mirror of
https://github.com/zeek/zeek.git
synced 2025-10-14 04:28:20 +00:00
Updating Sphinx tests for manual.
This commit is contained in:
Robin Sommer
parent
1bdfa3dff2
commit
364cdb8604
108 changed files with 447 additions and 389 deletions
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,13 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
||||||
# bro framework_logging_factorial_02.bro
|
# bro framework_logging_factorial_02.bro
|
||||||
|
|
||||||
|
.. rst-class:: btest-include
|
||||||
|
|
||||||
.. code-block:: guess
|
.. code-block:: guess
|
||||||
:linenos:
|
:linenos:
|
||||||
|
|
||||||
|
|
@ -12,7 +16,7 @@
|
||||||
#empty_field (empty)
|
#empty_field (empty)
|
||||||
#unset_field -
|
#unset_field -
|
||||||
#path factor
|
#path factor
|
||||||
#open 2013-09-01-01-08-18
|
#open 2013-10-07-23-48-11
|
||||||
#fields num factorial_num
|
#fields num factorial_num
|
||||||
#types count count
|
#types count count
|
||||||
1 1
|
1 1
|
||||||
|
|
@ -25,5 +29,5 @@
|
||||||
8 40320
|
8 40320
|
||||||
9 362880
|
9 362880
|
||||||
10 3628800
|
10 3628800
|
||||||
#close 2013-09-01-01-08-18
|
#close 2013-10-07-23-48-11
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,13 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
||||||
# bro framework_logging_factorial_03.bro
|
# bro framework_logging_factorial_03.bro
|
||||||
|
|
||||||
|
.. rst-class:: btest-include
|
||||||
|
|
||||||
.. code-block:: guess
|
.. code-block:: guess
|
||||||
:linenos:
|
:linenos:
|
||||||
|
|
||||||
|
|
@ -12,7 +16,7 @@
|
||||||
#empty_field (empty)
|
#empty_field (empty)
|
||||||
#unset_field -
|
#unset_field -
|
||||||
#path factor-mod5
|
#path factor-mod5
|
||||||
#open 2013-09-01-01-08-18
|
#open 2013-10-07-23-48-12
|
||||||
#fields num factorial_num
|
#fields num factorial_num
|
||||||
#types count count
|
#types count count
|
||||||
5 120
|
5 120
|
||||||
|
|
@ -21,5 +25,5 @@
|
||||||
8 40320
|
8 40320
|
||||||
9 362880
|
9 362880
|
||||||
10 3628800
|
10 3628800
|
||||||
#close 2013-09-01-01-08-18
|
#close 2013-10-07-23-48-12
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- connection_record_02.bro
|
connection_record_02.bro
|
||||||
|
|
||||||
@load base/protocols/conn
|
@load base/protocols/conn
|
||||||
@load base/protocols/dns
|
@load base/protocols/dns
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- connection_record_02.bro
|
connection_record_02.bro
|
||||||
|
|
||||||
@load base/protocols/conn
|
@load base/protocols/conn
|
||||||
@load base/protocols/dns
|
@load base/protocols/dns
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_record_01.bro
|
data_struct_record_01.bro
|
||||||
|
|
||||||
type Service: record {
|
type Service: record {
|
||||||
name: string;
|
name: string;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_record_02.bro
|
data_struct_record_02.bro
|
||||||
|
|
||||||
type Service: record {
|
type Service: record {
|
||||||
name: string;
|
name: string;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_set_declaration.bro
|
data_struct_set_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_set_declaration.bro
|
data_struct_set_declaration.bro
|
||||||
|
|
||||||
for ( i in ssl_ports )
|
for ( i in ssl_ports )
|
||||||
print fmt("SSL Port: %s", i);
|
print fmt("SSL Port: %s", i);
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_set_declaration.bro
|
data_struct_set_declaration.bro
|
||||||
|
|
||||||
# Check for SMTPS
|
# Check for SMTPS
|
||||||
if ( 587/tcp !in ssl_ports )
|
if ( 587/tcp !in ssl_ports )
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_set_declaration.bro
|
data_struct_set_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_table_complex.bro
|
data_struct_table_complex.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_table_declaration.bro
|
data_struct_table_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_vector_declaration.bro
|
data_struct_vector_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_vector_iter.bro
|
data_struct_vector_iter.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_const.bro
|
data_type_const.bro
|
||||||
|
|
||||||
const port_list: table[port] of string &redef;
|
const port_list: table[port] of string &redef;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_const_simple.bro
