Updating tests for DHCP.

2025-10-07 09:08:20 +00:00 · 2013-08-03 20:27:43 -07:00 · 2013-08-03 20:27:43 -07:00 · 2f0671aeeb
commit 2f0671aeeb
parent e7aefcdf36
8 changed files with 36 additions and 12 deletions
--- a/8
+++ b/8
@ -1,4 +1,12 @@

+2.1-1034 | 2013-08-03 20:27:43 -0700
+
+  * A set of DHCP extensions. (Vlad Grigorescu)
+
+     - Leases are logged to dhcp.log as they are seen.
+     - scripts/policy/protocols/dhcp/known-devices-and-hostnames.bro
+     - Added DPD sig.
+
 2.1-1027 | 2013-08-03 01:57:37 -0400

  * Fix a major memory issue in the SumStats framework.
--- a/2
+++ b/2
@ -1 +1 @@
-2.1-1027
+2.1-1034
--- a/doc/scripts/DocSourcesList.cmake
+++ b/doc/scripts/DocSourcesList.cmake
@ -139,6 +139,9 @@ rest_target(${psd} base/protocols/conn/contents.bro)
 rest_target(${psd} base/protocols/conn/inactivity.bro)
 rest_target(${psd} base/protocols/conn/main.bro)
 rest_target(${psd} base/protocols/conn/polling.bro)
+rest_target(${psd} base/protocols/dhcp/consts.bro)
+rest_target(${psd} base/protocols/dhcp/main.bro)
+rest_target(${psd} base/protocols/dhcp/utils.bro)
 rest_target(${psd} base/protocols/dns/consts.bro)
 rest_target(${psd} base/protocols/dns/main.bro)
 rest_target(${psd} base/protocols/ftp/files.bro)
@ -215,6 +218,7 @@ rest_target(${psd} policy/misc/app-stats/plugins/pandora.bro)
 rest_target(${psd} policy/misc/app-stats/plugins/youtube.bro)
 rest_target(${psd} policy/misc/capture-loss.bro)
 rest_target(${psd} policy/misc/detect-traceroute/main.bro)
+rest_target(${psd} policy/misc/known-devices.bro)
 rest_target(${psd} policy/misc/load-balancing.bro)
 rest_target(${psd} policy/misc/loaded-scripts.bro)
 rest_target(${psd} policy/misc/profiling.bro)
@ -224,6 +228,7 @@ rest_target(${psd} policy/misc/trim-trace-file.bro)
 rest_target(${psd} policy/protocols/conn/known-hosts.bro)
 rest_target(${psd} policy/protocols/conn/known-services.bro)
 rest_target(${psd} policy/protocols/conn/weirds.bro)
+rest_target(${psd} policy/protocols/dhcp/known-devices-and-hostnames.bro)
 rest_target(${psd} policy/protocols/dns/auth-addl.bro)
 rest_target(${psd} policy/protocols/dns/detect-external-names.bro)
 rest_target(${psd} policy/protocols/ftp/detect-bruteforcing.bro)
--- a/scripts/test-all-policy.bro
+++ b/scripts/test-all-policy.bro
@ -47,6 +47,7 @@
@load misc/capture-loss.bro
@load misc/detect-traceroute/__load__.bro
@load misc/detect-traceroute/main.bro
+@load misc/known-devices.bro
@load misc/load-balancing.bro
@load misc/loaded-scripts.bro
@load misc/profiling.bro
@ -56,6 +57,7 @@
@load protocols/conn/known-hosts.bro
@load protocols/conn/known-services.bro
@load protocols/conn/weirds.bro
+@load protocols/dhcp/known-devices-and-hostnames.bro
@load protocols/dns/auth-addl.bro
@load protocols/dns/detect-external-names.bro
@load protocols/ftp/detect-bruteforcing.bro
--- a/testing/btest/Baseline/core.print-bpf-filters/output2
+++ b/testing/btest/Baseline/core.print-bpf-filters/output2
@ -26,6 +26,8 @@
 1 6667
 1 6668
 1 6669
+1 67
+1 68
 1 80
 1 8000
 1 8080
@ -36,8 +38,8 @@
 1 992
 1 993
 1 995
-40 and
-39 or
-40 port
+42 and
+41 or
+42 port
 31 tcp
-9 udp
+11 udp
--- a/testing/btest/Baseline/core.tunnels.teredo/conn.log
+++ b/testing/btest/Baseline/core.tunnels.teredo/conn.log
@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	conn
-#open	2008-05-16-15-50-57
+#open	2013-08-04-03-28-45
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	missed_bytes	history	orig_pkts	orig_ip_bytes	resp_pkts	resp_ip_bytes	tunnel_parents
 #types	time	string	addr	port	addr	port	enum	string	interval	count	count	string	bool	count	string	count	count	count	count	table[string]
