Moving existing built-in plugins over to new interface.

src/analyzer/protocol/arp/Plugin.cc

@@ -1,7 +1,21 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
-BRO_PLUGIN_BEGIN(Bro, ARP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("ARP Parsing Code");
+namespace Bro_ARP {
-	BRO_PLUGIN_BIF_FILE(events);
+
-BRO_PLUGIN_END
+class Plugin : public plugin::Plugin {
+public:
+	plugin::Configuration Configure()
+		{
+		plugin::Configuration config;
+		config.name = "Bro::ARP";
+		config.description = "ARP Parsing";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/ayiya/AYIYA.h

@@ -14,7 +14,7 @@ public:
 	virtual void DeliverPacket(int len, const u_char* data, bool orig,
 					int seq, const IP_Hdr* ip, int caplen);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new AYIYA_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/ayiya/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "AYIYA.h"
 
-BRO_PLUGIN_BEGIN(Bro, AYIYA)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("AYIYA Analyzer");
+namespace Bro_AYIYA {
-	BRO_PLUGIN_ANALYZER("AYIYA", ayiya::AYIYA_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("AYIYA", ::analyzer::ayiya::AYIYA_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::AYIYA";
+		config.description = "AYIYA Analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/backdoor/BackDoor.h

@@ -73,7 +73,7 @@ public:
 	virtual void Done();
 	void StatTimer(double t, int is_expire);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new BackDoor_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/backdoor/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "BackDoor.h"
 
-BRO_PLUGIN_BEGIN(Bro, BackDoor)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Backdoor Analyzer (deprecated)");
+namespace Bro_BackDoor {
-	BRO_PLUGIN_ANALYZER("BackDoor", backdoor::BackDoor_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("BackDoor", ::analyzer::backdoor::BackDoor_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::BackDoor";
+		config.description = "Backdoor Analyzer deprecated";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/bittorrent/BitTorrent.h

@@ -19,7 +19,7 @@ public:
 	virtual void Undelivered(int seq, int len, bool orig);
 	virtual void EndpointEOF(bool is_orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new BitTorrent_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/bittorrent/BitTorrentTracker.h

@@ -52,7 +52,7 @@ public:
 	virtual void Undelivered(int seq, int len, bool orig);
 	virtual void EndpointEOF(bool is_orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new BitTorrentTracker_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/bittorrent/Plugin.cc

@@ -1,12 +1,27 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "BitTorrent.h"
 #include "BitTorrentTracker.h"
 
-BRO_PLUGIN_BEGIN(Bro, BitTorrent)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("BitTorrent Analyzer");
+namespace Bro_BitTorrent {
-	BRO_PLUGIN_ANALYZER("BitTorrent", bittorrent::BitTorrent_Analyzer);
+
-	BRO_PLUGIN_ANALYZER("BitTorrentTracker", bittorrent::BitTorrentTracker_Analyzer);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(events);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("BitTorrent", ::analyzer::bittorrent::BitTorrent_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("BitTorrentTracker", ::analyzer::bittorrent::BitTorrentTracker_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::BitTorrent";
+		config.description = "BitTorrent Analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/conn-size/ConnSize.h

@@ -21,7 +21,7 @@ public:
 	virtual void UpdateConnVal(RecordVal *conn_val);
 	virtual void FlipRoles();
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new ConnSize_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/conn-size/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "ConnSize.h"
 
-BRO_PLUGIN_BEGIN(Bro, ConnSize)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Connection size analyzer");
+namespace Bro_ConnSize {
-	BRO_PLUGIN_ANALYZER("ConnSize", conn_size::ConnSize_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("ConnSize", ::analyzer::conn_size::ConnSize_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::ConnSize";
+		config.description = "Connection size analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/dce-rpc/DCE_RPC.h

@@ -178,7 +178,7 @@ public:
 	DCE_RPC_Analyzer(Connection* conn, bool speculative = false);
 	~DCE_RPC_Analyzer();
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new DCE_RPC_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/dce-rpc/Plugin.cc

@@ -1,11 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "DCE_RPC.h"
 
-BRO_PLUGIN_BEGIN(Bro, DCE_RPC)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("DCE-RPC analyzer");
+namespace Bro_DCE_RPC {
-	BRO_PLUGIN_ANALYZER("DCE_RPC", dce_rpc::DCE_RPC_Analyzer);
+
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_DCE_RPC");
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(events);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("DCE_RPC", ::analyzer::dce_rpc::DCE_RPC_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("Contents_DCE_RPC", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::DCE_RPC";
+		config.description = "DCE-RPC analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/dhcp/DHCP.h