|
data_type_const_simple.bro
|
||||||
|
|
||||||
@load base/protocols/http
|
@load base/protocols/http
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_declaration.bro
|
data_type_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_interval.bro
|
data_type_interval.bro
|
||||||
|
|
||||||
# Store the time the previous connection was established.
|
# Store the time the previous connection was established.
|
||||||
global last_connection_time: time;
|
global last_connection_time: time;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_local.bro
|
data_type_local.bro
|
||||||
|
|
||||||
function add_two(i: count): count
|
function add_two(i: count): count
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_pattern_01.bro
|
data_type_pattern_01.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_pattern_02.bro
|
data_type_pattern_02.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_subnets.bro
|
data_type_subnets.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_time.bro
|
data_type_time.bro
|
||||||
|
|
||||||
event connection_established(c: connection)
|
event connection_established(c: connection)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_logging_factorial_01.bro
|
framework_logging_factorial_01.bro
|
||||||
|
|
||||||
module Factor;
|
module Factor;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_logging_factorial_02.bro
|
framework_logging_factorial_02.bro
|
||||||
|
|
||||||
module Factor;
|
module Factor;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_logging_factorial_03.bro
|
framework_logging_factorial_03.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_logging_factorial_04.bro
|
framework_logging_factorial_04.bro
|
||||||
|
|
||||||
module Factor;
|
module Factor;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_notice_hook_01.bro
|
framework_notice_hook_01.bro
|
||||||
|
|
||||||
@load policy/protocols/ssh/interesting-hostnames.bro
|
@load policy/protocols/ssh/interesting-hostnames.bro
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_notice_hook_suppression_01.bro
|
framework_notice_hook_suppression_01.bro
|
||||||
|
|
||||||
@load policy/protocols/ssl/expiring-certs.bro
|
@load policy/protocols/ssl/expiring-certs.bro
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_notice_shortcuts_01.bro
|
framework_notice_shortcuts_01.bro
|
||||||
|
|
||||||
@load policy/protocols/ssh/interesting-hostnames.bro
|
@load policy/protocols/ssh/interesting-hostnames.bro
|
||||||
@load base/protocols/ssh/
|
@load base/protocols/ssh/
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_notice_shortcuts_02.bro
|
framework_notice_shortcuts_02.bro
|
||||||
|
|
||||||
@load policy/protocols/ssh/interesting-hostnames.bro
|
@load policy/protocols/ssh/interesting-hostnames.bro
|
||||||
@load base/protocols/ssh/
|
@load base/protocols/ssh/
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- event.bif.bro
|
event.bif.bro
|
||||||
|
|
||||||
## Generated for every new connection. This event is raised with the first
|
## Generated for every new connection. This event is raised with the first
|
||||||
## packet of a previously unknown connection. Bro uses a flow-based definition
|
## packet of a previously unknown connection. Bro uses a flow-based definition
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- Bro_DNS.events.bif.bro
|
Bro_DNS.events.bif.bro
|
||||||
|
|
||||||
## Generated for DNS requests. For requests with multiple queries, this event
|
## Generated for DNS requests. For requests with multiple queries, this event
|
||||||
## is raised once for each.
|
## is raised once for each.
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- init-bare.bro
|
init-bare.bro
|
||||||
|
|
||||||
type string_array: table[count] of string;
|
type string_array: table[count] of string;
|
||||||
type string_set: set[string];
|
type string_set: set[string];
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- main.bro
|
main.bro
|
||||||
|
|
||||||
module Conn;
|
module Conn;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- main.bro
|
main.bro
|
||||||
|
|
||||||
module HTTP;
|
module HTTP;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- detect-MHR.bro
|
detect-MHR.bro
|
||||||
|
|
||||||
##! Detect file downloads that have hash values matching files in Team
|
##! Detect file downloads that have hash values matching files in Team
|
||||||
##! Cymru's Malware Hash Registry (http://www.team-cymru.org/Services/MHR/).
|
##! Cymru's Malware Hash Registry (http://www.team-cymru.org/Services/MHR/).
