diff --git a/CHANGES b/CHANGES index 174cc1463e..8372329d0e 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,19 @@ +2.0-beta-19 | 2011-11-03 17:41:00 -0700 + + * Fixing packet filter test. (Robin Sommer) + +2.0-beta-12 | 2011-11-03 15:21:08 -0700 + + * No longer write to the PacketFilter::LOG stream if not reading + traffic. (Seth Hall) + +2.0-beta-10 | 2011-11-03 15:17:08 -0700 + + * Notice framework documentation update. (Seth Hall) + + * Fixing compiler warnings (addresses #388) (Jon Siwek) + 2.0-beta | 2011-10-27 17:46:28 -0700 * Preliminary fix for SSH login detection: we need a counted measure diff --git a/VERSION b/VERSION index 83a60b28b1..ce0cb3814c 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.0-beta +2.0-beta-19 diff --git a/aux/binpac b/aux/binpac index c379cefad9..e0b7d838c1 160000 --- a/aux/binpac +++ b/aux/binpac @@ -1 +1 @@ -Subproject commit c379cefad994004e6ca5f6ba7de038ab6da3a5f5 +Subproject commit e0b7d838c10da57d09a6645a64ee6fee47e0507d diff --git a/aux/bro-aux b/aux/bro-aux index 6c5c999d9f..c876be28ab 160000 --- a/aux/bro-aux +++ b/aux/bro-aux @@ -1 +1 @@ -Subproject commit 6c5c999d9fe05f0e08cc55af478b6e3e47d15c53 +Subproject commit c876be28ab59a663ace668b63b14dc39936199df diff --git a/aux/broccoli b/aux/broccoli index 8abb08f7f6..1553a19a55 160000 --- a/aux/broccoli +++ b/aux/broccoli @@ -1 +1 @@ -Subproject commit 8abb08f7f604bae286ddc7ae484dc7333ce7997a +Subproject commit 1553a19a559765989d7c0297e357f0402dff1a69 diff --git a/aux/broctl b/aux/broctl index 8f535292ca..32ffde0e08 160000 --- a/aux/broctl +++ b/aux/broctl @@ -1 +1 @@ -Subproject commit 8f535292ca45d1fe7207394dbf4768d4d13ab87b +Subproject commit 32ffde0e08d7f33aa20954755586174b4aa041c9 diff --git a/cmake b/cmake index bbf129bd7b..704e255d7e 160000 --- a/cmake +++ b/cmake @@ -1 +1 @@ -Subproject commit bbf129bd7bd33dfb5641ff0d9242f4b3ebba8e82 +Subproject commit 704e255d7ef2faf926836c1c64d16c5b8a02b063 diff --git a/scripts/base/frameworks/packet-filter/main.bro b/scripts/base/frameworks/packet-filter/main.bro index 784a7725ed..1097315172 100644 --- a/scripts/base/frameworks/packet-filter/main.bro +++ b/scripts/base/frameworks/packet-filter/main.bro @@ -144,7 +144,8 @@ function install() $sub=default_filter]); } - Log::write(PacketFilter::LOG, info); + if ( reading_live_traffic() || reading_traces() ) + Log::write(PacketFilter::LOG, info); } event bro_init() &priority=10 diff --git a/src/Base64.h b/src/Base64.h index 0fe7e04910..7f351a2c2b 100644 --- a/src/Base64.h +++ b/src/Base64.h @@ -44,7 +44,7 @@ public: if ( analyzer ) analyzer->Weird("base64_illegal_encoding", msg); else - reporter->Error(msg); + reporter->Error("%s", msg); } protected: diff --git a/src/CompHash.cc b/src/CompHash.cc index 6893cafd8f..148c8384ee 100644 --- a/src/CompHash.cc +++ b/src/CompHash.cc @@ -522,7 +522,7 @@ ListVal* CompositeHash::RecoverVals(const HashKey* k) const } if ( kp != k_end ) - reporter->InternalError("under-ran key in CompositeHash::DescribeKey %ld", k_end - kp); + reporter->InternalError("under-ran key in CompositeHash::DescribeKey %zd", k_end - kp); return l; } diff --git a/src/Debug.cc b/src/Debug.cc index 3aa805d5bf..1b849fff7e 100644 --- a/src/Debug.cc +++ b/src/Debug.cc @@ -797,7 +797,7 @@ int dbg_handle_debug_input() input_line = (char*) safe_malloc(1024); input_line[1023] = 0; // ### Maybe it's not always stdin. - fgets(input_line, 1023, stdin); + input_line = fgets(input_line, 1023, stdin); #endif // ### Maybe not stdin; maybe do better cleanup. diff --git a/src/Desc.cc b/src/Desc.cc index 7121253087..c70878de34 100644 --- a/src/Desc.cc +++ b/src/Desc.cc @@ -296,7 +296,7 @@ void ODesc::AddBytesRaw(const void* bytes, unsigned int n) if ( ! write_failed ) // Most likely it's a "disk full" so report // subsequent failures only once. - reporter->Error(fmt("error writing to %s: %s", f->Name(), strerror(errno))); + reporter->Error("error writing to %s: %s", f->Name(), strerror(errno)); write_failed = true; return; diff --git a/src/File.cc b/src/File.cc index 37ce7c0b4b..080923ad37 100644 --- a/src/File.cc +++ b/src/File.cc @@ -149,7 +149,7 @@ BroFile::BroFile(const char* arg_name, const char* arg_access, BroType* arg_t) t = arg_t ? arg_t : base_type(TYPE_STRING); if ( ! Open() ) { - reporter->Error(fmt("cannot open %s: %s", name, strerror(errno))); + reporter->Error("cannot open %s: %s", name, strerror(errno)); is_open = 0; okay_to_manage = 0; } @@ -641,7 +641,7 @@ void BroFile::InitEncrypt(const char* keyfile) if ( ! key ) { - reporter->Error(fmt("can't open key file %s: %s", keyfile, strerror(errno))); + reporter->Error("can't open key file %s: %s", keyfile, strerror(errno)); Close(); return; } @@ -649,8 +649,8 @@ void BroFile::InitEncrypt(const char* keyfile) pub_key = PEM_read_PUBKEY(key, 0, 0, 0); if ( ! pub_key ) { - reporter->Error(fmt("can't read key from %s: %s", keyfile, - ERR_error_string(ERR_get_error(), 0))); + reporter->Error("can't read key from %s: %s", keyfile, + ERR_error_string(ERR_get_error(), 0)); Close(); return; } @@ -671,8 +671,8 @@ void BroFile::InitEncrypt(const char* keyfile) if ( ! EVP_SealInit(cipher_ctx, cipher_type, &psecret, (int*) &secret_len, iv, &pub_key, 1) ) { - reporter->Error(fmt("can't init cipher context for %s: %s", keyfile, - ERR_error_string(ERR_get_error(), 0))); + reporter->Error("can't init cipher context for %s: %s", keyfile, + ERR_error_string(ERR_get_error(), 0)); Close(); return; } @@ -684,8 +684,8 @@ void BroFile::InitEncrypt(const char* keyfile) fwrite(secret, ntohl(secret_len), 1, f) && fwrite(iv, iv_len, 1, f)) ) { - reporter->Error(fmt("can't write header to log file %s: %s", - name, strerror(errno))); + reporter->Error("can't write header to log file %s: %s", + name, strerror(errno)); Close(); return; } @@ -709,8 +709,8 @@ void BroFile::FinishEncrypt() if ( outl && ! fwrite(cipher_buffer, outl, 1, f) ) { - reporter->Error(fmt("write error for %s: %s", - name, strerror(errno))); + reporter->Error("write error for %s: %s", + name, strerror(errno)); return; } @@ -741,17 +741,17 @@ int BroFile::Write(const char* data, int len) if ( ! EVP_SealUpdate(cipher_ctx, cipher_buffer, &outl, (unsigned char*)data, inl) ) { - reporter->Error(fmt("encryption error for %s: %s", + reporter->Error("encryption error for %s: %s", name, - ERR_error_string(ERR_get_error(), 0))); + ERR_error_string(ERR_get_error(), 0)); Close(); return 0; } if ( outl && ! fwrite(cipher_buffer, outl, 1, f) ) { - reporter->Error(fmt("write error for %s: %s", - name, strerror(errno))); + reporter->Error("write error for %s: %s", + name, strerror(errno)); Close(); return 0; } @@ -798,7 +798,7 @@ void BroFile::UpdateFileSize() struct stat s; if ( fstat(fileno(f), &s) < 0 ) { - reporter->Error(fmt("can't stat fd for %s: %s", name, strerror(errno))); + reporter->Error("can't stat fd for %s: %s", name, strerror(errno)); current_size = 0; return; } diff --git a/src/FileAnalyzer.cc