Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 09:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

NetControl: allow reasons in remove_rule calls.

Browse source 
This adds the capability for the user to attach a reason when removing
or destroying a rule. The message will both be logged in netcontrol.log
and forwarded to the responsible plugins.

Addresses BIT-1655
This commit is contained in:
Johanna Amann 2016-08-05 10:47:58 -07:00
parent 9d9c7bafd3
commit 4f1a2c7b62
21 changed files with 129 additions and 115 deletions
Download patch file Download diff file Expand all files Collapse all files

9
testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/netcontrol.log
View file

@ -3,7 +3,7 @@
#empty_field (empty)
#unset_field -
#path netcontrol
#open 2016-05-31-18-51-24
#open 2016-08-05-17-37-11
#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin
#types time string enum string enum string enum string string string string int interval string string
0.000000 - NetControl::MESSAGE - - - - - - - activating plugin with priority 0 - - - Debug-All
@ -11,14 +11,19 @@
0.000000 - NetControl::MESSAGE - - - - - - - plugin initialization done - - - -
1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All
1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All
1398529018.678276 2 NetControl::RULE - NetControl::REMOVED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - delete_rule: testing 0 600.000000 - -
1398529018.678276 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release: Debug-All
1398529018.678276 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release: Debug-All
1398529018.678276 3 NetControl::RULE - NetControl::REMOVED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - delete_rule: testing 0 3600.000000 Re-drop by catch-and-release: -
1398529018.678276 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release: Debug-All
1398529018.678276 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release: Debug-All
1398529018.678276 4 NetControl::RULE - NetControl::REMOVED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - delete_rule: testing 0 86400.000000 Re-drop by catch-and-release: -
1398529018.678276 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release: Debug-All
1398529018.678276 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release: Debug-All
1398529018.678276 5 NetControl::RULE - NetControl::REMOVED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - delete_rule: testing 0 604800.000000 Re-drop by catch-and-release: -
1398529018.678276 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release: Debug-All
1398529018.678276 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release: Debug-All
1398529018.678276 6 NetControl::RULE - NetControl::REMOVED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - delete_rule: testing 0 604800.000000 Re-drop by catch-and-release: -
1398529018.678276 7 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release: Debug-All
1398529018.678276 7 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release: Debug-All
#close 2016-05-31-18-51-24
#close 2016-08-05-17-37-11