols/krb/consts.bro rename to scripts/base/protocols/krb/consts.zeek diff --git a/scripts/base/protocols/krb/files.bro b/scripts/base/protocols/krb/files.zeek similarity index 100% rename from scripts/base/protocols/krb/files.bro rename to scripts/base/protocols/krb/files.zeek diff --git a/scripts/base/protocols/krb/main.bro b/scripts/base/protocols/krb/main.zeek similarity index 100% rename from scripts/base/protocols/krb/main.bro rename to scripts/base/protocols/krb/main.zeek diff --git a/scripts/base/protocols/modbus/__load__.bro b/scripts/base/protocols/modbus/__load__.zeek similarity index 100% rename from scripts/base/protocols/modbus/__load__.bro rename to scripts/base/protocols/modbus/__load__.zeek diff --git a/scripts/base/protocols/modbus/consts.bro b/scripts/base/protocols/modbus/consts.zeek similarity index 100% rename from scripts/base/protocols/modbus/consts.bro rename to scripts/base/protocols/modbus/consts.zeek diff --git a/scripts/base/protocols/modbus/main.bro b/scripts/base/protocols/modbus/main.zeek similarity index 100% rename from scripts/base/protocols/modbus/main.bro rename to scripts/base/protocols/modbus/main.zeek diff --git a/scripts/base/protocols/mysql/__load__.bro b/scripts/base/protocols/mysql/__load__.zeek similarity index 100% rename from scripts/base/protocols/mysql/__load__.bro rename to scripts/base/protocols/mysql/__load__.zeek diff --git a/scripts/base/protocols/mysql/consts.bro b/scripts/base/protocols/mysql/consts.zeek similarity index 100% rename from scripts/base/protocols/mysql/consts.bro rename to scripts/base/protocols/mysql/consts.zeek diff --git a/scripts/base/protocols/mysql/main.bro b/scripts/base/protocols/mysql/main.zeek similarity index 100% rename from scripts/base/protocols/mysql/main.bro rename to scripts/base/protocols/mysql/main.zeek diff --git a/scripts/base/protocols/ntlm/__load__.bro b/scripts/base/protocols/ntlm/__load__.zeek similarity index 100% rename from scripts/base/protocols/ntlm/__load__.bro rename to scripts/base/protocols/ntlm/__load__.zeek diff --git a/scripts/base/protocols/ntlm/main.bro b/scripts/base/protocols/ntlm/main.zeek similarity index 100% rename from scripts/base/protocols/ntlm/main.bro rename to scripts/base/protocols/ntlm/main.zeek diff --git a/scripts/base/protocols/pop3/__load__.bro b/scripts/base/protocols/pop3/__load__.zeek similarity index 100% rename from scripts/base/protocols/pop3/__load__.bro rename to scripts/base/protocols/pop3/__load__.zeek diff --git a/scripts/base/protocols/radius/__load__.bro b/scripts/base/protocols/radius/__load__.zeek similarity index 100% rename from scripts/base/protocols/radius/__load__.bro rename to scripts/base/protocols/radius/__load__.zeek diff --git a/scripts/base/protocols/radius/consts.bro b/scripts/base/protocols/radius/consts.zeek similarity index 100% rename from scripts/base/protocols/radius/consts.bro rename to scripts/base/protocols/radius/consts.zeek diff --git a/scripts/base/protocols/radius/main.bro b/scripts/base/protocols/radius/main.zeek similarity index 100% rename from scripts/base/protocols/radius/main.bro rename to scripts/base/protocols/radius/main.zeek diff --git a/scripts/base/protocols/rdp/__load__.bro b/scripts/base/protocols/rdp/__load__.zeek similarity index 100% rename from scripts/base/protocols/rdp/__load__.bro rename to scripts/base/protocols/rdp/__load__.zeek diff --git a/scripts/base/protocols/rdp/consts.bro b/scripts/base/protocols/rdp/consts.zeek similarity index 100% rename from scripts/base/protocols/rdp/consts.bro rename to scripts/base/protocols/rdp/consts.zeek diff --git a/scripts/base/protocols/rdp/main.bro b/scripts/base/protocols/rdp/main.zeek similarity index 100% rename from scripts/base/protocols/rdp/main.bro rename to scripts/base/protocols/rdp/main.zeek diff --git a/scripts/base/protocols/rfb/__load__.bro b/scripts/base/protocols/rfb/__load__.zeek similarity index 100% rename from scripts/base/protocols/rfb/__load__.bro rename to scripts/base/protocols/rfb/__load__.zeek diff --git a/scripts/base/protocols/rfb/main.bro b/scripts/base/protocols/rfb/main.zeek similarity index 100% rename from scripts/base/protocols/rfb/main.bro rename to scripts/base/protocols/rfb/main.zeek diff --git a/scripts/base/protocols/sip/__load__.bro b/scripts/base/protocols/sip/__load__.zeek similarity index 100% rename from scripts/base/protocols/sip/__load__.bro rename to scripts/base/protocols/sip/__load__.zeek diff --git a/scripts/base/protocols/sip/main.bro b/scripts/base/protocols/sip/main.zeek similarity index 100% rename from scripts/base/protocols/sip/main.bro rename to scripts/base/protocols/sip/main.zeek diff --git a/scripts/base/protocols/smb/__load__.bro b/scripts/base/protocols/smb/__load__.zeek similarity index 100% rename from scripts/base/protocols/smb/__load__.bro rename to scripts/base/protocols/smb/__load__.zeek diff --git a/scripts/base/protocols/smb/const-dos-error.bro b/scripts/base/protocols/smb/const-dos-error.zeek similarity index 100% rename from scripts/base/protocols/smb/const-dos-error.bro rename to scripts/base/protocols/smb/const-dos-error.zeek diff --git a/scripts/base/protocols/smb/const-nt-status.bro b/scripts/base/protocols/smb/const-nt-status.zeek similarity index 100% rename from scripts/base/protocols/smb/const-nt-status.bro rename to scripts/base/protocols/smb/const-nt-status.zeek diff --git a/scripts/base/protocols/smb/consts.bro b/scripts/base/protocols/smb/consts.zeek similarity index 99% rename from scripts/base/protocols/smb/consts.bro rename to scripts/base/protocols/smb/consts.zeek index f36d029be9..32a03dd17d 100644 --- a/scripts/base/protocols/smb/consts.bro +++ b/scripts/base/protocols/smb/consts.zeek @@ -12,7 +12,7 @@ export { ## Heuristic detection of named pipes when the pipe ## mapping isn't seen. This variable is defined in - ## init-bare.bro. + ## init-bare.zeek. redef SMB::pipe_filenames = { "spoolss", "winreg", diff --git a/scripts/base/protocols/smb/files.bro b/scripts/base/protocols/smb/files.zeek similarity index 100% rename from scripts/base/protocols/smb/files.bro rename to scripts/base/protocols/smb/files.zeek diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.zeek similarity index 100% rename from scripts/base/protocols/smb/main.bro rename to scripts/base/protocols/smb/main.zeek diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.zeek similarity index 100% rename from scripts/base/protocols/smb/smb1-main.bro rename to scripts/base/protocols/smb/smb1-main.zeek diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.zeek similarity index 100% rename from scripts/base/protocols/smb/smb2-main.bro rename to scripts/base/protocols/smb/smb2-main.zeek diff --git a/scripts/base/protocols/smtp/__load__.bro b/scripts/base/protocols/smtp/__load__.zeek similarity index 100% rename from scripts/base/protocols/smtp/__load__.bro rename to scripts/base/protocols/smtp/__load__.zeek diff --git a/scripts/base/protocols/smtp/entities.bro b/scripts/base/protocols/smtp/entities.zeek similarity index 100% rename from scripts/base/protocols/smtp/entities.bro rename to scripts/base/protocols/smtp/entities.zeek diff --git a/scripts/base/protocols/smtp/files.bro b/scripts/base/protocols/smtp/files.zeek similarity index 100% rename from scripts/base/protocols/smtp/files.bro rename to scripts/base/protocols/smtp/files.zeek diff --git a/scripts/base/protocols/smtp/main.bro b/scripts/base/protocols/smtp/main.zeek similarity index 100% rename from scripts/base/protocols/smtp/main.bro rename to scripts/base/protocols/smtp/main.zeek diff --git a/scripts/base/protocols/snmp/__load__.bro