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- detect-MHR.bro
|
detect-MHR.bro
|
||||||
|
|
||||||
@load base/frameworks/files
|
@load base/frameworks/files
|
||||||
@load base/frameworks/notice
|
@load base/frameworks/notice
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- detect-MHR.bro
|
detect-MHR.bro
|
||||||
|
|
||||||
export {
|
export {
|
||||||
redef enum Notice::Type += {
|
redef enum Notice::Type += {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- detect-MHR.bro
|
detect-MHR.bro
|
||||||
|
|
||||||
event file_hash(f: fa_file, kind: string, hash: string)
|
event file_hash(f: fa_file, kind: string, hash: string)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- known-hosts.bro
|
known-hosts.bro
|
||||||
|
|
||||||
module Known;
|
module Known;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- interesting-hostnames.bro
|
interesting-hostnames.bro
|
||||||
|
|
||||||
##! This script will generate a notice if an apparent SSH login originates
|
##! This script will generate a notice if an apparent SSH login originates
|
||||||
##! or heads to a host with a reverse hostname that looks suspicious. By
|
##! or heads to a host with a reverse hostname that looks suspicious. By
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- expiring-certs.bro
|
expiring-certs.bro
|
||||||
|
|
||||||
NOTICE([$note=Certificate_Expires_Soon,
|
NOTICE([$note=Certificate_Expires_Soon,
|
||||||
$msg=fmt("Certificate %s is going to expire at %T", cert$subject, cert$not_valid_after),
|
$msg=fmt("Certificate %s is going to expire at %T", cert$subject, cert$not_valid_after),
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,13 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
||||||
# bro -r wikipedia.trace
|
# bro -r wikipedia.trace
|
||||||
|
|
||||||
|
.. rst-class:: btest-include
|
||||||
|
|
||||||
.. code-block:: guess
|
.. code-block:: guess
|
||||||
:linenos:
|
:linenos:
|
||||||
|
|
||||||
|
|
@ -12,7 +16,7 @@
|
||||||
#empty_field (empty)
|
#empty_field (empty)
|
||||||
#unset_field -
|
#unset_field -
|
||||||
#path conn
|
#path conn
|
||||||
#open 2013-09-01-01-08-21
|
#open 2013-10-07-23-48-15
|
||||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||||
#types time string addr port addr port enum string interval count count string bool count string count count count count table[string]
|
#types time string addr port addr port enum string interval count count string bool count string count count count count table[string]
|
||||||
1300475167.096535 CXWv6p3arKYeMETxOg 141.142.220.202 5353 224.0.0.251 5353 udp dns - - - S0 - 0 D 1 73 0 0 (empty)
|
1300475167.096535 CXWv6p3arKYeMETxOg 141.142.220.202 5353 224.0.0.251 5353 udp dns - - - S0 - 0 D 1 73 0 0 (empty)
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
.. rst-class:: btest-cmd
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
:linenos:
|
:linenos:
|
||||||
:emphasize-lines: 1,1
|
:emphasize-lines: 1,1
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- connection_record_02.bro
|
connection_record_02.bro
|
||||||
|
|
||||||
@load base/protocols/conn
|
@load base/protocols/conn
|
||||||
@load base/protocols/dns
|
@load base/protocols/dns
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- connection_record_02.bro
|
connection_record_02.bro
|
||||||
|
|
||||||
@load base/protocols/conn
|
@load base/protocols/conn
|
||||||
@load base/protocols/dns
|
@load base/protocols/dns
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_record_01.bro
|
data_struct_record_01.bro
|
||||||
|
|
||||||
type Service: record {
|
type Service: record {
|
||||||
name: string;
|
name: string;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_record_02.bro
|
data_struct_record_02.bro
|
||||||
|
|
||||||
type Service: record {
|
type Service: record {
|
||||||
name: string;
|
name: string;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_set_declaration.bro
|
data_struct_set_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_set_declaration.bro
|
data_struct_set_declaration.bro
|
||||||
|
|
||||||
for ( i in ssl_ports )
|
for ( i in ssl_ports )
|
||||||
print fmt("SSL Port: %s", i);
|
print fmt("SSL Port: %s", i);
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_set_declaration.bro
|
data_struct_set_declaration.bro
|
||||||
|
|
||||||
# Check for SMTPS
|
# Check for SMTPS
|
||||||
if ( 587/tcp !in ssl_ports )
|
if ( 587/tcp !in ssl_ports )
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_set_declaration.bro
|
data_struct_set_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_table_complex.bro
|
data_struct_table_complex.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_table_declaration.bro
|
data_struct_table_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_vector_declaration.bro
|
data_struct_vector_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_struct_vector_iter.bro
|
data_struct_vector_iter.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_const.bro
|
data_type_const.bro
|
||||||
|
|
||||||
const port_list: table[port] of string &redef;
|
const port_list: table[port] of string &redef;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_const_simple.bro
|
data_type_const_simple.bro
|
||||||
|
|
||||||
@load base/protocols/http
|
@load base/protocols/http
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_declaration.bro
|
data_type_declaration.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_interval.bro