b/src/FileAnalyzer.cc index 1abe88caec..672d1e1e09 100644 --- a/src/FileAnalyzer.cc +++ b/src/FileAnalyzer.cc @@ -74,11 +74,11 @@ void File_Analyzer::InitMagic(magic_t* magic, int flags) *magic = magic_open(flags); if ( ! *magic ) - reporter->Error(fmt("can't init libmagic: %s", magic_error(*magic))); + reporter->Error("can't init libmagic: %s", magic_error(*magic)); else if ( magic_load(*magic, 0) < 0 ) { - reporter->Error(fmt("can't load magic file: %s", magic_error(*magic))); + reporter->Error("can't load magic file: %s", magic_error(*magic)); magic_close(*magic); *magic = 0; } diff --git a/src/LogMgr.cc b/src/LogMgr.cc index 9e320f8810..f78a2a19e0 100644 --- a/src/LogMgr.cc +++ b/src/LogMgr.cc @@ -1453,8 +1453,8 @@ bool LogMgr::Flush(EnumVal* id) void LogMgr::Error(LogWriter* writer, const char* msg) { - reporter->Error(fmt("error with writer for %s: %s", - writer->Path().c_str(), msg)); + reporter->Error("error with writer for %s: %s", + writer->Path().c_str(), msg); } // Timer which on dispatching rotates the filter. diff --git a/src/OSFinger.cc b/src/OSFinger.cc index 70504e8422..f8032d60ee 100644 --- a/src/OSFinger.cc +++ b/src/OSFinger.cc @@ -85,8 +85,8 @@ void OSFingerprint::collide(uint32 id) if (sig[id].ttl % 32 && sig[id].ttl != 255 && sig[id].ttl % 30) { problems=1; - reporter->Warning(fmt("OS fingerprinting: [!] Unusual TTL (%d) for signature '%s %s' (line %d).", - sig[id].ttl,sig[id].os,sig[id].desc,sig[id].line)); + reporter->Warning("OS fingerprinting: [!] Unusual TTL (%d) for signature '%s %s' (line %d).", + sig[id].ttl,sig[id].os,sig[id].desc,sig[id].line); } for (i=0;iWarning(fmt("OS fingerprinting: [!] Duplicate signature name: '%s %s' (line %d and %d).", - sig[i].os,sig[i].desc,sig[i].line,sig[id].line)); + reporter->Warning("OS fingerprinting: [!] Duplicate signature name: '%s %s' (line %d and %d).", + sig[i].os,sig[i].desc,sig[i].line,sig[id].line); } /* If TTLs are sufficiently away from each other, the risk of @@ -277,10 +277,10 @@ do_const: if (sig[id].opt[j] ^ sig[i].opt[j]) goto reloop; problems=1; - reporter->Warning(fmt("OS fingerprinting: [!] Signature '%s %s' (line %d)\n" + reporter->Warning("OS fingerprinting: [!] Signature '%s %s' (line %d)\n" " is already covered by '%s %s' (line %d).", sig[id].os,sig[id].desc,sig[id].line,sig[i].os,sig[i].desc, - sig[i].line)); + sig[i].line); reloop: ; diff --git a/src/PolicyFile.cc b/src/PolicyFile.cc index 53b115048a..9f67ee88a1 100644 --- a/src/PolicyFile.cc +++ b/src/PolicyFile.cc @@ -88,7 +88,8 @@ bool LoadPolicyFileText(const char* policy_filename) // ### This code is not necessarily Unicode safe! // (probably fine with UTF-8) pf->filedata = new char[size+1]; - fread(pf->filedata, size, 1, f); + if ( fread(pf->filedata, size, 1, f) != 1 ) + reporter->InternalError("Failed to fread() file data"); pf->filedata[size] = 0; fclose(f); diff --git a/src/RemoteSerializer.cc b/src/RemoteSerializer.cc index 03588429de..324da2c92b 100644 --- a/src/RemoteSerializer.cc +++ b/src/RemoteSerializer.cc @@ -392,7 +392,7 @@ static bool sendToIO(ChunkedIO* io, ChunkedIO::Chunk* c) { if ( ! io->Write(c) ) { - reporter->Warning(fmt("can't send chunk: %s", io->Error())); + reporter->Warning("can't send chunk: %s", io->Error()); return false; } @@ -404,7 +404,7 @@ static bool sendToIO(ChunkedIO* io, char msg_type, RemoteSerializer::PeerID id, { if ( ! sendCMsg(io, msg_type, id) ) { - reporter->Warning(fmt("can't send message of type %d: %s", msg_type, io->Error())); + reporter->Warning("can't send message of type %d: %s", msg_type, io->Error()); return false; } @@ -419,7 +419,7 @@ static bool sendToIO(ChunkedIO* io, char msg_type, RemoteSerializer::PeerID id, { if ( ! sendCMsg(io, msg_type, id) ) { - reporter->Warning(fmt("can't send message of type %d: %s", msg_type, io->Error())); + reporter->Warning("can't send message of type %d: %s", msg_type, io->Error()); return false; } @@ -715,7 +715,7 @@ bool RemoteSerializer::CloseConnection(PeerID id) Peer* peer = LookupPeer(id, true); if ( ! peer ) { - reporter->Error(fmt("unknown peer id %d for closing connection", int(id))); + reporter->Error("unknown peer id %d for closing connection", int(id)); return false; } @@ -750,14 +750,14 @@ bool RemoteSerializer::RequestSync(PeerID id, bool auth) Peer* peer = LookupPeer(id, true); if ( ! peer ) { - reporter->Error(fmt("unknown peer id %d for request sync", int(id))); + reporter->Error("unknown peer id %d for request sync", int(id)); return false; } if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't request sync from peer; wrong phase %d", - peer->phase)); + reporter->Error("can't request sync from peer; wrong phase %d", + peer->phase); return false; } @@ -777,14 +777,14 @@ bool RemoteSerializer::RequestLogs(PeerID id) Peer* peer = LookupPeer(id, true); if ( ! peer ) { - reporter->Error(fmt("unknown peer id %d for request logs", int(id))); + reporter->Error("unknown peer id %d for request logs", int(id)); return false; } if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't request logs from peer; wrong phase %d", - peer->phase)); + reporter->Error("can't request logs from peer; wrong phase %d", + peer->phase); return false; } @@ -802,14 +802,14 @@ bool RemoteSerializer::RequestEvents(PeerID id, RE_Matcher* pattern) Peer* peer = LookupPeer(id, true); if ( ! peer ) { - reporter->Error(fmt("unknown peer id %d for request sync", int(id))); + reporter->Error("unknown peer id %d for request sync", int(id)); return false; } if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't request events from peer; wrong phase %d", - peer->phase)); + reporter->Error("can't request events from peer; wrong phase %d", + peer->phase); return false; } @@ -869,8 +869,8 @@ bool RemoteSerializer::CompleteHandshake(PeerID id) if ( p->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't complete handshake; wrong phase %d", - p->phase)); + reporter->Error("can't complete handshake; wrong phase %d", + p->phase); return false; } @@ -1138,7 +1138,7 @@ bool RemoteSerializer::SendCaptureFilter(PeerID id, const char* filter) if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't sent capture filter to peer; wrong phase %d", peer->phase)); + reporter->Error("can't sent capture filter to peer; wrong phase %d", peer->phase); return false; } @@ -1215,8 +1215,8 @@ bool RemoteSerializer::SendCapabilities(Peer* peer) { if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't sent capabilties to peer; wrong phase %d", - peer->phase)); + reporter->Error("can't sent capabilties to peer; wrong phase %d", + peer->phase); return false; } @@ -3011,8 +3011,8 @@ bool RemoteSerializer::SendCMsgToChild(char msg_type, Peer* peer) { if ( ! sendCMsg(io, msg_type, peer ? peer->id : PEER_NONE) ) { - reporter->Warning(fmt("can't send message of type %d: %s", - msg_type, io->Error())); + reporter->Warning("can't send message of type %d: %s", + msg_type, io->Error()); return