b/scripts/base/protocols/snmp/__load__.zeek similarity index 100% rename from scripts/base/protocols/snmp/__load__.bro rename to scripts/base/protocols/snmp/__load__.zeek diff --git a/scripts/base/protocols/snmp/main.bro b/scripts/base/protocols/snmp/main.zeek similarity index 100% rename from scripts/base/protocols/snmp/main.bro rename to scripts/base/protocols/snmp/main.zeek diff --git a/scripts/base/protocols/socks/__load__.bro b/scripts/base/protocols/socks/__load__.zeek similarity index 100% rename from scripts/base/protocols/socks/__load__.bro rename to scripts/base/protocols/socks/__load__.zeek diff --git a/scripts/base/protocols/socks/consts.bro b/scripts/base/protocols/socks/consts.zeek similarity index 100% rename from scripts/base/protocols/socks/consts.bro rename to scripts/base/protocols/socks/consts.zeek diff --git a/scripts/base/protocols/socks/main.bro b/scripts/base/protocols/socks/main.zeek similarity index 100% rename from scripts/base/protocols/socks/main.bro rename to scripts/base/protocols/socks/main.zeek diff --git a/scripts/base/protocols/ssh/__load__.bro b/scripts/base/protocols/ssh/__load__.zeek similarity index 100% rename from scripts/base/protocols/ssh/__load__.bro rename to scripts/base/protocols/ssh/__load__.zeek diff --git a/scripts/base/protocols/ssh/main.bro b/scripts/base/protocols/ssh/main.zeek similarity index 100% rename from scripts/base/protocols/ssh/main.bro rename to scripts/base/protocols/ssh/main.zeek diff --git a/scripts/base/protocols/ssl/__load__.bro b/scripts/base/protocols/ssl/__load__.zeek similarity index 100% rename from scripts/base/protocols/ssl/__load__.bro rename to scripts/base/protocols/ssl/__load__.zeek diff --git a/scripts/base/protocols/ssl/consts.bro b/scripts/base/protocols/ssl/consts.zeek similarity index 100% rename from scripts/base/protocols/ssl/consts.bro rename to scripts/base/protocols/ssl/consts.zeek diff --git a/scripts/base/protocols/ssl/ct-list.bro b/scripts/base/protocols/ssl/ct-list.zeek similarity index 100% rename from scripts/base/protocols/ssl/ct-list.bro rename to scripts/base/protocols/ssl/ct-list.zeek diff --git a/scripts/base/protocols/ssl/files.bro b/scripts/base/protocols/ssl/files.zeek similarity index 100% rename from scripts/base/protocols/ssl/files.bro rename to scripts/base/protocols/ssl/files.zeek diff --git a/scripts/base/protocols/ssl/main.bro b/scripts/base/protocols/ssl/main.zeek similarity index 99% rename from scripts/base/protocols/ssl/main.bro rename to scripts/base/protocols/ssl/main.zeek index 8abb6e1d3f..73a8639891 100644 --- a/scripts/base/protocols/ssl/main.bro +++ b/scripts/base/protocols/ssl/main.zeek @@ -69,7 +69,7 @@ export { logged: bool &default=F; }; - ## The default root CA bundle. By default, the mozilla-ca-list.bro + ## The default root CA bundle. By default, the mozilla-ca-list.zeek ## script sets this to Mozilla's root CA list. const root_certs: table[string] of string = {} &redef; @@ -88,7 +88,7 @@ export { url: string; }; - ## The Certificate Transparency log bundle. By default, the ct-list.bro + ## The Certificate Transparency log bundle. By default, the ct-list.zeek ## script sets this to the current list of known logs. Entries ## are indexed by (binary) log-id. option ct_logs: table[string] of CTInfo = {}; diff --git a/scripts/base/protocols/ssl/mozilla-ca-list.bro b/scripts/base/protocols/ssl/mozilla-ca-list.zeek similarity index 100% rename from scripts/base/protocols/ssl/mozilla-ca-list.bro rename to scripts/base/protocols/ssl/mozilla-ca-list.zeek diff --git a/scripts/base/protocols/syslog/__load__.bro b/scripts/base/protocols/syslog/__load__.zeek similarity index 100% rename from scripts/base/protocols/syslog/__load__.bro rename to scripts/base/protocols/syslog/__load__.zeek diff --git a/scripts/base/protocols/syslog/consts.bro b/scripts/base/protocols/syslog/consts.zeek similarity index 100% rename from scripts/base/protocols/syslog/consts.bro rename to scripts/base/protocols/syslog/consts.zeek diff --git a/scripts/base/protocols/syslog/main.bro b/scripts/base/protocols/syslog/main.zeek similarity index 100% rename from scripts/base/protocols/syslog/main.bro rename to scripts/base/protocols/syslog/main.zeek diff --git a/scripts/base/protocols/tunnels/__load__.bro b/scripts/base/protocols/tunnels/__load__.zeek similarity index 100% rename from scripts/base/protocols/tunnels/__load__.bro rename to scripts/base/protocols/tunnels/__load__.zeek diff --git a/scripts/base/protocols/xmpp/__load__.bro b/scripts/base/protocols/xmpp/__load__.zeek similarity index 100% rename from scripts/base/protocols/xmpp/__load__.bro rename to scripts/base/protocols/xmpp/__load__.zeek diff --git a/scripts/base/protocols/xmpp/main.bro b/scripts/base/protocols/xmpp/main.zeek similarity index 100% rename from scripts/base/protocols/xmpp/main.bro rename to scripts/base/protocols/xmpp/main.zeek diff --git a/scripts/base/utils/active-http.bro b/scripts/base/utils/active-http.zeek similarity index 100% rename from scripts/base/utils/active-http.bro rename to scripts/base/utils/active-http.zeek diff --git a/scripts/base/utils/addrs.bro b/scripts/base/utils/addrs.zeek similarity index 100% rename from scripts/base/utils/addrs.bro rename to scripts/base/utils/addrs.zeek diff --git a/scripts/base/utils/conn-ids.bro b/scripts/base/utils/conn-ids.zeek similarity index 100% rename from scripts/base/utils/conn-ids.bro rename to scripts/base/utils/conn-ids.zeek diff --git a/scripts/base/utils/dir.bro b/scripts/base/utils/dir.zeek similarity index 100% rename from scripts/base/utils/dir.bro rename to scripts/base/utils/dir.zeek diff --git a/scripts/base/utils/directions-and-hosts.bro b/scripts/base/utils/directions-and-hosts.zeek similarity index 100% rename from scripts/base/utils/directions-and-hosts.bro rename to scripts/base/utils/directions-and-hosts.zeek diff --git a/scripts/base/utils/email.bro b/scripts/base/utils/email.zeek similarity index 100% rename from scripts/base/utils/email.bro rename to scripts/base/utils/email.zeek diff --git a/scripts/base/utils/exec.bro b/scripts/base/utils/exec.zeek similarity index 100% rename from scripts/base/utils/exec.bro rename to scripts/base/utils/exec.zeek diff --git a/scripts/base/utils/files.bro b/scripts/base/utils/files.zeek similarity index 100% rename from scripts/base/utils/files.bro rename to scripts/base/utils/files.zeek diff --git a/scripts/base/utils/geoip-distance.bro b/scripts/base/utils/geoip-distance.zeek similarity index 100% rename from scripts/base/utils/geoip-distance.bro rename to scripts/base/utils/geoip-distance.zeek diff --git a/scripts/base/utils/hash_hrw.bro b/scripts/base/utils/hash_hrw.zeek similarity index 100% rename from scripts/base/utils/hash_hrw.bro rename to scripts/base/utils/hash_hrw.zeek diff --git a/scripts/base/utils/json.bro b/scripts/base/utils/json.zeek similarity index 100% rename from scripts/base/utils/json.bro rename to scripts/base/utils/json.zeek diff --git a/scripts/base/utils/numbers.bro b/scripts/base/utils/numbers.zeek similarity index 100% rename from scripts/base/utils/numbers.bro rename to scripts/base/utils/numbers.zeek diff --git a/scripts/base/utils/paths.bro b/scripts/base/utils/paths.zeek similarity index 100% rename from scripts/base/utils/paths.bro rename to scripts/base/utils/paths.zeek diff --git a/scripts/base/utils/patterns.bro b/scripts/base/utils/patterns.zeek similarity index 100% rename from scripts/base/utils/patterns.bro rename to scripts/base/utils/patterns.zeek diff --git a/scripts/base/utils/queue.bro b/scripts/base/utils/queue.zeek similarity index 100% rename from scripts/base/utils/queue.bro