diff --git a/NEWS b/NEWS index d538206a53..98a0441d44 100644 --- a/NEWS +++ b/NEWS @@ -146,6 +146,9 @@ New Functionality renaming of column names, as well as extension data columns that can be added to specific or all logfiles (e.g., to add noew names). +- The new "bro-config" script can be used to determine the Bro installation + paths. + - New BroControl functionality in aux/broctl: - There is a new node type "logger" that can be specified in @@ -190,28 +193,32 @@ Changed Functionality - Log changes: - Connections - * The 'history' field gains two new flags: '^' indicates that + + The 'history' field gains two new flags: '^' indicates that Bro heuristically flipped to direction of the connection. 't/T' indicates the first TCP payload retransmission from originator or responder, respectively. - DNS - * New 'rtt' field to indicate the round trip time between when a + + New 'rtt' field to indicate the round trip time between when a request was sent and when a reply started. - SMTP - * New 'cc' field which includes the 'Cc' header from MIME + + New 'cc' field which includes the 'Cc' header from MIME messages sent over SMTP. - * Changes in 'mailfrom' and 'rcptto' fields to remove some + Changes in 'mailfrom' and 'rcptto' fields to remove some non-address cruft that will tend to be found. The main example is the change from "" to "user@domain.com". - HTTP - * Removed 'filename' field. - * New 'orig_filenames' and 'resp_filenames' fields which each + Removed 'filename' field. + + New 'orig_filenames' and 'resp_filenames' fields which each contain a vector of filenames seen in entities transferred. - The BrokerComm and BrokerStore namespaces were renamed to Broker. @@ -288,7 +295,7 @@ Removed Functionality - The command line options --set-seed and --md5-hashkey have been removed. - - The packaging scripts pkg/make-*-packages are gone. They aren't + - The packaging scripts pkg/make-\*-packages are gone. They aren't used anymore for the binary Bro packages that the projects distributes; haven't been supported in a while; and have problems. diff --git a/doc/components/bro-plugins/postgresql/README.rst b/doc/components/bro-plugins/postgresql/README.rst new file mode 120000 index 0000000000..b8c815c45b --- /dev/null +++ b/doc/components/bro-plugins/postgresql/README.rst @@ -0,0 +1 @@ +../../../../aux/plugins/postgresql/README \ No newline at end of file diff --git a/testing/btest/doc/sphinx/include-doc_frameworks_netcontrol-9-skeleton_bro.btest b/testing/btest/doc/sphinx/include-doc_frameworks_netcontrol-9-skeleton_bro.btest index dc23f832dd..0fed26184f 100644 --- a/testing/btest/doc/sphinx/include-doc_frameworks_netcontrol-9-skeleton_bro.btest +++ b/testing/btest/doc/sphinx/include-doc_frameworks_netcontrol-9-skeleton_bro.btest @@ -21,7 +21,7 @@ function skeleton_add_rule_fun(p: PluginState, r: Rule) : bool return T; } - function skeleton_remove_rule_fun(p: PluginState, r: Rule) : bool +function skeleton_remove_rule_fun(p: PluginState, r: Rule, reason: string &default="") : bool { print "remove", r; event NetControl::rule_removed(r, p);