false; } return true; diff --git a/src/SerialObj.cc b/src/SerialObj.cc index 6921115c56..a8ab969f5e 100644 --- a/src/SerialObj.cc +++ b/src/SerialObj.cc @@ -19,7 +19,7 @@ SerialObj* SerialObj::Instantiate(SerialType type) return o; } - reporter->Error(fmt("Unknown object type 0x%08x", type)); + reporter->Error("Unknown object type 0x%08x", type); return 0; } @@ -29,7 +29,7 @@ const char* SerialObj::ClassName(SerialType type) if ( f != names->end() ) return f->second; - reporter->Error(fmt("Unknown object type 0x%08x", type)); + reporter->Error("Unknown object type 0x%08x", type); return ""; } diff --git a/src/StateAccess.cc b/src/StateAccess.cc index e62904469c..136a006c52 100644 --- a/src/StateAccess.cc +++ b/src/StateAccess.cc @@ -350,7 +350,7 @@ void StateAccess::Replay() v->AsRecordVal()->Assign(idx, op2 ? op2->Ref() : 0); } else - reporter->Error(fmt("access replay: unknown record field %s for assign", field)); + reporter->Error("access replay: unknown record field %s for assign", field); } else if ( t == TYPE_VECTOR ) @@ -411,7 +411,7 @@ void StateAccess::Replay() v->AsRecordVal()->Assign(idx, new_val, OP_INCR); } else - reporter->Error(fmt("access replay: unknown record field %s for assign", field)); + reporter->Error("access replay: unknown record field %s for assign", field); } else if ( t == TYPE_VECTOR ) diff --git a/src/bro.bif b/src/bro.bif index 0fd20397f0..3350de2867 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -2181,7 +2181,7 @@ function send_id%(p: event_peer, id: string%) : bool ID* i = global_scope()->Lookup(id->CheckString()); if ( ! i ) { - reporter->Error(fmt("send_id: no global id %s", id->CheckString())); + reporter->Error("send_id: no global id %s", id->CheckString()); return new Val(0, TYPE_BOOL); } @@ -2250,7 +2250,7 @@ function get_event_peer%(%) : event_peer Val* v = remote_serializer->GetPeerVal(src); if ( ! v ) { - reporter->Error(fmt("peer %d does not exist anymore", int(src))); + reporter->Error("peer %d does not exist anymore", int(src)); RecordVal* p = mgr.GetLocalPeerVal(); Ref(p); return p; @@ -3295,13 +3295,13 @@ function identify_data%(data: string, return_mime: bool%): string if ( ! *magic ) { - reporter->Error(fmt("can't init libmagic: %s", magic_error(*magic))); + reporter->Error("can't init libmagic: %s", magic_error(*magic)); return new StringVal(""); } if ( magic_load(*magic, 0) < 0 ) { - reporter->Error(fmt("can't load magic file: %s", magic_error(*magic))); + reporter->Error("can't load magic file: %s", magic_error(*magic)); magic_close(*magic); *magic = 0; return new StringVal(""); diff --git a/src/scan.l b/src/scan.l index 88d4e9e5e0..7ebd7894e1 100644 --- a/src/scan.l +++ b/src/scan.l @@ -1030,7 +1030,7 @@ void clear_reST_doc_comments() if ( ! reST_doc_comments ) return; - fprintf(stderr, "Warning: %lu unconsumed reST comments:\n", + fprintf(stderr, "Warning: %zu unconsumed reST comments:\n", reST_doc_comments->size()); print_current_reST_doc_comments(); diff --git a/src/util.cc b/src/util.cc index 4ef83bb4ad..f81eff8f22 100644 --- a/src/util.cc +++ b/src/util.cc @@ -478,22 +478,22 @@ bool ensure_dir(const char *dirname) { if ( errno != ENOENT ) { - reporter->Warning(fmt("can't stat directory %s: %s", - dirname, strerror(errno))); + reporter->Warning("can't stat directory %s: %s", + dirname, strerror(errno)); return false; } if ( mkdir(dirname, 0700) < 0 ) { - reporter->Warning(fmt("can't create directory %s: %s", - dirname, strerror(errno))); + reporter->Warning("can't