rename to scripts/base/utils/queue.zeek diff --git a/scripts/base/utils/site.bro b/scripts/base/utils/site.zeek similarity index 100% rename from scripts/base/utils/site.bro rename to scripts/base/utils/site.zeek diff --git a/scripts/base/utils/strings.bro b/scripts/base/utils/strings.zeek similarity index 100% rename from scripts/base/utils/strings.bro rename to scripts/base/utils/strings.zeek diff --git a/scripts/base/utils/thresholds.bro b/scripts/base/utils/thresholds.zeek similarity index 100% rename from scripts/base/utils/thresholds.bro rename to scripts/base/utils/thresholds.zeek diff --git a/scripts/base/utils/time.bro b/scripts/base/utils/time.zeek similarity index 100% rename from scripts/base/utils/time.bro rename to scripts/base/utils/time.zeek diff --git a/scripts/base/utils/urls.bro b/scripts/base/utils/urls.zeek similarity index 100% rename from scripts/base/utils/urls.bro rename to scripts/base/utils/urls.zeek diff --git a/scripts/broxygen/__load__.bro b/scripts/broxygen/__load__.bro deleted file mode 100644 index 5d4ac5ea03..0000000000 --- a/scripts/broxygen/__load__.bro +++ /dev/null @@ -1,17 +0,0 @@ -@load test-all-policy.bro - -# Scripts which are commented out in test-all-policy.bro. -@load protocols/ssl/notary.bro -@load frameworks/control/controllee.bro -@load frameworks/control/controller.bro -@load frameworks/files/extract-all-files.bro -@load policy/misc/dump-events.bro -@load policy/protocols/dhcp/deprecated_events.bro -@load policy/protocols/smb/__load__.bro - -@load ./example.bro - -event bro_init() - { - terminate(); - } diff --git a/scripts/broxygen/__load__.zeek b/scripts/broxygen/__load__.zeek new file mode 100644 index 0000000000..51e119a2c6 --- /dev/null +++ b/scripts/broxygen/__load__.zeek @@ -0,0 +1,17 @@ +@load test-all-policy.zeek + +# Scripts which are commented out in test-all-policy.zeek. +@load protocols/ssl/notary.zeek +@load frameworks/control/controllee.zeek +@load frameworks/control/controller.zeek +@load frameworks/files/extract-all-files.zeek +@load policy/misc/dump-events.zeek +@load policy/protocols/dhcp/deprecated_events.zeek +@load policy/protocols/smb/__load__.zeek + +@load ./example.zeek + +event bro_init() + { + terminate(); + } diff --git a/scripts/broxygen/example.bro b/scripts/broxygen/example.zeek similarity index 100% rename from scripts/broxygen/example.bro rename to scripts/broxygen/example.zeek diff --git a/scripts/policy/files/x509/log-ocsp.bro b/scripts/policy/files/x509/log-ocsp.zeek similarity index 100% rename from scripts/policy/files/x509/log-ocsp.bro rename to scripts/policy/files/x509/log-ocsp.zeek diff --git a/scripts/policy/frameworks/control/controllee.bro b/scripts/policy/frameworks/control/controllee.zeek similarity index 100% rename from scripts/policy/frameworks/control/controllee.bro rename to scripts/policy/frameworks/control/controllee.zeek diff --git a/scripts/policy/frameworks/control/controller.bro b/scripts/policy/frameworks/control/controller.zeek similarity index 100% rename from scripts/policy/frameworks/control/controller.bro rename to scripts/policy/frameworks/control/controller.zeek diff --git a/scripts/policy/frameworks/dpd/detect-protocols.bro b/scripts/policy/frameworks/dpd/detect-protocols.zeek similarity index 100% rename from scripts/policy/frameworks/dpd/detect-protocols.bro rename to scripts/policy/frameworks/dpd/detect-protocols.zeek diff --git a/scripts/policy/frameworks/dpd/packet-segment-logging.bro b/scripts/policy/frameworks/dpd/packet-segment-logging.zeek similarity index 100% rename from scripts/policy/frameworks/dpd/packet-segment-logging.bro rename to scripts/policy/frameworks/dpd/packet-segment-logging.zeek diff --git a/scripts/policy/frameworks/files/detect-MHR.bro b/scripts/policy/frameworks/files/detect-MHR.zeek similarity index 100% rename from scripts/policy/frameworks/files/detect-MHR.bro rename to scripts/policy/frameworks/files/detect-MHR.zeek diff --git a/scripts/policy/frameworks/files/entropy-test-all-files.bro b/scripts/policy/frameworks/files/entropy-test-all-files.zeek similarity index 100% rename from scripts/policy/frameworks/files/entropy-test-all-files.bro rename to scripts/policy/frameworks/files/entropy-test-all-files.zeek diff --git a/scripts/policy/frameworks/files/extract-all-files.bro b/scripts/policy/frameworks/files/extract-all-files.zeek similarity index 100% rename from scripts/policy/frameworks/files/extract-all-files.bro rename to scripts/policy/frameworks/files/extract-all-files.zeek diff --git a/scripts/policy/frameworks/files/hash-all-files.bro b/scripts/policy/frameworks/files/hash-all-files.zeek similarity index 100% rename from scripts/policy/frameworks/files/hash-all-files.bro rename to scripts/policy/frameworks/files/hash-all-files.zeek diff --git a/scripts/policy/frameworks/intel/do_expire.bro b/scripts/policy/frameworks/intel/do_expire.zeek similarity index 100% rename from scripts/policy/frameworks/intel/do_expire.bro rename to scripts/policy/frameworks/intel/do_expire.zeek diff --git a/scripts/policy/frameworks/intel/do_notice.bro b/scripts/policy/frameworks/intel/do_notice.zeek similarity index 100% rename from scripts/policy/frameworks/intel/do_notice.bro rename to scripts/policy/frameworks/intel/do_notice.zeek diff --git a/scripts/policy/frameworks/intel/removal.bro b/scripts/policy/frameworks/intel/removal.zeek similarity index 100% rename from scripts/policy/frameworks/intel/removal.bro rename to scripts/policy/frameworks/intel/removal.zeek diff --git a/scripts/policy/frameworks/intel/seen/__load__.bro b/scripts/policy/frameworks/intel/seen/__load__.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/__load__.bro rename to scripts/policy/frameworks/intel/seen/__load__.zeek diff --git a/scripts/policy/frameworks/intel/seen/conn-established.bro b/scripts/policy/frameworks/intel/seen/conn-established.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/conn-established.bro rename to scripts/policy/frameworks/intel/seen/conn-established.zeek diff --git a/scripts/policy/frameworks/intel/seen/dns.bro b/scripts/policy/frameworks/intel/seen/dns.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/dns.bro rename to scripts/policy/frameworks/intel/seen/dns.zeek diff --git a/scripts/policy/frameworks/intel/seen/file-hashes.bro b/scripts/policy/frameworks/intel/seen/file-hashes.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/file-hashes.bro rename to scripts/policy/frameworks/intel/seen/file-hashes.zeek diff --git a/scripts/policy/frameworks/intel/seen/file-names.bro b/scripts/policy/frameworks/intel/seen/file-names.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/file-names.bro rename to scripts/policy/frameworks/intel/seen/file-names.zeek diff --git a/scripts/policy/frameworks/intel/seen/http-headers.bro b/scripts/policy/frameworks/intel/seen/http-headers.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/http-headers.bro rename to scripts/policy/frameworks/intel/seen/http-headers.zeek diff --git a/scripts/policy/frameworks/intel/seen/http-url.bro b/scripts/policy/frameworks/intel/seen/http-url.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/http-url.bro rename to scripts/policy/frameworks/intel/seen/http-url.zeek diff --git a/scripts/policy/frameworks/intel/seen/pubkey-hashes.bro b/scripts/policy/frameworks/intel/seen/pubkey-hashes.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/pubkey-hashes.bro rename to scripts/policy/frameworks/intel/seen/pubkey-hashes.zeek diff --git a/scripts/policy/frameworks/intel/seen/smb-filenames.bro b/scripts/policy/frameworks/intel/seen/smb-filenames.