@@ -16,7 +16,7 @@ public:
 	virtual void DeliverPacket(int len, const u_char* data, bool orig,
 					int seq, const IP_Hdr* ip, int caplen);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new DHCP_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/dhcp/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "DHCP.h"
 
-BRO_PLUGIN_BEGIN(Bro, DHCP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("DHCP analyzer");
+namespace Bro_DHCP {
-	BRO_PLUGIN_ANALYZER("DHCP", dhcp::DHCP_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("DHCP", ::analyzer::dhcp::DHCP_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::DHCP";
+		config.description = "DHCP analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/dnp3/DNP3.h

@@ -17,7 +17,7 @@ public:
 	virtual void Undelivered(int seq, int len, bool orig);
 	virtual void EndpointEOF(bool is_orig);
 
-	static Analyzer* InstantiateAnalyzer(Connection* conn)
+	static Analyzer* Instantiate(Connection* conn)
 		{ return new DNP3_Analyzer(conn); }
 
 private:

src/analyzer/protocol/dnp3/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "DNP3.h"
 
-BRO_PLUGIN_BEGIN(Bro, DNP3)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("DNP3 analyzer");
+namespace Bro_DNP3 {
-	BRO_PLUGIN_ANALYZER("DNP3", dnp3::DNP3_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("DNP3", ::analyzer::dnp3::DNP3_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::DNP3";
+		config.description = "DNP3 analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/dns/DNS.h

@@ -267,7 +267,7 @@ public:
 
 	void ExpireTimer(double t);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new DNS_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/dns/Plugin.cc

@@ -1,11 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "DNS.h"
 
-BRO_PLUGIN_BEGIN(Bro, DNS)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("DNS analyzer");
+namespace Bro_DNS {
-	BRO_PLUGIN_ANALYZER("DNS", dns::DNS_Analyzer);
+
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_DNS");
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(events);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("DNS", ::analyzer::dns::DNS_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("Contents_DNS", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::DNS";
+		config.description = "DNS analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/file/File.h

@@ -19,7 +19,7 @@ public:
 
 	void Undelivered(int seq, int len, bool orig);
 
-//	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+//	static analyzer::Analyzer* Instantiate(Connection* conn)
 //		{ return new File_Analyzer(conn); }
 
 protected:
@@ -40,7 +40,7 @@ public:
 
 	virtual void Undelivered(int seq, int len, bool orig);
 
-	static Analyzer* InstantiateAnalyzer(Connection* conn)
+	static Analyzer* Instantiate(Connection* conn)
 		{ return new IRC_Data(conn); }
 };
 
@@ -54,7 +54,7 @@ public:
 
 	virtual void Undelivered(int seq, int len, bool orig);
 
-	static Analyzer* InstantiateAnalyzer(Connection* conn)
+	static Analyzer* Instantiate(Connection* conn)
 		{ return new FTP_Data(conn); }
 };
 

src/analyzer/protocol/file/Plugin.cc

@@ -1,11 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "./File.h"
 
-BRO_PLUGIN_BEGIN(Bro, File)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Generic file analyzer");
+namespace Bro_File {
-	BRO_PLUGIN_ANALYZER("FTP_Data", file::FTP_Data);
+
-	BRO_PLUGIN_ANALYZER("IRC_Data", file::IRC_Data);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(events);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("FTP_Data", ::analyzer::file::FTP_Data::Instantiate));
+		AddComponent(new ::analyzer::Component("IRC_Data", ::analyzer::file::IRC_Data::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::File";
+		config.description = "Generic file analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/finger/Finger.h

@@ -17,7 +17,7 @@ public:
 	// Line-based input.
 	virtual void DeliverStream(int len, const u_char* data, bool orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new Finger_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/finger/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "Finger.h"
 
-BRO_PLUGIN_BEGIN(Bro, Finger)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Finger analyzer");
+namespace Bro_Finger {
-	BRO_PLUGIN_ANALYZER("Finger", finger::Finger_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("Finger", ::analyzer::finger::Finger_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::Finger";
+		config.description = "Finger analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/ftp/FTP.h

@@ -15,7 +15,7 @@ public:
 	virtual void Done();
 	virtual void DeliverStream(int len, const u_char* data, bool orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{
 		return new FTP_Analyzer(conn);
 		}

src/analyzer/protocol/ftp/Plugin.cc

@@ -1,12 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "FTP.h"
 