create directory %s: %s", + dirname, strerror(errno)); return false; } } else if ( ! S_ISDIR(st.st_mode) ) { - reporter->Warning(fmt("%s exists but is not a directory", dirname)); + reporter->Warning("%s exists but is not a directory", dirname); return false; } @@ -506,7 +506,7 @@ bool is_dir(const char* path) if ( stat(path, &st) < 0 ) { if ( errno != ENOENT ) - reporter->Warning(fmt("can't stat %s: %s", path, strerror(errno))); + reporter->Warning("can't stat %s: %s", path, strerror(errno)); return false; } @@ -556,15 +556,15 @@ static bool read_random_seeds(const char* read_file, uint32* seed, if ( stat(read_file, &st) < 0 ) { - reporter->Warning(fmt("Seed file '%s' does not exist: %s", - read_file, strerror(errno))); + reporter->Warning("Seed file '%s' does not exist: %s", + read_file, strerror(errno)); return false; } if ( ! (f = fopen(read_file, "r")) ) { - reporter->Warning(fmt("Could not open seed file '%s': %s", - read_file, strerror(errno))); + reporter->Warning("Could not open seed file '%s': %s", + read_file, strerror(errno)); return false; } @@ -599,8 +599,8 @@ static bool write_random_seeds(const char* write_file, uint32 seed, if ( ! (f = fopen(write_file, "w+")) ) { - reporter->Warning(fmt("Could not create seed file '%s': %s", - write_file, strerror(errno))); + reporter->Warning("Could not create seed file '%s': %s", + write_file, strerror(errno)); return false; } @@ -1024,7 +1024,7 @@ FILE* rotate_file(const char* name, RecordVal* rotate_info) FILE* newf = fopen(tmpname, "w"); if ( ! newf ) { - reporter->Error(fmt("rotate_file: can't open %s: %s", tmpname, strerror(errno))); + reporter->Error("rotate_file: can't open %s: %s", tmpname, strerror(errno)); return 0; } @@ -1033,7 +1033,7 @@ FILE* rotate_file(const char* name, RecordVal* rotate_info) struct stat dummy; if ( link(name, newname) < 0 || stat(newname, &dummy) < 0 ) { - reporter->Error(fmt("rotate_file: can't move %s to %s: %s", name, newname, strerror(errno))); + reporter->Error("rotate_file: can't move %s to %s: %s", name, newname, strerror(errno)); fclose(newf); unlink(newname); unlink(tmpname); @@ -1043,7 +1043,7 @@ FILE* rotate_file(const char* name, RecordVal* rotate_info) // Close current file, and move the tmp to its place. if ( unlink(name) < 0 || link(tmpname, name) < 0 || unlink(tmpname) < 0 ) { - reporter->Error(fmt("rotate_file: can't move %s to %s: %s", tmpname, name, strerror(errno))); + reporter->Error("rotate_file: can't move %s to %s: %s", tmpname, name, strerror(errno)); exit(1); // hard to fix, but shouldn't happen anyway... } diff --git a/testing/btest/Baseline/core.print-bpf-filters-ipv4/output b/testing/btest/Baseline/core.print-bpf-filters-ipv4/output index 24e3e9237b..4f6230b768 100644 --- a/testing/btest/Baseline/core.print-bpf-filters-ipv4/output +++ b/testing/btest/Baseline/core.print-bpf-filters-ipv4/output @@ -2,19 +2,19 @@ #path packet_filter #fields ts node filter init success #types time string string bool bool -1318009349.267385 - not ip6 F T +1320367155.152502 - not ip6 T T #separator \x09 #path packet_filter #fields ts node filter init success #types time string string bool bool -1318009349.503033 - (((((((((((((((((((((((((port 53) or (tcp port 989)) or (tcp port 443)) or (port 6669)) or (udp and port 5353)) or (port 6668)) or (udp and port 5355)) or (tcp port 22)) or (tcp port 995)) or (port 21)) or (tcp port 25 or tcp port 587)) or (port 6667)) or (tcp