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/smb-filenames.bro rename to scripts/policy/frameworks/intel/seen/smb-filenames.zeek diff --git a/scripts/policy/frameworks/intel/seen/smtp-url-extraction.bro b/scripts/policy/frameworks/intel/seen/smtp-url-extraction.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/smtp-url-extraction.bro rename to scripts/policy/frameworks/intel/seen/smtp-url-extraction.zeek diff --git a/scripts/policy/frameworks/intel/seen/smtp.bro b/scripts/policy/frameworks/intel/seen/smtp.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/smtp.bro rename to scripts/policy/frameworks/intel/seen/smtp.zeek diff --git a/scripts/policy/frameworks/intel/seen/ssl.bro b/scripts/policy/frameworks/intel/seen/ssl.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/ssl.bro rename to scripts/policy/frameworks/intel/seen/ssl.zeek diff --git a/scripts/policy/frameworks/intel/seen/where-locations.bro b/scripts/policy/frameworks/intel/seen/where-locations.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/where-locations.bro rename to scripts/policy/frameworks/intel/seen/where-locations.zeek diff --git a/scripts/policy/frameworks/intel/seen/x509.bro b/scripts/policy/frameworks/intel/seen/x509.zeek similarity index 100% rename from scripts/policy/frameworks/intel/seen/x509.bro rename to scripts/policy/frameworks/intel/seen/x509.zeek diff --git a/scripts/policy/frameworks/intel/whitelist.bro b/scripts/policy/frameworks/intel/whitelist.zeek similarity index 100% rename from scripts/policy/frameworks/intel/whitelist.bro rename to scripts/policy/frameworks/intel/whitelist.zeek diff --git a/scripts/policy/frameworks/notice/__load__.bro b/scripts/policy/frameworks/notice/__load__.zeek similarity index 100% rename from scripts/policy/frameworks/notice/__load__.bro rename to scripts/policy/frameworks/notice/__load__.zeek diff --git a/scripts/policy/frameworks/notice/extend-email/hostnames.bro b/scripts/policy/frameworks/notice/extend-email/hostnames.zeek similarity index 100% rename from scripts/policy/frameworks/notice/extend-email/hostnames.bro rename to scripts/policy/frameworks/notice/extend-email/hostnames.zeek diff --git a/scripts/policy/frameworks/packet-filter/shunt.bro b/scripts/policy/frameworks/packet-filter/shunt.zeek similarity index 100% rename from scripts/policy/frameworks/packet-filter/shunt.bro rename to scripts/policy/frameworks/packet-filter/shunt.zeek diff --git a/scripts/policy/frameworks/software/version-changes.bro b/scripts/policy/frameworks/software/version-changes.zeek similarity index 100% rename from scripts/policy/frameworks/software/version-changes.bro rename to scripts/policy/frameworks/software/version-changes.zeek diff --git a/scripts/policy/frameworks/software/vulnerable.bro b/scripts/policy/frameworks/software/vulnerable.zeek similarity index 100% rename from scripts/policy/frameworks/software/vulnerable.bro rename to scripts/policy/frameworks/software/vulnerable.zeek diff --git a/scripts/policy/frameworks/software/windows-version-detection.bro b/scripts/policy/frameworks/software/windows-version-detection.zeek similarity index 100% rename from scripts/policy/frameworks/software/windows-version-detection.bro rename to scripts/policy/frameworks/software/windows-version-detection.zeek diff --git a/scripts/policy/integration/barnyard2/__load__.bro b/scripts/policy/integration/barnyard2/__load__.zeek similarity index 100% rename from scripts/policy/integration/barnyard2/__load__.bro rename to scripts/policy/integration/barnyard2/__load__.zeek diff --git a/scripts/policy/integration/barnyard2/main.bro b/scripts/policy/integration/barnyard2/main.zeek similarity index 100% rename from scripts/policy/integration/barnyard2/main.bro rename to scripts/policy/integration/barnyard2/main.zeek diff --git a/scripts/policy/integration/barnyard2/types.bro b/scripts/policy/integration/barnyard2/types.zeek similarity index 100% rename from scripts/policy/integration/barnyard2/types.bro rename to scripts/policy/integration/barnyard2/types.zeek diff --git a/scripts/policy/integration/collective-intel/__load__.bro b/scripts/policy/integration/collective-intel/__load__.zeek similarity index 100% rename from scripts/policy/integration/collective-intel/__load__.bro rename to scripts/policy/integration/collective-intel/__load__.zeek diff --git a/scripts/policy/integration/collective-intel/main.bro b/scripts/policy/integration/collective-intel/main.zeek similarity index 100% rename from scripts/policy/integration/collective-intel/main.bro rename to scripts/policy/integration/collective-intel/main.zeek diff --git a/scripts/policy/misc/capture-loss.bro b/scripts/policy/misc/capture-loss.zeek similarity index 100% rename from scripts/policy/misc/capture-loss.bro rename to scripts/policy/misc/capture-loss.zeek diff --git a/scripts/policy/misc/detect-traceroute/__load__.bro b/scripts/policy/misc/detect-traceroute/__load__.zeek similarity index 100% rename from scripts/policy/misc/detect-traceroute/__load__.bro rename to scripts/policy/misc/detect-traceroute/__load__.zeek diff --git a/scripts/policy/misc/detect-traceroute/main.bro b/scripts/policy/misc/detect-traceroute/main.zeek similarity index 100% rename from scripts/policy/misc/detect-traceroute/main.bro rename to scripts/policy/misc/detect-traceroute/main.zeek diff --git a/scripts/policy/misc/dump-events.bro b/scripts/policy/misc/dump-events.zeek similarity index 100% rename from scripts/policy/misc/dump-events.bro rename to scripts/policy/misc/dump-events.zeek diff --git a/scripts/policy/misc/load-balancing.bro b/scripts/policy/misc/load-balancing.zeek similarity index 100% rename from scripts/policy/misc/load-balancing.bro rename to scripts/policy/misc/load-balancing.zeek diff --git a/scripts/policy/misc/loaded-scripts.bro b/scripts/policy/misc/loaded-scripts.zeek similarity index 100% rename from scripts/policy/misc/loaded-scripts.bro rename to scripts/policy/misc/loaded-scripts.zeek diff --git a/scripts/policy/misc/profiling.bro b/scripts/policy/misc/profiling.zeek similarity index 100% rename from scripts/policy/misc/profiling.bro rename to scripts/policy/misc/profiling.zeek diff --git a/scripts/policy/misc/scan.bro b/scripts/policy/misc/scan.zeek similarity index 100% rename from scripts/policy/misc/scan.bro rename to scripts/policy/misc/scan.zeek diff --git a/scripts/policy/misc/stats.bro b/scripts/policy/misc/stats.zeek similarity index 100% rename from scripts/policy/misc/stats.bro rename to scripts/policy/misc/stats.zeek diff --git a/scripts/policy/misc/trim-trace-file.bro b/scripts/policy/misc/trim-trace-file.zeek similarity index 100% rename from scripts/policy/misc/trim-trace-file.bro rename to scripts/policy/misc/trim-trace-file.zeek diff --git a/scripts/policy/misc/weird-stats.bro b/scripts/policy/misc/weird-stats.zeek similarity index 100% rename from scripts/policy/misc/weird-stats.bro rename to scripts/policy/misc/weird-stats.zeek diff --git a/scripts/policy/protocols/conn/known-hosts.bro b/scripts/policy/protocols/conn/known-hosts.zeek similarity index 100% rename from scripts/policy/protocols/conn/known-hosts.bro rename to scripts/policy/protocols/conn/known-hosts.zeek diff --git a/scripts/policy/protocols/conn/known-services.bro b/scripts/policy/protocols/conn/known-services.zeek similarity index 100% rename from scripts/policy/protocols/conn/known-services.bro rename to scripts/policy/protocols/conn/known-services.zeek diff --git a/scripts/policy/protocols/conn/mac-logging.bro b/scripts/policy/protocols/conn/mac-logging.zeek similarity index 100% rename from scripts/policy/protocols/conn/mac-logging.bro