-BRO_PLUGIN_BEGIN(Bro, FTP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("FTP analyzer");
+namespace Bro_FTP {
-	BRO_PLUGIN_ANALYZER("FTP", ftp::FTP_Analyzer);
+
-	BRO_PLUGIN_SUPPORT_ANALYZER("FTP_ADAT");
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(events);
+public:
-	BRO_PLUGIN_BIF_FILE(functions);
+	plugin::Configuration Configure()
-BRO_PLUGIN_END
+		{
+		AddComponent(new ::analyzer::Component("FTP", ::analyzer::ftp::FTP_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("FTP_ADAT", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::FTP";
+		config.description = "FTP analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/gnutella/Gnutella.h

@@ -42,7 +42,7 @@ public:
 	virtual void Done ();
 	virtual void DeliverStream(int len, const u_char* data, bool orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new Gnutella_Analyzer(conn); }
 
 private:

src/analyzer/protocol/gnutella/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "Gnutella.h"
 
-BRO_PLUGIN_BEGIN(Bro, Gnutella)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Gnutella analyzer");
+namespace Bro_Gnutella {
-	BRO_PLUGIN_ANALYZER("Gnutella", gnutella::Gnutella_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("Gnutella", ::analyzer::gnutella::Gnutella_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::Gnutella";
+		config.description = "Gnutella analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/gtpv1/GTPv1.h

@@ -14,7 +14,7 @@ public:
 	virtual void DeliverPacket(int len, const u_char* data, bool orig,
 					int seq, const IP_Hdr* ip, int caplen);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new GTPv1_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/gtpv1/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "GTPv1.h"
 
-BRO_PLUGIN_BEGIN(Bro, GTPv1)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("GTPv1 analyzer");
+namespace Bro_GTPv1 {
-	BRO_PLUGIN_ANALYZER("GTPv1", gtpv1::GTPv1_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("GTPv1", ::analyzer::gtpv1::GTPv1_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::GTPv1";
+		config.description = "GTPv1 analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/http/HTTP.h

@@ -183,7 +183,7 @@ public:
 	virtual void ConnectionReset();
 	virtual void PacketWithRST();
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new HTTP_Analyzer(conn); }
 
 	static bool Available()

src/analyzer/protocol/http/Plugin.cc

@@ -1,11 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "HTTP.h"
 
-BRO_PLUGIN_BEGIN(Bro, HTTP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("HTTP analyzer");
+namespace Bro_HTTP {
-	BRO_PLUGIN_ANALYZER("HTTP", http::HTTP_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(functions);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("HTTP", ::analyzer::http::HTTP_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::HTTP";
+		config.description = "HTTP analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/icmp/ICMP.h

@@ -21,7 +21,7 @@ public:
 
 	virtual void UpdateConnVal(RecordVal *conn_val);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new ICMP_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/icmp/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "ICMP.h"
 
-BRO_PLUGIN_BEGIN(Bro, ICMP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("ICMP analyzer");
+namespace Bro_ICMP {
-	BRO_PLUGIN_ANALYZER("ICMP", icmp::ICMP_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("ICMP", ::analyzer::icmp::ICMP_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::ICMP";
+		config.description = "ICMP analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/ident/Ident.h

@@ -15,7 +15,7 @@ public:
 
 	virtual void DeliverStream(int length, const u_char* data, bool is_orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new Ident_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/ident/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "Ident.h"
 
-BRO_PLUGIN_BEGIN(Bro, Ident)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Ident analyzer");
+namespace Bro_Ident {
-	BRO_PLUGIN_ANALYZER("Ident", ident::Ident_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("Ident", ::analyzer::ident::Ident_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::Ident";
+		config.description = "Ident analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/interconn/InterConn.h

@@ -49,7 +49,7 @@ public:
 	virtual void Done();
 	void StatTimer(double t, int is_expire);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new InterConn_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/interconn/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "InterConn.h"
 
-BRO_PLUGIN_BEGIN(Bro, InterConn)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("InterConn analyzer (deprecated)");
+namespace Bro_InterConn {
-	BRO_PLUGIN_ANALYZER("InterConn", interconn::InterConn_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("InterConn", ::analyzer::interconn::InterConn_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::InterConn";
+		config.description = "InterConn analyzer deprecated";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/irc/IRC.h

@@ -32,7 +32,7 @@ public:
 	*/
 	virtual void DeliverStream(int len, const u_char* data, bool orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{
 		return new IRC_Analyzer(conn);
 		}

src/analyzer/protocol/irc/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "IRC.h"
 