port 614)) or (tcp port 990)) or (udp port 137)) or (tcp port 993)) or (tcp port 5223)) or (port 514)) or (tcp port 585)) or (tcp port 992)) or (tcp port 563)) or (tcp port 994)) or (tcp port 636)) or (tcp and port (80 or 81 or 631 or 1080 or 3138 or 8000 or 8080 or 8888))) or (port 6666)) and (not ip6) F T +1320367155.379066 - (((((((((((((((((((((((((port 53) or (tcp port 989)) or (tcp port 443)) or (port 6669)) or (udp and port 5353)) or (port 6668)) or (udp and port 5355)) or (tcp port 22)) or (tcp port 995)) or (port 21)) or (tcp port 25 or tcp port 587)) or (port 6667)) or (tcp port 614)) or (tcp port 990)) or (udp port 137)) or (tcp port 993)) or (tcp port 5223)) or (port 514)) or (tcp port 585)) or (tcp port 992)) or (tcp port 563)) or (tcp port 994)) or (tcp port 636)) or (tcp and port (80 or 81 or 631 or 1080 or 3138 or 8000 or 8080 or 8888))) or (port 6666)) and (not ip6) T T #separator \x09 #path packet_filter #fields ts node filter init success #types time string string bool bool -1318009349.748468 - port 42 F T +1320367155.601980 - port 42 T T #separator \x09 #path packet_filter #fields ts node filter init success #types time string string bool bool -1318009349.995387 - port 56730 T T +1320367155.826539 - port 56730 T T diff --git a/testing/btest/core/print-bpf-filters-ipv4.bro b/testing/btest/core/print-bpf-filters-ipv4.bro index e1aeb3f95f..5a3b0cf7ce 100644 --- a/testing/btest/core/print-bpf-filters-ipv4.bro +++ b/testing/btest/core/print-bpf-filters-ipv4.bro @@ -1,12 +1,12 @@ # @TEST-REQUIRES: bro -e 'print bro_has_ipv6()' | grep -q F # -# @TEST-EXEC: bro -e '' >output +# @TEST-EXEC: bro -r $TRACES/empty.trace -e '' >output # @TEST-EXEC: cat packet_filter.log >>output -# @TEST-EXEC: bro PacketFilter::all_packets=F >>output +# @TEST-EXEC: bro -r $TRACES/empty.trace PacketFilter::all_packets=F >>output # @TEST-EXEC: cat packet_filter.log >>output -# @TEST-EXEC: bro -f "port 42" -e '' >>output +# @TEST-EXEC: bro -r $TRACES/empty.trace -f "port 42" -e '' >>output # @TEST-EXEC: cat packet_filter.log >>output -# @TEST-EXEC: bro -C -f "port 56730" -r $TRACES/mixed-vlan-mpls.trace >>output +# @TEST-EXEC: bro -r $TRACES/empty.trace -C -f "port 56730" -r $TRACES/mixed-vlan-mpls.trace >>output # @TEST-EXEC: cat packet_filter.log >>output # @TEST-EXEC: btest-diff output # @TEST-EXEC: btest-diff conn.log diff --git a/testing/btest/core/print-bpf-filters-ipv6.bro b/testing/btest/core/print-bpf-filters-ipv6.bro index c4378f8ec6..824c979d70 100644 --- a/testing/btest/core/print-bpf-filters-ipv6.bro +++ b/testing/btest/core/print-bpf-filters-ipv6.bro @@ -1,12 +1,12 @@ # @TEST-REQUIRES: bro -e 'print bro_has_ipv6()' | grep -q T # -# @TEST-EXEC: bro -e '' >output +# @TEST-EXEC: bro -r $TRACES/empty.trace -e '' >output # @TEST-EXEC: cat packet_filter.log >>output -# @TEST-EXEC: bro PacketFilter::all_packets=F ssh >>output +# @TEST-EXEC: bro -r $TRACES/empty.trace PacketFilter::all_packets=F >>output # @TEST-EXEC: cat packet_filter.log >>output -# @TEST-EXEC: bro -f "port 42" -e '' >>output +# @TEST-EXEC: bro -r $TRACES/empty.trace -f "port 42" -e '' >>output # @TEST-EXEC: cat packet_filter.log >>output -# @TEST-EXEC: bro -C -f "port 56730" -r $TRACES/mixed-vlan-mpls.trace conn >>output +# @TEST-EXEC: bro -r $TRACES/empty.trace -C -f "port 56730" -r $TRACES/mixed-vlan-mpls.trace >>output # @TEST-EXEC: cat packet_filter.log >>output # @TEST-EXEC: btest-diff output # @TEST-EXEC: btest-diff conn.log