rename to scripts/policy/protocols/conn/mac-logging.zeek diff --git a/scripts/policy/protocols/conn/vlan-logging.bro b/scripts/policy/protocols/conn/vlan-logging.zeek similarity index 100% rename from scripts/policy/protocols/conn/vlan-logging.bro rename to scripts/policy/protocols/conn/vlan-logging.zeek diff --git a/scripts/policy/protocols/conn/weirds.bro b/scripts/policy/protocols/conn/weirds.zeek similarity index 100% rename from scripts/policy/protocols/conn/weirds.bro rename to scripts/policy/protocols/conn/weirds.zeek diff --git a/scripts/policy/protocols/dhcp/deprecated_events.bro b/scripts/policy/protocols/dhcp/deprecated_events.zeek similarity index 100% rename from scripts/policy/protocols/dhcp/deprecated_events.bro rename to scripts/policy/protocols/dhcp/deprecated_events.zeek diff --git a/scripts/policy/protocols/dhcp/msg-orig.bro b/scripts/policy/protocols/dhcp/msg-orig.zeek similarity index 100% rename from scripts/policy/protocols/dhcp/msg-orig.bro rename to scripts/policy/protocols/dhcp/msg-orig.zeek diff --git a/scripts/policy/protocols/dhcp/software.bro b/scripts/policy/protocols/dhcp/software.zeek similarity index 100% rename from scripts/policy/protocols/dhcp/software.bro rename to scripts/policy/protocols/dhcp/software.zeek diff --git a/scripts/policy/protocols/dhcp/sub-opts.bro b/scripts/policy/protocols/dhcp/sub-opts.zeek similarity index 100% rename from scripts/policy/protocols/dhcp/sub-opts.bro rename to scripts/policy/protocols/dhcp/sub-opts.zeek diff --git a/scripts/policy/protocols/dns/auth-addl.bro b/scripts/policy/protocols/dns/auth-addl.zeek similarity index 100% rename from scripts/policy/protocols/dns/auth-addl.bro rename to scripts/policy/protocols/dns/auth-addl.zeek diff --git a/scripts/policy/protocols/dns/detect-external-names.bro b/scripts/policy/protocols/dns/detect-external-names.zeek similarity index 100% rename from scripts/policy/protocols/dns/detect-external-names.bro rename to scripts/policy/protocols/dns/detect-external-names.zeek diff --git a/scripts/policy/protocols/ftp/detect-bruteforcing.bro b/scripts/policy/protocols/ftp/detect-bruteforcing.zeek similarity index 100% rename from scripts/policy/protocols/ftp/detect-bruteforcing.bro rename to scripts/policy/protocols/ftp/detect-bruteforcing.zeek diff --git a/scripts/policy/protocols/ftp/detect.bro b/scripts/policy/protocols/ftp/detect.zeek similarity index 100% rename from scripts/policy/protocols/ftp/detect.bro rename to scripts/policy/protocols/ftp/detect.zeek diff --git a/scripts/policy/protocols/ftp/software.bro b/scripts/policy/protocols/ftp/software.zeek similarity index 100% rename from scripts/policy/protocols/ftp/software.bro rename to scripts/policy/protocols/ftp/software.zeek diff --git a/scripts/policy/protocols/http/detect-sqli.bro b/scripts/policy/protocols/http/detect-sqli.zeek similarity index 100% rename from scripts/policy/protocols/http/detect-sqli.bro rename to scripts/policy/protocols/http/detect-sqli.zeek diff --git a/scripts/policy/protocols/http/detect-webapps.bro b/scripts/policy/protocols/http/detect-webapps.zeek similarity index 100% rename from scripts/policy/protocols/http/detect-webapps.bro rename to scripts/policy/protocols/http/detect-webapps.zeek diff --git a/scripts/policy/protocols/http/header-names.bro b/scripts/policy/protocols/http/header-names.zeek similarity index 100% rename from scripts/policy/protocols/http/header-names.bro rename to scripts/policy/protocols/http/header-names.zeek diff --git a/scripts/policy/protocols/http/software-browser-plugins.bro b/scripts/policy/protocols/http/software-browser-plugins.zeek similarity index 100% rename from scripts/policy/protocols/http/software-browser-plugins.bro rename to scripts/policy/protocols/http/software-browser-plugins.zeek diff --git a/scripts/policy/protocols/http/software.bro b/scripts/policy/protocols/http/software.zeek similarity index 100% rename from scripts/policy/protocols/http/software.bro rename to scripts/policy/protocols/http/software.zeek diff --git a/scripts/policy/protocols/http/var-extraction-cookies.bro b/scripts/policy/protocols/http/var-extraction-cookies.zeek similarity index 100% rename from scripts/policy/protocols/http/var-extraction-cookies.bro rename to scripts/policy/protocols/http/var-extraction-cookies.zeek diff --git a/scripts/policy/protocols/http/var-extraction-uri.bro b/scripts/policy/protocols/http/var-extraction-uri.zeek similarity index 100% rename from scripts/policy/protocols/http/var-extraction-uri.bro rename to scripts/policy/protocols/http/var-extraction-uri.zeek diff --git a/scripts/policy/protocols/krb/ticket-logging.bro b/scripts/policy/protocols/krb/ticket-logging.zeek similarity index 100% rename from scripts/policy/protocols/krb/ticket-logging.bro rename to scripts/policy/protocols/krb/ticket-logging.zeek diff --git a/scripts/policy/protocols/modbus/known-masters-slaves.bro b/scripts/policy/protocols/modbus/known-masters-slaves.zeek similarity index 100% rename from scripts/policy/protocols/modbus/known-masters-slaves.bro rename to scripts/policy/protocols/modbus/known-masters-slaves.zeek diff --git a/scripts/policy/protocols/modbus/track-memmap.bro b/scripts/policy/protocols/modbus/track-memmap.zeek similarity index 100% rename from scripts/policy/protocols/modbus/track-memmap.bro rename to scripts/policy/protocols/modbus/track-memmap.zeek diff --git a/scripts/policy/protocols/mysql/software.bro b/scripts/policy/protocols/mysql/software.zeek similarity index 100% rename from scripts/policy/protocols/mysql/software.bro rename to scripts/policy/protocols/mysql/software.zeek diff --git a/scripts/policy/protocols/rdp/indicate_ssl.bro b/scripts/policy/protocols/rdp/indicate_ssl.zeek similarity index 100% rename from scripts/policy/protocols/rdp/indicate_ssl.bro rename to scripts/policy/protocols/rdp/indicate_ssl.zeek diff --git a/scripts/policy/protocols/smb/__load__.bro b/scripts/policy/protocols/smb/__load__.zeek similarity index 100% rename from scripts/policy/protocols/smb/__load__.bro rename to scripts/policy/protocols/smb/__load__.zeek diff --git a/scripts/policy/protocols/smb/log-cmds.bro b/scripts/policy/protocols/smb/log-cmds.zeek similarity index 100% rename from scripts/policy/protocols/smb/log-cmds.bro rename to scripts/policy/protocols/smb/log-cmds.zeek diff --git a/scripts/policy/protocols/smtp/blocklists.bro b/scripts/policy/protocols/smtp/blocklists.zeek similarity index 100% rename from scripts/policy/protocols/smtp/blocklists.bro rename to scripts/policy/protocols/smtp/blocklists.zeek diff --git a/scripts/policy/protocols/smtp/detect-suspicious-orig.bro b/scripts/policy/protocols/smtp/detect-suspicious-orig.zeek similarity index 100% rename from scripts/policy/protocols/smtp/detect-suspicious-orig.bro rename to scripts/policy/protocols/smtp/detect-suspicious-orig.zeek diff --git a/scripts/policy/protocols/smtp/entities-excerpt.bro b/scripts/policy/protocols/smtp/entities-excerpt.zeek similarity index 100% rename from scripts/policy/protocols/smtp/entities-excerpt.bro rename to scripts/policy/protocols/smtp/entities-excerpt.zeek diff --git a/scripts/policy/protocols/smtp/software.bro b/scripts/policy/protocols/smtp/software.zeek similarity index 100% rename from scripts/policy/protocols/smtp/software.bro rename to scripts/policy/protocols/smtp/software.zeek diff --git a/scripts/policy/protocols/ssh/detect-bruteforcing.bro b/scripts/policy/protocols/ssh/detect-bruteforcing.zeek similarity index 100% rename from scripts/policy/protocols/ssh/detect-bruteforcing.bro rename to scripts/policy/protocols/ssh/detect-bruteforcing.zeek