-BRO_PLUGIN_BEGIN(Bro, IRC)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("IRC analyzer");
+namespace Bro_IRC {
-	BRO_PLUGIN_ANALYZER("IRC", irc::IRC_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("IRC", ::analyzer::irc::IRC_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::IRC";
+		config.description = "IRC analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/login/Plugin.cc

@@ -1,3 +1,5 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
@@ -6,15 +8,27 @@
 #include "RSH.h"
 #include "Rlogin.h"
 
-BRO_PLUGIN_BEGIN(Bro, Login)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Telnet/Rsh/Rlogin analyzers");
+namespace Bro_Login {
-	BRO_PLUGIN_ANALYZER("Telnet", login::Telnet_Analyzer);
+
-	BRO_PLUGIN_ANALYZER("Rsh", login::Rsh_Analyzer);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_ANALYZER("Rlogin", login::Rlogin_Analyzer);
+public:
-	BRO_PLUGIN_ANALYZER_BARE("NVT");
+	plugin::Configuration Configure()
-	BRO_PLUGIN_ANALYZER_BARE("Login");
+		{
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_Rsh");
+		AddComponent(new ::analyzer::Component("Telnet", ::analyzer::login::Telnet_Analyzer::Instantiate));
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_Rlogin");
+		AddComponent(new ::analyzer::Component("Rsh", ::analyzer::login::Rsh_Analyzer::Instantiate));
-	BRO_PLUGIN_BIF_FILE(events);
+		AddComponent(new ::analyzer::Component("Rlogin", ::analyzer::login::Rlogin_Analyzer::Instantiate));
-	BRO_PLUGIN_BIF_FILE(functions);
+		AddComponent(new ::analyzer::Component("NVT", 0));
-BRO_PLUGIN_END
+		AddComponent(new ::analyzer::Component("Login", 0));
+		AddComponent(new ::analyzer::Component("Contents_Rsh", 0));
+		AddComponent(new ::analyzer::Component("Contents_Rlogin", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::Login";
+		config.description = "Telnet/Rsh/Rlogin analyzers";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/login/RSH.h

@@ -49,7 +49,7 @@ public:
 	void ClientUserName(const char* s);
 	void ServerUserName(const char* s);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new Rsh_Analyzer(conn); }
 
 	Contents_Rsh_Analyzer* contents_orig;

src/analyzer/protocol/login/Rlogin.h

@@ -62,7 +62,7 @@ public:
 	void ServerUserName(const char* s);
 	void TerminalType(const char* s);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new Rlogin_Analyzer(conn); }
 };
 

src/analyzer/protocol/login/Telnet.h

@@ -12,7 +12,7 @@ public:
 	Telnet_Analyzer(Connection* conn);
 	virtual ~Telnet_Analyzer()	{}
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new Telnet_Analyzer(conn); }
 };
 

src/analyzer/protocol/mime/Plugin.cc

@@ -1,7 +1,21 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
-BRO_PLUGIN_BEGIN(Bro, MIME)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("MIME parsing code");
+namespace Bro_MIME {
-	BRO_PLUGIN_BIF_FILE(events);
+
-BRO_PLUGIN_END
+class Plugin : public plugin::Plugin {
+public:
+	plugin::Configuration Configure()
+		{
+		plugin::Configuration config;
+		config.name = "Bro::MIME";
+		config.description = "MIME parsing";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/modbus/Modbus.h

@@ -17,7 +17,7 @@ public:
 	virtual void Undelivered(int seq, int len, bool orig);
 	virtual void EndpointEOF(bool is_orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new ModbusTCP_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/modbus/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "Modbus.h"
 
-BRO_PLUGIN_BEGIN(Bro, Modbus)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Modbus analyzer");
+namespace Bro_Modbus {
-	BRO_PLUGIN_ANALYZER("MODBUS", modbus::ModbusTCP_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("MODBUS", ::analyzer::modbus::ModbusTCP_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::Modbus";
+		config.description = "Modbus analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/ncp/NCP.h

@@ -104,7 +104,7 @@ public:
 	NCP_Analyzer(Connection* conn);
 	virtual ~NCP_Analyzer();
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new NCP_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/ncp/Plugin.cc

@@ -1,11 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "NCP.h"
 
