Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 05:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add conn.log entries for connections with unhandled IP protocols

Browse source
This commit is contained in:
Tim Wojtulewicz 2024-09-10 15:13:11 +02:00
parent a96515a2e8
commit 35ec9733c0
422 changed files with 97715 additions and 97282 deletions
Download patch file Download diff file Expand all files Collapse all files

2
testing/btest/scripts/base/utils/conn-ids.test
View file

@ -4,7 +4,7 @@
@load base/utils/conn-ids
global c: conn_id = [ $orig_h = 10.0.0.100, $orig_p = 10000/tcp,
$resp_h = 10.0.0.200, $resp_p = 20000/tcp ];
$resp_h = 10.0.0.200, $resp_p = 20000/tcp, $proto=6 ];
print id_string(c);
print reverse_id_string(c);

8
testing/btest/scripts/base/utils/directions-and-hosts.test
View file

@ -11,19 +11,19 @@ global remote_ip = 192.168.1.100;
global local2local: conn_id = [
$orig_h = 10.0.0.100, $orig_p = 10000/tcp,
$resp_h = 10.0.0.200, $resp_p = 20000/tcp ];
$resp_h = 10.0.0.200, $resp_p = 20000/tcp, $proto=6 ];
global local2remote: conn_id = [
$orig_h = 10.0.0.100, $orig_p = 10000/tcp,
$resp_h = 192.168.1.100, $resp_p = 20000/tcp ];
$resp_h = 192.168.1.100, $resp_p = 20000/tcp, $proto=6 ];
global remote2local: conn_id = [
$orig_h = 192.168.1.100, $orig_p = 10000/tcp,
$resp_h = 10.0.0.100, $resp_p = 20000/tcp ];
$resp_h = 10.0.0.100, $resp_p = 20000/tcp, $proto=6 ];
global remote2remote: conn_id = [
$orig_h = 192.168.1.100, $orig_p = 10000/tcp,
$resp_h = 192.168.1.200, $resp_p = 20000/tcp ];
$resp_h = 192.168.1.200, $resp_p = 20000/tcp, $proto=6 ];
function test_host(ip: addr, h: Host, expect: bool)
{