diff --git a/scripts/policy/protocols/ssh/geo-data.bro b/scripts/policy/protocols/ssh/geo-data.zeek similarity index 100% rename from scripts/policy/protocols/ssh/geo-data.bro rename to scripts/policy/protocols/ssh/geo-data.zeek diff --git a/scripts/policy/protocols/ssh/interesting-hostnames.bro b/scripts/policy/protocols/ssh/interesting-hostnames.zeek similarity index 100% rename from scripts/policy/protocols/ssh/interesting-hostnames.bro rename to scripts/policy/protocols/ssh/interesting-hostnames.zeek diff --git a/scripts/policy/protocols/ssh/software.bro b/scripts/policy/protocols/ssh/software.zeek similarity index 100% rename from scripts/policy/protocols/ssh/software.bro rename to scripts/policy/protocols/ssh/software.zeek diff --git a/scripts/policy/protocols/ssl/expiring-certs.bro b/scripts/policy/protocols/ssl/expiring-certs.zeek similarity index 100% rename from scripts/policy/protocols/ssl/expiring-certs.bro rename to scripts/policy/protocols/ssl/expiring-certs.zeek diff --git a/scripts/policy/protocols/ssl/extract-certs-pem.bro b/scripts/policy/protocols/ssl/extract-certs-pem.zeek similarity index 100% rename from scripts/policy/protocols/ssl/extract-certs-pem.bro rename to scripts/policy/protocols/ssl/extract-certs-pem.zeek diff --git a/scripts/policy/protocols/ssl/heartbleed.bro b/scripts/policy/protocols/ssl/heartbleed.zeek similarity index 100% rename from scripts/policy/protocols/ssl/heartbleed.bro rename to scripts/policy/protocols/ssl/heartbleed.zeek diff --git a/scripts/policy/protocols/ssl/known-certs.bro b/scripts/policy/protocols/ssl/known-certs.zeek similarity index 100% rename from scripts/policy/protocols/ssl/known-certs.bro rename to scripts/policy/protocols/ssl/known-certs.zeek diff --git a/scripts/policy/protocols/ssl/log-hostcerts-only.bro b/scripts/policy/protocols/ssl/log-hostcerts-only.zeek similarity index 100% rename from scripts/policy/protocols/ssl/log-hostcerts-only.bro rename to scripts/policy/protocols/ssl/log-hostcerts-only.zeek diff --git a/scripts/policy/protocols/ssl/notary.bro b/scripts/policy/protocols/ssl/notary.zeek similarity index 100% rename from scripts/policy/protocols/ssl/notary.bro rename to scripts/policy/protocols/ssl/notary.zeek diff --git a/scripts/policy/protocols/ssl/validate-certs.bro b/scripts/policy/protocols/ssl/validate-certs.zeek similarity index 100% rename from scripts/policy/protocols/ssl/validate-certs.bro rename to scripts/policy/protocols/ssl/validate-certs.zeek diff --git a/scripts/policy/protocols/ssl/validate-ocsp.bro b/scripts/policy/protocols/ssl/validate-ocsp.zeek similarity index 100% rename from scripts/policy/protocols/ssl/validate-ocsp.bro rename to scripts/policy/protocols/ssl/validate-ocsp.zeek diff --git a/scripts/policy/protocols/ssl/validate-sct.bro b/scripts/policy/protocols/ssl/validate-sct.zeek similarity index 100% rename from scripts/policy/protocols/ssl/validate-sct.bro rename to scripts/policy/protocols/ssl/validate-sct.zeek diff --git a/scripts/policy/protocols/ssl/weak-keys.bro b/scripts/policy/protocols/ssl/weak-keys.zeek similarity index 100% rename from scripts/policy/protocols/ssl/weak-keys.bro rename to scripts/policy/protocols/ssl/weak-keys.zeek diff --git a/scripts/policy/tuning/__load__.bro b/scripts/policy/tuning/__load__.zeek similarity index 100% rename from scripts/policy/tuning/__load__.bro rename to scripts/policy/tuning/__load__.zeek diff --git a/scripts/policy/tuning/defaults/__load__.bro b/scripts/policy/tuning/defaults/__load__.zeek similarity index 100% rename from scripts/policy/tuning/defaults/__load__.bro rename to scripts/policy/tuning/defaults/__load__.zeek diff --git a/scripts/policy/tuning/defaults/extracted_file_limits.bro b/scripts/policy/tuning/defaults/extracted_file_limits.zeek similarity index 100% rename from scripts/policy/tuning/defaults/extracted_file_limits.bro rename to scripts/policy/tuning/defaults/extracted_file_limits.zeek diff --git a/scripts/policy/tuning/defaults/packet-fragments.bro b/scripts/policy/tuning/defaults/packet-fragments.zeek similarity index 100% rename from scripts/policy/tuning/defaults/packet-fragments.bro rename to scripts/policy/tuning/defaults/packet-fragments.zeek diff --git a/scripts/policy/tuning/defaults/warnings.bro b/scripts/policy/tuning/defaults/warnings.zeek similarity index 100% rename from scripts/policy/tuning/defaults/warnings.bro rename to scripts/policy/tuning/defaults/warnings.zeek diff --git a/scripts/policy/tuning/json-logs.bro b/scripts/policy/tuning/json-logs.zeek similarity index 100% rename from scripts/policy/tuning/json-logs.bro rename to scripts/policy/tuning/json-logs.zeek diff --git a/scripts/policy/tuning/track-all-assets.bro b/scripts/policy/tuning/track-all-assets.zeek similarity index 100% rename from scripts/policy/tuning/track-all-assets.bro rename to scripts/policy/tuning/track-all-assets.zeek diff --git a/scripts/site/local.bro b/scripts/site/local.zeek similarity index 100% rename from scripts/site/local.bro rename to scripts/site/local.zeek diff --git a/scripts/test-all-policy.bro b/scripts/test-all-policy.bro deleted file mode 100644 index be2efbbc19..0000000000 --- a/scripts/test-all-policy.bro +++ /dev/null @@ -1,113 +0,0 @@ -# This file loads ALL policy scripts that are part of the Bro distribution. -# -# This is rarely makes sense, and is for testing only. -# -# Note that we have a unit test that makes sure that all policy files shipped are -# actually loaded here. If we have files that are part of the distribution yet -# can't be loaded here, these must still be listed here with their load command -# commented out. - -# The base/ scripts are all loaded by default and not included here. - -# @load frameworks/control/controllee.bro -# @load frameworks/control/controller.bro -@load frameworks/dpd/detect-protocols.bro -@load frameworks/dpd/packet-segment-logging.bro -@load frameworks/intel/do_notice.bro -@load frameworks/intel/do_expire.bro -@load frameworks/intel/whitelist.bro -@load frameworks/intel/removal.bro -@load frameworks/intel/seen/__load__.bro -@load frameworks/intel/seen/conn-established.bro -@load frameworks/intel/seen/dns.bro -@load frameworks/intel/seen/file-hashes.bro -@load frameworks/intel/seen/file-names.bro -@load frameworks/intel/seen/http-headers.bro -@load frameworks/intel/seen/http-url.bro -@load frameworks/intel/seen/pubkey-hashes.bro -@load frameworks/intel/seen/smb-filenames.bro -@load frameworks/intel/seen/smtp-url-extraction.bro -@load frameworks/intel/seen/smtp.bro -@load frameworks/intel/seen/ssl.bro -@load frameworks/intel/seen/where-locations.bro -@load frameworks/intel/seen/x509.bro -@load frameworks/files/detect-MHR.bro -@load frameworks/files/entropy-test-all-files.bro -#@load frameworks/files/extract-all-files.bro -@load frameworks/files/hash-all-files.bro -@load frameworks/notice/__load__.bro -@load frameworks/notice/extend-email/hostnames.bro -@load files/x509/log-ocsp.bro -@load frameworks/packet-filter/shunt.bro -@load frameworks/software/version-changes.bro -@load frameworks/software/vulnerable.bro -@load frameworks/software/windows-version-detection.bro -@load integration/barnyard2/__load__.bro -@load integration/barnyard2/main.bro -@load integration/barnyard2/types.bro -@load integration/collective-intel/__load__.bro -@load integration/collective-intel/main.bro -@load misc/capture-loss.bro -@load misc/detect-traceroute/__load__.bro -@load misc/detect-traceroute/main.bro -# @load misc/dump-events.bro -@load misc/load-balancing.bro -@load misc/loaded-scripts.bro -@load misc/profiling.bro -@load misc/scan.bro -@load misc/stats.bro -@load