-BRO_PLUGIN_BEGIN(Bro, NCP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("NCP analyzer");
+namespace Bro_NCP {
-	BRO_PLUGIN_ANALYZER("NCP", ncp::NCP_Analyzer);
+
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_NCP");
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(events);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("NCP", ::analyzer::ncp::NCP_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("Contents_NCP", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::NCP";
+		config.description = "NCP analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/netbios/NetbiosSSN.h

@@ -148,7 +148,7 @@ public:
 	virtual void DeliverPacket(int len, const u_char* data, bool orig,
 					int seq, const IP_Hdr* ip, int caplen);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new NetbiosSSN_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/netbios/Plugin.cc

@@ -1,12 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "NetbiosSSN.h"
 
-BRO_PLUGIN_BEGIN(Bro, NetBIOS)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("NetBIOS analyzer (support only SSN currently)");
+namespace Bro_NetBIOS {
-	BRO_PLUGIN_ANALYZER("NetbiosSSN", netbios_ssn::NetbiosSSN_Analyzer);
+
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_NetbiosSSN");
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(events);
+public:
-	BRO_PLUGIN_BIF_FILE(functions);
+	plugin::Configuration Configure()
-BRO_PLUGIN_END
+		{
+		AddComponent(new ::analyzer::Component("NetbiosSSN", ::analyzer::netbios_ssn::NetbiosSSN_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("Contents_NetbiosSSN", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::NetBIOS";
+		config.description = "NetBIOS analyzer support";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/netflow/Plugin.cc

@@ -1,7 +1,21 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
-BRO_PLUGIN_BEGIN(Bro, NetFlow)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("NetFlow parsing code");
+namespace Bro_NetFlow {
-	BRO_PLUGIN_BIF_FILE(events);
+
-BRO_PLUGIN_END
+class Plugin : public plugin::Plugin {
+public:
+	plugin::Configuration Configure()
+		{
+		plugin::Configuration config;
+		config.name = "Bro::NetFlow";
+		config.description = "NetFlow parsing";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/ntp/NTP.h

@@ -40,7 +40,7 @@ class NTP_Analyzer : public analyzer::Analyzer {
 public:
 	NTP_Analyzer(Connection* conn);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new NTP_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/ntp/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "NTP.h"
 
-BRO_PLUGIN_BEGIN(Bro, NTP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("NTP analyzer");
+namespace Bro_NTP {
-	BRO_PLUGIN_ANALYZER("NTP", ntp::NTP_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("NTP", ::analyzer::ntp::NTP_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::NTP";
+		config.description = "NTP analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/pia/PIA.h

@@ -94,7 +94,7 @@ public:
 		{ SetConn(conn); }
 	virtual ~PIA_UDP()	{ }
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new PIA_UDP(conn); }
 
 protected:
@@ -139,7 +139,7 @@ public:
 
 	void ReplayStreamBuffer(analyzer::Analyzer* analyzer);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new PIA_TCP(conn); }
 
 protected:

src/analyzer/protocol/pia/Plugin.cc

@@ -1,11 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "PIA.h"
 
-BRO_PLUGIN_BEGIN(Bro, PIA)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Analyzers implementing Dynamic Protocol Detection");
+namespace Bro_PIA {
-	BRO_PLUGIN_ANALYZER("PIA_TCP", pia::PIA_TCP);
+
-	BRO_PLUGIN_ANALYZER("PIA_UDP", pia::PIA_UDP);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(events);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("PIA_TCP", ::analyzer::pia::PIA_TCP::Instantiate));
+		AddComponent(new ::analyzer::Component("PIA_UDP", ::analyzer::pia::PIA_UDP::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::PIA";
+		config.description = "Analyzers implementing Dynamic Protocol";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/pop3/POP3.h

@@ -69,7 +69,7 @@ public:
 	virtual void Done();
 	virtual void DeliverStream(int len, const u_char* data, bool orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{
 		return new POP3_Analyzer(conn);
 		}

src/analyzer/protocol/pop3/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "POP3.h"
 
-BRO_PLUGIN_BEGIN(Bro, POP3)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("POP3 analyzer");
+namespace Bro_POP3 {
-	BRO_PLUGIN_ANALYZER("POP3", pop3::POP3_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("POP3", ::analyzer::pop3::POP3_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::POP3";
+		config.description = "POP3 analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/rpc/NFS.h

@@ -77,7 +77,7 @@ public:
 	NFS_Analyzer(Connection* conn);
 	virtual void Init();
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new NFS_Analyzer(conn); }
 };
 

src/analyzer/protocol/rpc/Plugin.cc

@@ -1,3 +1,5 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
@@ -5,11 +7,24 @@
 #include "NFS.h"
 #include "Portmap.h"
 
