Updated uid pools to use integer values instead of strings.

src/bro.bif

@@ -3418,10 +3418,10 @@ function unique_id%(prefix: string%) : string
 	return new StringVal(uitoa_n(uid, tmp, sizeof(tmp), 62, prefix->CheckString()));
 	%}
 
-function unique_id_from%(pool: string, prefix: string%) : string
+function unique_id_from%(pool: int, prefix: string%) : string
 	%{
 	char tmp[20];
-	uint64 uid = calculate_unique_id(string((const char *)pool->Bytes(), pool->Len()));
+	uint64 uid = calculate_unique_id(pool);
 	return new StringVal(uitoa_n(uid, tmp, sizeof(tmp), 62, prefix->CheckString()));
 	%}
 %%{

src/util.cc

@@ -1184,25 +1184,38 @@ int time_compare(struct timeval* tv_a, struct timeval* tv_b)
 
 struct BroUidEntry
 {
-	uint64 instance;
+	struct BroUidKey
-	uint64 counter;
+	{
+		uint64 instance;
+		uint64 counter;
+		BroUidKey(uint64 i, uint64 c)
+		: instance(i), counter(c) { }
+	} key;
+	bool needs_init;
+
 	BroUidEntry(const uint64 i)
-	: instance(i), counter(0) { }
+	: key(i, 0), needs_init(false) { }
+
+	BroUidEntry()
+	: key(0, 0), needs_init(true) { }
 };
 
-static std::map<string, BroUidEntry> uid_pool;
+static std::vector<BroUidEntry> uid_pool;
-static const std::string default_pool = string(BRO_DEFAULT_UID_POOL);
 
 uint64 calculate_unique_id()
 	{
-	return calculate_unique_id(default_pool);
+	return calculate_unique_id(BRO_DEFAULT_UID_POOL);
 	}
 
-uint64 calculate_unique_id(const std::string& pool)
+uint64 calculate_unique_id(const size_t pool)
 	{
 	uint64 uid_instance = 0;
-	std::map<std::string, BroUidEntry>::iterator pool_iter = uid_pool.find(pool);
+	if(uid_pool.size() <= pool)
-	if ( pool_iter == uid_pool.end() )
+		{
+		assert(pool < 100000);  // ... Yeah.  No.
+		uid_pool.resize(pool + 1);
+		}
+	if ( uid_pool[pool].needs_init )
 		{
 		// This is the first time we need a UID for this pool.
 		if ( ! have_random_seed() )
@@ -1211,18 +1224,17 @@ uint64 calculate_unique_id(const std::string& pool)
 			// indicated by a set seed), we calculate the
 			// instance ID by hashing something likely to be
 			// globally unique.
-			const size_t pool_sz = (pool.length() < 32) ? pool.length() : 32;  //Only keep the first 32 characters of the pool name
 			struct {
-				char hostname[96];
+				char hostname[120];
-				char pool[32];
+				uint64 pool;
 				struct timeval time;
 				pid_t pid;
 				int rnd;
 			} unique;
 
 			memset(&unique, 0, sizeof(unique)); // Make valgrind happy.
-			gethostname(unique.hostname, 96);
+			gethostname(unique.hostname, 120);
-			memcpy(unique.pool, pool.c_str(), pool_sz);
+			memcpy(&unique.pool, &pool, sizeof(pool));
 			unique.hostname[sizeof(unique.hostname)-1] = '\0';
 			gettimeofday(&unique.time, 0);
 			unique.pid = getpid();
@@ -1234,16 +1246,16 @@ uint64 calculate_unique_id(const std::string& pool)
 		else
 			{
 			// Generate determistic UIDs for each individual pool
-			uid_instance = HashKey::HashBytes(pool.c_str(), pool.length());
+			uid_instance = pool;
 			}
 		// Guarantee no collisions (keep hashing until we get a unique instance)
 		bool found_collision = true;
 		while(found_collision)
 			{
 			found_collision = false;
-			for(pool_iter = uid_pool.begin(); pool_iter != uid_pool.end(); ++pool_iter)
+			for(size_t i = 0; i < uid_pool.size(); ++i)
 				{
-				if(pool_iter->second.instance == uid_instance)
+				if(!uid_pool[i].needs_init && uid_pool[i].key.instance == uid_instance)
 					{
 					found_collision = true;
 					uid_instance = HashKey::HashBytes(&uid_instance, sizeof(uid_instance));
@@ -1251,12 +1263,13 @@ uint64 calculate_unique_id(const std::string& pool)
 				}
 			}
 		// Our instance is unique.  Huzzah.
-		uid_pool.insert(std::make_pair(pool, BroUidEntry(uid_instance)));
+		uid_pool[pool] = BroUidEntry(uid_instance);
-		pool_iter = uid_pool.find(pool);
+		uid_pool[pool].needs_init = false;
 		}
-	assert(pool_iter != uid_pool.end());  // After all that work, wouldn't it be a shame...?
+	++(uid_pool[pool].key.counter);
-	++(pool_iter->second.counter);
+	assert(!uid_pool[pool].needs_init);
-	uint64_t h = HashKey::HashBytes(&(pool_iter->second), sizeof(pool_iter->second));
+	assert(uid_pool[pool].key.instance != 0);
+	uint64_t h = HashKey::HashBytes(&(uid_pool[pool].key), sizeof(uid_pool[pool].key));
 	return h;
 	}
 