misc/weird-stats.bro -@load misc/trim-trace-file.bro -@load protocols/conn/known-hosts.bro -@load protocols/conn/known-services.bro -@load protocols/conn/mac-logging.bro -@load protocols/conn/vlan-logging.bro -@load protocols/conn/weirds.bro -#@load protocols/dhcp/deprecated_events.bro -@load protocols/dhcp/msg-orig.bro -@load protocols/dhcp/software.bro -@load protocols/dhcp/sub-opts.bro -@load protocols/dns/auth-addl.bro -@load protocols/dns/detect-external-names.bro -@load protocols/ftp/detect-bruteforcing.bro -@load protocols/ftp/detect.bro -@load protocols/ftp/software.bro -@load protocols/http/detect-sqli.bro -@load protocols/http/detect-webapps.bro -@load protocols/http/header-names.bro -@load protocols/http/software-browser-plugins.bro -@load protocols/http/software.bro -@load protocols/http/var-extraction-cookies.bro -@load protocols/http/var-extraction-uri.bro -@load protocols/krb/ticket-logging.bro -@load protocols/modbus/known-masters-slaves.bro -@load protocols/modbus/track-memmap.bro -@load protocols/mysql/software.bro -@load protocols/rdp/indicate_ssl.bro -#@load protocols/smb/__load__.bro -@load protocols/smb/log-cmds.bro -@load protocols/smtp/blocklists.bro -@load protocols/smtp/detect-suspicious-orig.bro -@load protocols/smtp/entities-excerpt.bro -@load protocols/smtp/software.bro -@load protocols/ssh/detect-bruteforcing.bro -@load protocols/ssh/geo-data.bro -@load protocols/ssh/interesting-hostnames.bro -@load protocols/ssh/software.bro -@load protocols/ssl/expiring-certs.bro -@load protocols/ssl/extract-certs-pem.bro -@load protocols/ssl/heartbleed.bro -@load protocols/ssl/known-certs.bro -@load protocols/ssl/log-hostcerts-only.bro -#@load protocols/ssl/notary.bro -@load protocols/ssl/validate-certs.bro -@load protocols/ssl/validate-ocsp.bro -@load protocols/ssl/validate-sct.bro -@load protocols/ssl/weak-keys.bro -@load tuning/__load__.bro -@load tuning/defaults/__load__.bro -@load tuning/defaults/extracted_file_limits.bro -@load tuning/defaults/packet-fragments.bro -@load tuning/defaults/warnings.bro -@load tuning/json-logs.bro -@load tuning/track-all-assets.bro diff --git a/scripts/test-all-policy.zeek b/scripts/test-all-policy.zeek new file mode 100644 index 0000000000..26408b6d44 --- /dev/null +++ b/scripts/test-all-policy.zeek @@ -0,0 +1,113 @@ +# This file loads ALL policy scripts that are part of the Bro distribution. +# +# This is rarely makes sense, and is for testing only. +# +# Note that we have a unit test that makes sure that all policy files shipped are +# actually loaded here. If we have files that are part of the distribution yet +# can't be loaded here, these must still be listed here with their load command +# commented out. + +# The base/ scripts are all loaded by default and not included here. + +# @load frameworks/control/controllee.zeek +# @load frameworks/control/controller.zeek +@load frameworks/dpd/detect-protocols.zeek +@load frameworks/dpd/packet-segment-logging.zeek +@load frameworks/intel/do_notice.zeek +@load frameworks/intel/do_expire.zeek +@load frameworks/intel/whitelist.zeek +@load frameworks/intel/removal.zeek +@load frameworks/intel/seen/__load__.zeek +@load frameworks/intel/seen/conn-established.zeek +@load frameworks/intel/seen/dns.zeek +@load frameworks/intel/seen/file-hashes.zeek +@load frameworks/intel/seen/file-names.zeek +@load frameworks/intel/seen/http-headers.zeek +@load frameworks/intel/seen/http-url.zeek +@load frameworks/intel/seen/pubkey-hashes.zeek +@load frameworks/intel/seen/smb-filenames.zeek +@load frameworks/intel/seen/smtp-url-extraction.zeek +@load frameworks/intel/seen/smtp.zeek +@load frameworks/intel/seen/ssl.zeek +@load frameworks/intel/seen/where-locations.zeek +@load frameworks/intel/seen/x509.zeek +@load frameworks/files/detect-MHR.zeek +@load frameworks/files/entropy-test-all-files.zeek +#@load frameworks/files/extract-all-files.zeek +@load frameworks/files/hash-all-files.zeek +@load frameworks/notice/__load__.zeek +@load frameworks/notice/extend-email/hostnames.zeek +@load files/x509/log-ocsp.zeek +@load frameworks/packet-filter/shunt.zeek +@load frameworks/software/version-changes.zeek +@load frameworks/software/vulnerable.zeek +@load frameworks/software/windows-version-detection.zeek +@load integration/barnyard2/__load__.zeek +@load integration/barnyard2/main.zeek +@load integration/barnyard2/types.zeek +@load integration/collective-intel/__load__.zeek +@load integration/collective-intel/main.zeek +@load misc/capture-loss.zeek +@load misc/detect-traceroute/__load__.zeek +@load misc/detect-traceroute/main.zeek +# @load misc/dump-events.zeek +@load misc/load-balancing.zeek +@load misc/loaded-scripts.zeek +@load misc/profiling.zeek +@load misc/scan.zeek +@load misc/stats.zeek +@load misc/weird-stats.zeek +@load misc/trim-trace-file.zeek +@load protocols/conn/known-hosts.zeek +@load protocols/conn/known-services.zeek +@load protocols/conn/mac-logging.zeek +@load protocols/conn/vlan-logging.zeek +@load protocols/conn/weirds.zeek +#@load protocols/dhcp/deprecated_events.zeek +@load protocols/dhcp/msg-orig.zeek +@load protocols/dhcp/software.zeek +@load protocols/dhcp/sub-opts.zeek +@load protocols/dns/auth-addl.zeek +@load protocols/dns/detect-external-names.zeek +@load protocols/ftp/detect-bruteforcing.zeek +@load protocols/ftp/detect.zeek +@load protocols/ftp/software.zeek +@load protocols/http/detect-sqli.zeek +@load protocols/http/detect-webapps.zeek +@load protocols/http/header-names.zeek +@load protocols/http/software-browser-plugins.zeek +@load protocols/http/software.zeek +@load protocols/http/var-extraction-cookies.zeek +@load protocols/http/var-extraction-uri.zeek +@load protocols/krb/ticket-logging.zeek +@load protocols/modbus/known-masters-slaves.zeek +@load protocols/modbus/track-memmap.zeek +@load protocols/mysql/software.zeek +@load protocols/rdp/indicate_ssl.zeek +#@load protocols/smb/__load__.zeek +@load protocols/smb/log-cmds.zeek +@load protocols/smtp/blocklists.zeek +@load protocols/smtp/detect-suspicious-orig.zeek +@load protocols/smtp/entities-excerpt.zeek +@load protocols/smtp/software.zeek +@load protocols/ssh/detect-bruteforcing.zeek +@load protocols/ssh/geo-data.zeek +@load protocols/ssh/interesting-hostnames.zeek +@load protocols/ssh/software.zeek +@load protocols/ssl/expiring-certs.zeek +@load protocols/ssl/extract-certs-pem.zeek +@load protocols/ssl/heartbleed.zeek +@load protocols/ssl/known-certs.zeek +@load protocols/ssl/log-hostcerts-only.zeek +#@load protocols/ssl/notary.zeek +@load protocols/ssl/validate-certs.zeek +@load protocols/ssl/validate-ocsp.zeek +@load protocols/ssl/validate-sct.zeek +@load protocols/ssl/weak-keys.zeek +@load tuning/__load__.zeek +@load tuning/defaults/__load__.zeek +@load tuning/defaults/extracted_file_limits.zeek +@load tuning/defaults/packet-fragments.zeek +@load tuning/defaults/warnings.zeek +@load tuning/json-logs.zeek +@load tuning/track-all-assets.zeek diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index f3dfd42d85..35fb70f5de 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -385,17 +385,17 @@ add_dependencies(generate_outputs_stage2b generate_outputs_stage1) add_custom_target(generate_outputs) add_dependencies(generate_outputs generate_outputs_stage2a generate_outputs_stage2b) -# Build __load__.bro files for standard *.bif.bro. +# Build __load__.zeek files for standard *.bif.zeek. bro_bif_create_loader(bif_loader "${bro_BASE_BIF_SCRIPTS}") add_dependencies(bif_loader ${bro_SUBDIRS}) add_dependencies(bro bif_loader) -# Build __load__.bro files for plugins/*.bif.bro. +# Build __load__.zeek files for