-BRO_PLUGIN_BEGIN(Bro, RPC)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Analyzers for RPC-based protocols");
+namespace Bro_RPC {
-	BRO_PLUGIN_ANALYZER("NFS", rpc::NFS_Analyzer);
+
-	BRO_PLUGIN_ANALYZER("Portmapper", rpc::Portmapper_Analyzer);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_RPC");
+public:
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_NFS");
+	plugin::Configuration Configure()
-	BRO_PLUGIN_BIF_FILE(events);
+		{
-BRO_PLUGIN_END
+		AddComponent(new ::analyzer::Component("NFS", ::analyzer::rpc::NFS_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("Portmapper", ::analyzer::rpc::Portmapper_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("Contents_RPC", 0));
+		AddComponent(new ::analyzer::Component("Contents_NFS", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::RPC";
+		config.description = "Analyzers for RPC-based protocols";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/rpc/Portmap.h

@@ -31,7 +31,7 @@ public:
 	virtual ~Portmapper_Analyzer();
 	virtual void Init();
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new Portmapper_Analyzer(conn); }
 };
 

src/analyzer/protocol/smb/Plugin.cc

@@ -1,11 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "SMB.h"
 
-BRO_PLUGIN_BEGIN(Bro, SMB)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("SMB analyzer");
+namespace Bro_SMB {
-	BRO_PLUGIN_ANALYZER("SMB", smb::SMB_Analyzer);
+
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_SMB");
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(events);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("SMB", ::analyzer::smb::SMB_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("Contents_SMB", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::SMB";
+		config.description = "SMB analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/smb/SMB.h

@@ -188,7 +188,7 @@ public:
 	SMB_Analyzer(Connection* conn);
 	~SMB_Analyzer();
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new SMB_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/smtp/Plugin.cc

@@ -1,11 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "SMTP.h"
 
-BRO_PLUGIN_BEGIN(Bro, SMTP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("SMTP analyzer");
+namespace Bro_SMTP {
-	BRO_PLUGIN_ANALYZER("SMTP", smtp::SMTP_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(functions);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("SMTP", ::analyzer::smtp::SMTP_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::SMTP";
+		config.description = "SMTP analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/smtp/SMTP.h

@@ -48,7 +48,7 @@ public:
 
 	void SkipData()	{ skip_data = 1; }	// skip delivery of data lines
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{
 		return new SMTP_Analyzer(conn);
 		}

src/analyzer/protocol/socks/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "SOCKS.h"
 
-BRO_PLUGIN_BEGIN(Bro, SOCKS)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("SOCKS analyzer");
+namespace Bro_SOCKS {
-	BRO_PLUGIN_ANALYZER("SOCKS", socks::SOCKS_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("SOCKS", ::analyzer::socks::SOCKS_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::SOCKS";
+		config.description = "SOCKS analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/socks/SOCKS.h

@@ -26,7 +26,7 @@ public:
 	virtual void Undelivered(int seq, int len, bool orig);
 	virtual void EndpointEOF(bool is_orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new SOCKS_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/ssh/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "SSH.h"
 
-BRO_PLUGIN_BEGIN(Bro, SSH)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("SSH analyzer");
+namespace Bro_SSH {
-	BRO_PLUGIN_ANALYZER("SSH", ssh::SSH_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("SSH", ::analyzer::ssh::SSH_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::SSH";
+		config.description = "SSH analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/ssh/SSH.h

@@ -14,7 +14,7 @@ public:
 
 	virtual void DeliverStream(int len, const u_char* data, bool orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new SSH_Analyzer(conn); }
 
 private:

src/analyzer/protocol/ssl/Plugin.cc

@@ -1,11 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "SSL.h"
 
-BRO_PLUGIN_BEGIN(Bro, SSL)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("SSL analyzer");
+namespace Bro_SSL {
-	BRO_PLUGIN_ANALYZER("SSL", ssl::SSL_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(functions);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("SSL", ::analyzer::ssl::SSL_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::SSL";
+		config.description = "SSL analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/ssl/SSL.h

@@ -21,7 +21,7 @@ public:
 	// Overriden from tcp::TCP_ApplicationAnalyzer.
 	virtual void EndpointEOF(bool is_orig);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new SSL_Analyzer(conn); }
 
 	static bool Available()

src/analyzer/protocol/stepping-stone/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "SteppingStone.h"
 