 1210953047.736921	arKYeMETxOg	192.168.2.16	1576	75.126.130.163	80	tcp	-	0.000357	0	0	SHR	-	0	fA	1	40	1	40	(empty)
@ -21,10 +21,10 @@
 1210953074.570439	c4Zw9TmAE05	192.168.2.16	1580	67.228.110.120	80	tcp	http	0.466677	469	3916	SF	-	0	ShADadFf	7	757	6	4164	(empty)
 1210953052.202579	nQcgTWjvg4c	192.168.2.16	3797	65.55.158.80	3544	udp	teredo	8.928880	129	48	SF	-	0	Dd	2	185	1	76	(empty)
 1210953060.829233	GSxOnSLghOa	192.168.2.16	3797	83.170.1.38	32900	udp	teredo	13.293994	2359	11243	SF	-	0	Dd	12	2695	13	11607	(empty)
-1210953058.933954	iE6yhOq3SF	0.0.0.0	68	255.255.255.255	67	udp	-	-	-	-	S0	-	0	D	1	328	0	0	(empty)
+1210953058.933954	iE6yhOq3SF	0.0.0.0	68	255.255.255.255	67	udp	dhcp	-	-	-	S0	-	0	D	1	328	0	0	(empty)
 1210953052.324629	TEfuqmmG4bh	192.168.2.16	3797	65.55.158.81	3544	udp	-	-	-	-	SHR	-	0	d	0	0	1	137	(empty)
 1210953046.591933	UWkUyAuUGXf	192.168.2.16	138	192.168.2.255	138	udp	-	28.448321	416	0	S0	-	0	D	2	472	0	0	(empty)
 1210953052.324629	FrJExwHcSal	fe80::8000:f227:bec8:61af	134	fe80::8000:ffff:ffff:fffd	133	icmp	-	-	-	-	OTH	-	0	-	1	88	0	0	TEfuqmmG4bh
 1210953060.829303	qCaWGmzFtM5	2001:0:4137:9e50:8000:f12a:b9c8:2815	128	2001:4860:0:2001::68	129	icmp	-	0.463615	4	4	OTH	-	0	-	1	52	1	52	GSxOnSLghOa,nQcgTWjvg4c
 1210953052.202579	j4u32Pc5bif	fe80::8000:ffff:ffff:fffd	133	ff02::2	134	icmp	-	-	-	-	OTH	-	0	-	1	64	0	0	nQcgTWjvg4c
-#close	2008-05-16-15-51-16
+#close	2013-08-04-03-28-45
--- a/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	loaded_scripts
-#open	2013-07-29-22-37-52
+#open	2013-08-04-03-27-22
 #fields	name
 #types	string
 scripts/base/init-bare.bro
@ -91,6 +91,7 @@ scripts/base/init-bare.bro
      scripts/base/utils/site.bro
        scripts/base/utils/patterns.bro
  build/scripts/base/bif/__load__.bro
+    build/scripts/base/bif/top-k.bif.bro
 scripts/policy/misc/loaded-scripts.bro
  scripts/base/utils/paths.bro
-#close	2013-07-29-22-37-52
+#close	2013-08-04-03-27-22
--- a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	loaded_scripts
-#open	2013-07-29-22-37-53
+#open	2013-08-04-03-27-23
 #fields	name
 #types	string
 scripts/base/init-bare.bro
@ -91,6 +91,7 @@ scripts/base/init-bare.bro
      scripts/base/utils/site.bro
        scripts/base/utils/patterns.bro
  build/scripts/base/bif/__load__.bro
+    build/scripts/base/bif/top-k.bif.bro
 scripts/base/init-default.bro
  scripts/base/utils/active-http.bro
    scripts/base/utils/exec.bro
@ -147,6 +148,7 @@ scripts/base/init-default.bro
      scripts/base/frameworks/sumstats/plugins/std-dev.bro
        scripts/base/frameworks/sumstats/plugins/variance.bro
      scripts/base/frameworks/sumstats/plugins/sum.bro
+      scripts/base/frameworks/sumstats/plugins/topk.bro
      scripts/base/frameworks/sumstats/plugins/unique.bro
    scripts/base/frameworks/sumstats/non-cluster.bro
  scripts/base/frameworks/tunnels/__load__.bro
@ -156,6 +158,10 @@ scripts/base/init-default.bro
    scripts/base/protocols/conn/contents.bro
    scripts/base/protocols/conn/inactivity.bro
    scripts/base/protocols/conn/polling.bro
+  scripts/base/protocols/dhcp/__load__.bro
+    scripts/base/protocols/dhcp/consts.bro
+    scripts/base/protocols/dhcp/main.bro
+      scripts/base/protocols/dhcp/utils.bro
  scripts/base/protocols/dns/__load__.bro
    scripts/base/protocols/dns/consts.bro
    scripts/base/protocols/dns/main.bro
@ -202,4 +208,4 @@ scripts/base/init-default.bro
    scripts/base/files/extract/main.bro
  scripts/base/misc/find-checksum-offloading.bro
 scripts/policy/misc/loaded-scripts.bro
-#close	2013-07-29-22-37-53
+#close	2013-08-04-03-27-23
 @ -1 +1 @@
 .1-1027
 .1-1034