src/util.h

@@ -226,10 +226,10 @@ extern int time_compare(struct timeval* tv_a, struct timeval* tv_b);
 
 // Returns an integer that's very likely to be unique, even across Bro
 // instances.
-#define BRO_DEFAULT_UID_POOL "bro"
+#define BRO_DEFAULT_UID_POOL 1
-#define BRO_SCRIPT_UID_POOL "bro script"
+#define BRO_SCRIPT_UID_POOL 2
 extern uint64 calculate_unique_id();
-extern uint64 calculate_unique_id(const std::string& pool);
+extern uint64 calculate_unique_id(const size_t pool);
 
 // For now, don't use hash_maps - they're not fully portable.
 #if 0

testing/btest/Baseline/bifs.unique_id/out

@@ -1,6 +1,6 @@
-A-QEredbF4G74
+A-56gKBmhBBB6
-B-GPd09JY6cn6
+B-PjbroujOxH4
-C-enbKRz0Bp0a
+C-N4zgPFAv3J
-D-kZIfYOWUxVi
+D-WUjEZFOdSS
-E-kWcyWkqbEUg
+E-ecqdozAET6c
-F-irFNiS1QPpg
+F-qOawpgrpAdl

testing/btest/Baseline/core.conn-uid/output

@@ -1,39 +1,39 @@
-[orig_h=141.142.220.202, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], fy6xiLr8WMl
+[orig_h=141.142.220.202, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], UWkUyAuUGXf
-[orig_h=141.142.220.50, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], rs0oKVCARFb
+[orig_h=141.142.220.50, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], arKYeMETxOg
-[orig_h=141.142.220.118, orig_p=35634/tcp, resp_h=208.80.152.2, resp_p=80/tcp], TydSZAPSnUf
+[orig_h=141.142.220.118, orig_p=35634/tcp, resp_h=208.80.152.2, resp_p=80/tcp], k6kgXLOoSKl
-[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], CBxih2i8leh
+[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], nQcgTWjvg4c
-[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], CBxih2i8leh
+[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], nQcgTWjvg4c
-[orig_h=141.142.220.118, orig_p=43927/udp, resp_h=141.142.2.2, resp_p=53/udp], G7cPfJNUB7l
+[orig_h=141.142.220.118, orig_p=43927/udp, resp_h=141.142.2.2, resp_p=53/udp], j4u32Pc5bif
-[orig_h=141.142.220.118, orig_p=37676/udp, resp_h=141.142.2.2, resp_p=53/udp], SdSLy1wlf2c
+[orig_h=141.142.220.118, orig_p=37676/udp, resp_h=141.142.2.2, resp_p=53/udp], TEfuqmmG4bh
-[orig_h=141.142.220.118, orig_p=40526/udp, resp_h=141.142.2.2, resp_p=53/udp], WTlLNH35ckf
+[orig_h=141.142.220.118, orig_p=40526/udp, resp_h=141.142.2.2, resp_p=53/udp], FrJExwHcSal
-[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], MH90l08qRaa
+[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 5OKnoww6xl4
-[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], qeN1HyRHpc6
+[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 3PKsZ2Uye21
-[orig_h=141.142.220.118, orig_p=32902/udp, resp_h=141.142.2.2, resp_p=53/udp], w5rU7L9Lbi4
+[orig_h=141.142.220.118, orig_p=32902/udp, resp_h=141.142.2.2, resp_p=53/udp], VW0XPVINV8a
-[orig_h=141.142.220.118, orig_p=59816/udp, resp_h=141.142.2.2, resp_p=53/udp], kdTi9xhoA51
+[orig_h=141.142.220.118, orig_p=59816/udp, resp_h=141.142.2.2, resp_p=53/udp], fRFu0wcOle6
-[orig_h=141.142.220.118, orig_p=59714/udp, resp_h=141.142.2.2, resp_p=53/udp], BGGpa2FRSKa
+[orig_h=141.142.220.118, orig_p=59714/udp, resp_h=141.142.2.2, resp_p=53/udp], qSsw6ESzHV4
-[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], HFpdIhKARP5
+[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], iE6yhOq3SF
-[orig_h=141.142.220.118, orig_p=58206/udp, resp_h=141.142.2.2, resp_p=53/udp], deH6MH2gGX4