-BRO_PLUGIN_BEGIN(Bro, SteppingStone)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Stepping stone analyzer (deprecated)");
+namespace Bro_SteppingStone {
-	BRO_PLUGIN_ANALYZER("SteppingStone", stepping_stone::SteppingStone_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("SteppingStone", ::analyzer::stepping_stone::SteppingStone_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::SteppingStone";
+		config.description = "Stepping stone analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/stepping-stone/SteppingStone.h

@@ -53,7 +53,7 @@ public:
 	virtual void Init();
 	virtual void Done();
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new SteppingStone_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/syslog/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "Syslog.h"
 
-BRO_PLUGIN_BEGIN(Bro, Syslog)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Syslog analyzer (UDP-only currently)");
+namespace Bro_Syslog {
-	BRO_PLUGIN_ANALYZER("Syslog", syslog::Syslog_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("Syslog", ::analyzer::syslog::Syslog_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::Syslog";
+		config.description = "Syslog analyzer UDP-only";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/syslog/Syslog.h

@@ -18,7 +18,7 @@ public:
 	virtual void DeliverPacket(int len, const u_char* data, bool orig,
 					int seq, const IP_Hdr* ip, int caplen);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new Syslog_Analyzer(conn); }
 
 protected:
@@ -41,7 +41,7 @@ protected:
 //	virtual void Undelivered(int seq, int len, bool orig);
 //	virtual void EndpointEOF(tcp::TCP_Reassembler* endp);
 //
-//	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+//	static analyzer::Analyzer* Instantiate(Connection* conn)
 //		{ return new Syslog_tcp::TCP_Analyzer(conn); }
 //
 //protected:

src/analyzer/protocol/tcp/Plugin.cc

@@ -1,14 +1,28 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "TCP.h"
 
-BRO_PLUGIN_BEGIN(Bro, TCP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("TCP analyzer");
+namespace Bro_TCP {
-	BRO_PLUGIN_ANALYZER("TCP", tcp::TCP_Analyzer);
+
-	BRO_PLUGIN_ANALYZER("TCPStats", tcp::TCPStats_Analyzer);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_SUPPORT_ANALYZER("ContentLine");
+public:
-	BRO_PLUGIN_SUPPORT_ANALYZER("Contents");
+	plugin::Configuration Configure()
-	BRO_PLUGIN_BIF_FILE(events);
+		{
-	BRO_PLUGIN_BIF_FILE(functions);
+		AddComponent(new ::analyzer::Component("TCP", ::analyzer::tcp::TCP_Analyzer::Instantiate));
-BRO_PLUGIN_END
+		AddComponent(new ::analyzer::Component("TCPStats", ::analyzer::tcp::TCPStats_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("ContentsLine", 0));
+		AddComponent(new ::analyzer::Component("Contents", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::TCP";
+		config.description = "TCP analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/tcp/TCP.h

@@ -91,7 +91,7 @@ public:
 			proc_tcp_option_t proc, TCP_Analyzer* analyzer,
 			bool is_orig, void* cookie);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new TCP_Analyzer(conn); }
 
 protected:
@@ -367,7 +367,7 @@ public:
 	virtual void Init();
 	virtual void Done();
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new TCPStats_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/teredo/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "Teredo.h"
 
-BRO_PLUGIN_BEGIN(Bro, Teredo)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Teredo analyzer");
+namespace Bro_Teredo {
-	BRO_PLUGIN_ANALYZER("Teredo", teredo::Teredo_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("Teredo", ::analyzer::teredo::Teredo_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::Teredo";
+		config.description = "Teredo analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/teredo/Teredo.h

@@ -21,7 +21,7 @@ public:
 	virtual void DeliverPacket(int len, const u_char* data, bool orig,
 					int seq, const IP_Hdr* ip, int caplen);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new Teredo_Analyzer(conn); }
 
 	/**

src/analyzer/protocol/udp/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "analyzer/protocol/udp/UDP.h"
 
-BRO_PLUGIN_BEGIN(Bro, UDP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("UDP Analyzer");
+namespace Bro_UDP {
-	BRO_PLUGIN_ANALYZER("UDP", udp::UDP_Analyzer);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("UDP", ::analyzer::udp::UDP_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::UDP";
+		config.description = "UDP Analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/analyzer/protocol/udp/UDP.h

@@ -22,7 +22,7 @@ public:
 
 	virtual void UpdateConnVal(RecordVal *conn_val);
 