plugins/*.bif.zeek. bro_bif_create_loader(bif_loader_plugins "${bro_PLUGIN_BIF_SCRIPTS}") add_dependencies(bif_loader_plugins ${bro_SUBDIRS}) add_dependencies(bro bif_loader_plugins) -# Install *.bif.bro. +# Install *.bif.zeek. install(DIRECTORY ${CMAKE_BINARY_DIR}/scripts/base/bif DESTINATION ${BRO_SCRIPT_INSTALL_PATH}/base) # Create plugin directory at install time. diff --git a/src/Type.cc b/src/Type.cc index 77a5ac6d16..741f1cfc0f 100644 --- a/src/Type.cc +++ b/src/Type.cc @@ -1510,7 +1510,7 @@ void EnumType::CheckAndAddName(const string& module_name, const char* name, else { // We allow double-definitions if matching exactly. This is so that - // we can define an enum both in a *.bif and *.bro for avoiding + // we can define an enum both in a *.bif and *.zeek for avoiding // cyclic dependencies. string fullname = make_full_var_name(module_name.c_str(), name); if ( id->Name() != fullname diff --git a/src/broxygen/ScriptInfo.cc b/src/broxygen/ScriptInfo.cc index da6ba6b44a..7ecf212a44 100644 --- a/src/broxygen/ScriptInfo.cc +++ b/src/broxygen/ScriptInfo.cc @@ -253,12 +253,12 @@ void ScriptInfo::DoInitPostScript() // The following enum types are automatically created internally in Bro, // so just manually associating them with scripts for now. - if ( name == "base/frameworks/input/main.bro" ) + if ( name == "base/frameworks/input/main.zeek" ) { auto id = global_scope()->Lookup("Input::Reader"); types.push_back(new IdentifierInfo(id, this)); } - else if ( name == "base/frameworks/logging/main.bro" ) + else if ( name == "base/frameworks/logging/main.zeek" ) { auto id = global_scope()->Lookup("Log::Writer"); types.push_back(new IdentifierInfo(id, this)); diff --git a/src/broxygen/ScriptInfo.h b/src/broxygen/ScriptInfo.h index d7328ef7c8..dd43e15a4e 100644 --- a/src/broxygen/ScriptInfo.h +++ b/src/broxygen/ScriptInfo.h @@ -77,7 +77,7 @@ public: { redefs.insert(info); } /** - * @return Whether the script is a package loader (i.e. "__load__.bro"). + * @return Whether the script is a package loader (i.e. "__load__.zeek"). */ bool IsPkgLoader() const { return is_pkg_loader; } diff --git a/src/broxygen/Target.h b/src/broxygen/Target.h index 9a5a23107c..7f18697eaf 100644 --- a/src/broxygen/Target.h +++ b/src/broxygen/Target.h @@ -41,7 +41,7 @@ struct TargetFile { /** * A Broxygen target abstract base class. A target is generally any portion of * documentation that Bro can build. It's identified by a type (e.g. script, - * identifier, package), a pattern (e.g. "example.bro", "HTTP::Info"), and + * identifier, package), a pattern (e.g. "example.zeek", "HTTP::Info"), and * a path to an output file. */ class Target { diff --git a/src/broxygen/broxygen.bif b/src/broxygen/broxygen.bif index d1b3028edc..4b2f5653b2 100644 --- a/src/broxygen/broxygen.bif +++ b/src/broxygen/broxygen.bif @@ -35,7 +35,7 @@ function get_identifier_comments%(name: string%): string ## ## name: the name of a Bro script. It must be a relative path to where ## it is located within a particular component of BROPATH and use -## the same file name extension/suffix as the actual file (e.g. ".bro"). +## the same file name extension/suffix as the actual file (e.g. ".zeek"). ## ## Returns: summary comments associated with script with *name*. If ## *name* is not a known script, an empty string is returned. diff --git a/src/const.bif b/src/const.bif index 6d60ac707b..9da5950259 100644 --- a/src/const.bif +++ b/src/const.bif @@ -1,6 +1,6 @@ ##! Declaration of various scripting-layer constants that the Bro core uses ##! internally. Documentation and default values for the scripting-layer -##! variables themselves are found in :doc:`/scripts/base/init-bare.bro`. +##! variables themselves are found in :doc:`/scripts/base/init-bare.zeek`. const ignore_keep_alive_rexmit: bool; const skip_http_data: bool; diff --git a/src/main.cc b/src/main.cc index 473f3a72e7..782c49edde 100644 --- a/src/main.cc +++ b/src/main.cc @@ -823,11 +823,11 @@ int main(int argc, char** argv) broxygen_mgr = new broxygen::Manager(broxygen_config, bro_argv[0]); - add_essential_input_file("base/init-bare.bro"); - add_essential_input_file("base/init-frameworks-and-bifs.bro"); + add_essential_input_file("base/init-bare.zeek"); + add_essential_input_file("base/init-frameworks-and-bifs.zeek"); if ( ! bare_mode ) - add_input_file("base/init-default.bro"); + add_input_file("base/init-default.zeek"); plugin_mgr->SearchDynamicPlugins(bro_plugin_path()); diff --git a/src/plugin/Manager.cc b/src/plugin/Manager.cc index e098d955c1..47f7ba1ed9 100644 --- a/src/plugin/Manager.cc +++ b/src/plugin/Manager.cc @@ -185,7 +185,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_ string init; - // First load {scripts}/__preload__.bro automatically. + // First load {scripts}/__preload__.zeek automatically. for (const string& ext : script_extensions) { init = dir + "scripts/__preload__" + ext; @@ -198,7 +198,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_ } } - // Load {bif,scripts}/__load__.bro automatically. + // Load {bif,scripts}/__load__.zeek automatically. for (const string& ext : script_extensions) { init = dir + "lib/bif/__load__" + ext; diff --git a/src/reporter.bif b/src/reporter.bif index 4a58e2728b..038182574e 100644 --- a/src/reporter.bif +++ b/src/reporter.bif @@ -4,7 +4,7 @@ ##! If event handlers do exist, it's assumed they take care of determining ##! how/where to output the messages. ##! -##! See :doc:`/scripts/base/frameworks/reporter/main.bro` for a convenient +##! See :doc:`/scripts/base/frameworks/reporter/main.zeek` for a convenient ##! reporter message logging framework. module Reporter; diff --git a/src/scan.l b/src/scan.l index 4da18b125f..fb8ca20f8e 100644 --- a/src/scan.l +++ b/src/scan.l @@ -923,7 +923,7 @@ int yywrap() if ( ! did_builtin_init && file_stack.length() == 1 ) { // ### This is a gross hack - we know that the first file - // we parse is init-bare.bro, and after it it's safe to initialize + // we parse is init-bare.zeek, and after it it's safe to initialize // the built-ins. Furthermore, we want to initialize the // built-in's *right* after parsing bro.init, so that other // source files can use built-in's when initializing globals. @@ -961,7 +961,7 @@ int yywrap() // prefixed and flattened version of the loaded file in BROPATH. The // flattening involves taking the path in BROPATH in which the // scanned file lives and replacing '/' path separators with a '.' If - // the scanned file is "__load__.bro", that part of the flattened + // the scanned file is "__load__.zeek", that part of the flattened // file name is discarded. If the prefix is non-empty, it gets placed // in front of the flattened path, separated with another '.' std::list::iterator it; diff --git a/src/types.bif b/src/types.bif index babccb0f0d..79f5780f52 100644 --- a/src/types.bif +++ b/src/types.bif @@ -141,7 +141,7 @@ enum createmode_t %{ %} # Declare record types that we want to access from the event engine. These are -# defined in init-bare.bro. +# defined in init-bare.zeek. type info_t: record; type fattr_t: record; type sattr_t: record; diff --git a/src/util.h b/src/util.h index bd1566080f..b63b74a3f7 100644 --- a/src/util.h +++ b/src/util.h @@ -309,7 +309,7 @@ std::string implode_string_vector(const std::vector& v, /** * Flatten a script name by replacing '/' path separators with '.'. - * @param file A path to a Bro script. If it is a __load__.bro, that part + * @param file A path to a Bro script. If it is a __load__.zeek, that part * is discarded when constructing the flattened the name. * @param prefix A string to prepend to the flattened script name. * @return The flattened script name.