Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 07:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Refactor how file analysis actions are tracked.

Browse source 
The Info record now uses a "table[ActionArgs] of ActionResults", which
allows for simultaneous actions of a given type as long as other args
(fields in the ActionArgs record) are different.
This commit is contained in:
Jon Siwek 2013-02-25 16:35:42 -06:00
parent 4b30cc2e24
commit 691622b3aa
13 changed files with 233 additions and 158 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/file_analysis/Manager.cc
View file

@ -100,23 +100,22 @@ bool Manager::PostponeTimeout(const FileID& file_id) const
return true;
}
bool Manager::AddAction(const FileID& file_id, EnumVal* act,
RecordVal* args) const
bool Manager::AddAction(const FileID& file_id, RecordVal* args) const
{
Info* info = Lookup(file_id);
if ( ! info ) return false;
return info->AddAction(static_cast<ActionTag>(act->AsEnum()), args);
return info->AddAction(args);
}
bool Manager::RemoveAction(const FileID& file_id, EnumVal* act) const
bool Manager::RemoveAction(const FileID& file_id, const RecordVal* args) const
{
Info* info = Lookup(file_id);
if ( ! info ) return false;
return info->RemoveAction(static_cast<ActionTag>(act->AsEnum()));
return info->RemoveAction(args);
}
Info* Manager::GetInfo(const string& unique, Connection* conn,