-	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
+	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new UDP_Analyzer(conn); }
 
 protected:

src/analyzer/protocol/zip/Plugin.cc

@@ -1,10 +1,25 @@
+// See the file  in the main distribution directory for copyright.
+
 
 #include "plugin/Plugin.h"
 
 #include "ZIP.h"
 
-BRO_PLUGIN_BEGIN(Bro, ZIP)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Generic ZIP support analyzer");
+namespace Bro_ZIP {
-	BRO_PLUGIN_ANALYZER_BARE("ZIP");
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-BRO_PLUGIN_END
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("ZIP", 0));
+
+		plugin::Configuration config;
+		config.name = "Bro::ZIP";
+		config.description = "Generic ZIP support analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}

src/file_analysis/analyzer/data_event/Plugin.cc

@@ -1,8 +1,24 @@
+// See the file  in the main distribution directory for copyright.
+
 #include "plugin/Plugin.h"
 
 #include "DataEvent.h"
 
-BRO_PLUGIN_BEGIN(Bro, FileDataEvent)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Delivers file content via events");
+namespace Bro_FileDataEvent {
-	BRO_PLUGIN_FILE_ANALYZER("DATA_EVENT", DataEvent);
+
-BRO_PLUGIN_END
+class Plugin : public plugin::Plugin {
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::file_analysis::Component("DATA_EVENT", ::file_analysis::DataEvent::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::FileDataEvent";
+		config.description = "Delivers file content";
+		return config;
+		}
+} plugin;
+
+}
+}

src/file_analysis/analyzer/extract/Plugin.cc

@@ -1,10 +1,24 @@
+// See the file  in the main distribution directory for copyright.
+
 #include "plugin/Plugin.h"
 
 #include "Extract.h"
 
-BRO_PLUGIN_BEGIN(Bro, FileExtract)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Extract file content to local file system");
+namespace Bro_FileExtract {
-	BRO_PLUGIN_FILE_ANALYZER("EXTRACT", Extract);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(functions);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::file_analysis::Component("EXTRACT", ::file_analysis::Extract::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::FileExtract";
+		config.description = "Extract file content";
+		return config;
+		}
+} plugin;
+
+}
+}

src/file_analysis/analyzer/hash/Plugin.cc

@@ -1,11 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 #include "plugin/Plugin.h"
 
 #include "Hash.h"
 
-BRO_PLUGIN_BEGIN(Bro, FileHash)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Hash file content");
+namespace Bro_FileHash {
-	BRO_PLUGIN_FILE_ANALYZER("MD5", MD5);
+
-	BRO_PLUGIN_FILE_ANALYZER("SHA1", SHA1);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_FILE_ANALYZER("SHA256", SHA256);
+public:
-	BRO_PLUGIN_BIF_FILE(events);
+	plugin::Configuration Configure()
-BRO_PLUGIN_END
+		{
+		AddComponent(new ::file_analysis::Component("MD5", ::file_analysis::MD5::Instantiate));
+		AddComponent(new ::file_analysis::Component("SHA1", ::file_analysis::SHA1::Instantiate));
+		AddComponent(new ::file_analysis::Component("SHA256", ::file_analysis::SHA256::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::FileHash";
+		config.description = "Hash file content";
+		return config;
+		}
+} plugin;
+
+}
+}

src/file_analysis/analyzer/unified2/Plugin.cc

@@ -1,12 +1,26 @@
+// See the file  in the main distribution directory for copyright.
+
 // See the file "COPYING" in the main distribution directory for copyright.
 
 #include "plugin/Plugin.h"
 
 #include "Unified2.h"
 
-BRO_PLUGIN_BEGIN(Bro, Unified2)
+namespace plugin {
-	BRO_PLUGIN_DESCRIPTION("Analyze Unified2 alert files.");
+namespace Bro_Unified2 {
-	BRO_PLUGIN_FILE_ANALYZER("UNIFIED2", Unified2);
+
-	BRO_PLUGIN_BIF_FILE(events);
+class Plugin : public plugin::Plugin {
-	BRO_PLUGIN_BIF_FILE(types);
+public:
-BRO_PLUGIN_END
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::file_analysis::Component("UNIFIED2", ::file_analysis::Unified2::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::Unified2";
+		config.description = "Analyze Unified2 alert files.";
+		return config;
+		}
+} plugin;
+
+}
+}

src/plugin/Plugin.cc

@@ -1,3 +1,5 @@
+// See the file  in the main distribution directory for copyright.
+
 // See the file "COPYING" in the main distribution directory for copyright.
 
 #include <cassert>