|
data_type_interval.bro
|
||||||
|
|
||||||
# Store the time the previous connection was established.
|
# Store the time the previous connection was established.
|
||||||
global last_connection_time: time;
|
global last_connection_time: time;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_local.bro
|
data_type_local.bro
|
||||||
|
|
||||||
function add_two(i: count): count
|
function add_two(i: count): count
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_pattern_01.bro
|
data_type_pattern_01.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_pattern_02.bro
|
data_type_pattern_02.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_subnets.bro
|
data_type_subnets.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- data_type_time.bro
|
data_type_time.bro
|
||||||
|
|
||||||
event connection_established(c: connection)
|
event connection_established(c: connection)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_logging_factorial_01.bro
|
framework_logging_factorial_01.bro
|
||||||
|
|
||||||
module Factor;
|
module Factor;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_logging_factorial_02.bro
|
framework_logging_factorial_02.bro
|
||||||
|
|
||||||
module Factor;
|
module Factor;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_logging_factorial_03.bro
|
framework_logging_factorial_03.bro
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_logging_factorial_04.bro
|
framework_logging_factorial_04.bro
|
||||||
|
|
||||||
module Factor;
|
module Factor;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_notice_hook_01.bro
|
framework_notice_hook_01.bro
|
||||||
|
|
||||||
@load policy/protocols/ssh/interesting-hostnames.bro
|
@load policy/protocols/ssh/interesting-hostnames.bro
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_notice_hook_suppression_01.bro
|
framework_notice_hook_suppression_01.bro
|
||||||
|
|
||||||
@load policy/protocols/ssl/expiring-certs.bro
|
@load policy/protocols/ssl/expiring-certs.bro
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_notice_shortcuts_01.bro
|
framework_notice_shortcuts_01.bro
|
||||||
|
|
||||||
@load policy/protocols/ssh/interesting-hostnames.bro
|
@load policy/protocols/ssh/interesting-hostnames.bro
|
||||||
@load base/protocols/ssh/
|
@load base/protocols/ssh/
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- framework_notice_shortcuts_02.bro
|
framework_notice_shortcuts_02.bro
|
||||||
|
|
||||||
@load policy/protocols/ssh/interesting-hostnames.bro
|
@load policy/protocols/ssh/interesting-hostnames.bro
|
||||||
@load base/protocols/ssh/
|
@load base/protocols/ssh/
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- event.bif.bro
|
event.bif.bro
|
||||||
|
|
||||||
## Generated for every new connection. This event is raised with the first
|
## Generated for every new connection. This event is raised with the first
|
||||||
## packet of a previously unknown connection. Bro uses a flow-based definition
|
## packet of a previously unknown connection. Bro uses a flow-based definition
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- Bro_DNS.events.bif.bro
|
Bro_DNS.events.bif.bro
|
||||||
|
|
||||||
## Generated for DNS requests. For requests with multiple queries, this event
|
## Generated for DNS requests. For requests with multiple queries, this event
|
||||||
## is raised once for each.
|
## is raised once for each.
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- init-bare.bro
|
init-bare.bro
|
||||||
|
|
||||||
type string_array: table[count] of string;
|
type string_array: table[count] of string;
|
||||||
type string_set: set[string];
|
type string_set: set[string];
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
# @TEST-EXEC: cat %INPUT >output && btest-diff output
|
||||||
|
|
||||||
-- main.bro
|
main.bro
|
||||||
|
|
||||||
module Conn;
|
module Conn;
|
||||||
|
|
||||||
|
|
|
||||||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue