From 1dbc5ed523700c5cb8375cf7f0cc6e16e88f52af Mon Sep 17 00:00:00 2001
From: Robin Sommer <robin@icir.org>
Date: Mon, 23 Mar 2015 11:22:47 -0700
Subject: [PATCH] bro -B <x> now supports "all" and "help" for <x>.

"all" enables all debug streams. "help" prints a list of available
debug streams.

Based on patch by John Donnelly.

BIT-1313 #merged
---
 CHANGES            | 21 ++++++++++++++
 NEWS               |  2 ++
 VERSION            |  2 +-
 src/DebugLogger.cc | 69 +++++++++++++++++++++++++++++++++++++++-------
 src/DebugLogger.h  |  2 ++
 src/main.cc        |  2 +-
 6 files changed, 86 insertions(+), 12 deletions(-)

diff --git a/CHANGES b/CHANGES
index 31ddf762eb..e6d704e89e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,25 @@
 
+2.3-582 | 2015-03-23 11:34:25 -0700
+
+  * BIT-1313: In debug builds, "bro -B <x>" now supports "all" and
+    "help" for "<x>". "all" enables all debug streams. "help" prints a
+    list of available debug streams. (John Donnelly/Robin Sommer).
+
+  * BIT-1324: Allow logging filters to inherit default path from
+    stream. This allows the path for the default filter to be
+    specified explicitly through $path="..." when creating a stream.
+    Adapted the existing Log::create_stream calls to explicitly
+    specify a path value. (Jon Siwek)
+
+  * BIT-1199: Change the way the input framework deals with values it
+    cannot convert into BroVals, raising error messages instead of
+    aborting execution. (Johanna Amann)
+
+  * BIT-788: Use DNS QR field to better identify flow direction. (Jon
+    Siwek)
+
+  * BIT-342: Add "icmp_sent_payload" event. (Jon Siwek)
+
 2.3-570 | 2015-03-23 09:51:20 -0500
 
   * Correct a spelling error (Daniel Thayer)
diff --git a/NEWS b/NEWS
index df1b71ba20..e49d4ed834 100644
--- a/NEWS
+++ b/NEWS
@@ -61,6 +61,8 @@ New Functionality
 
 - [TODO] Add new BroControl features.
 
+- A new icmp_sent_payload event provides access to ICMP payload.
+
 Changed Functionality
 ---------------------
 
diff --git a/VERSION b/VERSION
index c93efbe579..964d3f0583 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.3-570
+2.3-582
diff --git a/src/DebugLogger.cc b/src/DebugLogger.cc
index 3ce5d92888..4e3dba9d81 100644
--- a/src/DebugLogger.cc
+++ b/src/DebugLogger.cc
@@ -55,32 +55,81 @@ DebugLogger::~DebugLogger()
 		fclose(file);
 	}
 
+void DebugLogger::ShowStreamsHelp()
+	{
+	fprintf(stderr, "\n");
+	fprintf(stderr, "Enable debug output into debug.log with -B <streams>.\n");
+	fprintf(stderr, "<streams> is a comma-separated list of streams to enable.\n");
+	fprintf(stderr, "\n");
+	fprintf(stderr, "Available streams:\n");
+
+	for ( int i = 0; i < NUM_DBGS; ++i )
+		fprintf(stderr,"  %s\n", streams[i].prefix);
+
+	fprintf(stderr, "\n");
+	fprintf(stderr, "  plugin-<plugin-name>   (replace '::' in name with '-'; e.g., '-B plugin-Bro-Netmap')\n");
+	fprintf(stderr, "\n");
+	fprintf(stderr, "Pseudo streams\n");
+	fprintf(stderr, "  verbose  Increase verbosity.\n");
+	fprintf(stderr, "  all      Enable all streams at maximum verbosity.\n");
+	fprintf(stderr, "\n");
+	}
+
 void DebugLogger::EnableStreams(const char* s)
 	{
-	char* tmp = copy_string(s);
 	char* brkt;
+	char* tmp = copy_string(s);
 	char* tok = strtok(tmp, ",");
 
 	while ( tok )
 		{
+		if ( strcasecmp("all", tok) == 0 )
+			{
+			for ( int i = 0; i < NUM_DBGS; ++i )
+				{
+				streams[i].enabled = true;
+				enabled_streams.insert(streams[i].prefix);
+				}
+
+			verbose = true;
+			goto next;
+			}
+
+		if ( strcasecmp("verbose", tok) == 0 )
+			{
+			verbose = true;
+			goto next;
+			}
+
+		if ( strcasecmp("help", tok) == 0 )
+			{
+			ShowStreamsHelp();
+			exit(0);
+			}
+
+		if ( strncmp(tok, "plugin-", strlen("plugin-")) == 0 )
+			{
+			// Cannot verify this at this time, plugins may not
+			// have been loaded.
+			enabled_streams.insert(tok);
+			goto next;
+			}
+
 		int i;
+
 		for ( i = 0; i < NUM_DBGS; ++i )
+			{
 			if ( strcasecmp(streams[i].prefix, tok) == 0 )
 				{
 				streams[i].enabled = true;
-				break;
+				enabled_streams.insert(tok);
+				goto next;
 				}
-
-		if ( i == NUM_DBGS )
-			{
-			if ( strcasecmp("verbose", tok) == 0 )
-				verbose = true;
-			else if ( strncmp(tok, "plugin-", 7) != 0 )
-				reporter->FatalError("unknown debug stream %s\n", tok);
 			}
 
-		enabled_streams.insert(tok);
+		reporter->FatalError("unknown debug stream '%s', try -B help.\n", tok);
 
+next:
 		tok = strtok(0, ",");
 		}
 
diff --git a/src/DebugLogger.h b/src/DebugLogger.h
index 13124657e7..ca947ff03a 100644
--- a/src/DebugLogger.h
+++ b/src/DebugLogger.h
@@ -78,6 +78,8 @@ public:
 	void SetVerbose(bool arg_verbose)	{ verbose = arg_verbose; }
 	bool IsVerbose() const			{ return verbose; }
 
+	void ShowStreamsHelp();
+
 private:
 	FILE* file;
 	bool verbose;
diff --git a/src/main.cc b/src/main.cc
index fb48bdc14a..24c19c19d9 100644
--- a/src/main.cc
+++ b/src/main.cc
@@ -188,7 +188,7 @@ void usage()
 	fprintf(stderr, "    -x|--print-state <file.bst>    | print contents of state file\n");
 	fprintf(stderr, "    -z|--analyze <analysis>        | run the specified policy file analysis\n");
 #ifdef DEBUG
-	fprintf(stderr, "    -B|--debug <dbgstreams>        | Enable debugging output for selected streams\n");
+	fprintf(stderr, "    -B|--debug <dbgstreams>        | Enable debugging output for selected streams ('-B help' for help)\n");
 #endif
 	fprintf(stderr, "    -C|--no-checksums              | ignore checksums\n");
 	fprintf(stderr, "    -D|--dfa-size <size>           | DFA state cache size\n");