Merge remote-tracking branch 'jgras/topic/jgras/packet-analyzer-override-info'

* jgras/topic/jgras/packet-analyzer-override-info: Reintroduce info when overriding packet analyzer mappings.
2025-10-02 06:38:20 +00:00 · 2023-03-30 09:50:57 -07:00 · 2023-03-30 09:50:57 -07:00 · 67335d92cd
commit 67335d92cd
parent 04a2ee7220 bfa466f2eb
5 changed files with 35 additions and 1 deletions
--- a/10
+++ b/10
@ -1,3 +1,13 @@
+6.0.0-dev.284 | 2023-03-30 09:50:57 -0700
+
+  * Reintroduce info when overriding packet analyzer mappings. (Jan Grashoefer, Corelight)
+
+    In #2464 the warning when overriding a packet analyzer mapping was
+    removed. While a warning seems indeed excessive, some info would still
+    be nice to have.
+
+  * Update Cirrus memory limits to avoid timeouts when building (Tim Wojtulewicz)
+
 6.0.0-dev.280 | 2023-03-30 09:35:48 +0200

  * Analyzer: Add GetChildAnalyzer() and IsPreventedChildAnalyzer() (Arne Welzel, Corelight)
--- a/2
+++ b/2
@ -1 +1 @@
-6.0.0-dev.280
+6.0.0-dev.284
--- a/src/packet_analysis/Dispatcher.cc
+++ b/src/packet_analysis/Dispatcher.cc
@ -52,6 +52,10 @@ void Dispatcher::Register(uint32_t identifier, AnalyzerPtr analyzer)
 		}

 	int64_t index = identifier - lowest_identifier;
+	if ( table[index] != nullptr )
+		reporter->Info("Overwriting packet analyzer mapping %#8" PRIx64 " => %s with %s",
+		               index + lowest_identifier, table[index]->GetAnalyzerName(),
+		               analyzer->GetAnalyzerName());
 	table[index] = std::move(analyzer);
 	}

--- a/testing/btest/Baseline/core.packet-analyzer-override/reporter.log
+++ b/testing/btest/Baseline/core.packet-analyzer-override/reporter.log
@ -0,0 +1,11 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	reporter
+#open XXXX-XX-XX-XX-XX-XX
+#fields	ts	level	message	location
+#types	time	enum	string	string
+XXXXXXXXXX.XXXXXX	Reporter::INFO	Overwriting packet analyzer mapping    0x800 => IP with SKIP	(empty)
+#close XXXX-XX-XX-XX-XX-XX
--- a/testing/btest/core/packet-analyzer-override.zeek
+++ b/testing/btest/core/packet-analyzer-override.zeek
@ -0,0 +1,9 @@
+# @TEST-EXEC: zeek -b %INPUT
+# @TEST-EXEC: btest-diff reporter.log
+
+redef PacketAnalyzer::SKIP::skip_bytes: count = 0;
+
+event zeek_init()
+	{
+	PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x0800, PacketAnalyzer::ANALYZER_SKIP);
+	}