+[orig_h=141.142.220.118, orig_p=58206/udp, resp_h=141.142.2.2, resp_p=53/udp], GSxOnSLghOa
-[orig_h=141.142.220.118, orig_p=38911/udp, resp_h=141.142.2.2, resp_p=53/udp], lOMhOvhRTD
+[orig_h=141.142.220.118, orig_p=38911/udp, resp_h=141.142.2.2, resp_p=53/udp], qCaWGmzFtM5
-[orig_h=141.142.220.118, orig_p=59746/udp, resp_h=141.142.2.2, resp_p=53/udp], QG8fxWUYz6a
+[orig_h=141.142.220.118, orig_p=59746/udp, resp_h=141.142.2.2, resp_p=53/udp], 70MGiRM1Qf4
-[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], UIP6iZhtlr6
+[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], h5DsfNtYzi1
-[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 0Afy8jm0Ud4
+[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], P654jzLoe3a
-[orig_h=141.142.220.118, orig_p=45000/udp, resp_h=141.142.2.2, resp_p=53/udp], KPGOQiXPvk1
+[orig_h=141.142.220.118, orig_p=45000/udp, resp_h=141.142.2.2, resp_p=53/udp], Tw8jXtpTGu6
-[orig_h=141.142.220.118, orig_p=48479/udp, resp_h=141.142.2.2, resp_p=53/udp], nqlkNbjwfRa
+[orig_h=141.142.220.118, orig_p=48479/udp, resp_h=141.142.2.2, resp_p=53/udp], c4Zw9TmAE05
-[orig_h=141.142.220.118, orig_p=48128/udp, resp_h=141.142.2.2, resp_p=53/udp], fMtKHwQfRy5
+[orig_h=141.142.220.118, orig_p=48128/udp, resp_h=141.142.2.2, resp_p=53/udp], EAr0uf4mhq
-[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], FRRZfatA245
+[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], GvmoxJFXdTa
-[orig_h=141.142.220.118, orig_p=56056/udp, resp_h=141.142.2.2, resp_p=53/udp], BtftcY0cTm
+[orig_h=141.142.220.118, orig_p=56056/udp, resp_h=141.142.2.2, resp_p=53/udp], 0Q4FH8sESw5
-[orig_h=141.142.220.118, orig_p=55092/udp, resp_h=141.142.2.2, resp_p=53/udp], VYKU5X3Lyvg
+[orig_h=141.142.220.118, orig_p=55092/udp, resp_h=141.142.2.2, resp_p=53/udp], slFea8xwSmb
-[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], PdBORleidTl
+[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], UfGkYA2HI2g
-[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], qeN1HyRHpc6
+[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 3PKsZ2Uye21
-[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], MH90l08qRaa
+[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 5OKnoww6xl4
-[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], HFpdIhKARP5
+[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], iE6yhOq3SF
-[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 0Afy8jm0Ud4
+[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], P654jzLoe3a
-[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], UIP6iZhtlr6
+[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], h5DsfNtYzi1
-[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], FRRZfatA245
+[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], GvmoxJFXdTa
-[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], PdBORleidTl
+[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], UfGkYA2HI2g
-[orig_h=173.192.163.128, orig_p=80/tcp, resp_h=141.142.220.235, resp_p=6705/tcp], n5MDsVnlWob
+[orig_h=173.192.163.128, orig_p=80/tcp, resp_h=141.142.220.235, resp_p=6705/tcp], i2rO3KD1Syg
-[orig_h=141.142.220.44, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], 7bufSycmF0g
+[orig_h=141.142.220.44, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], 2cx26uAvUPl
-[orig_h=141.142.220.226, orig_p=137/udp, resp_h=141.142.220.255, resp_p=137/udp], 4XYJohCKlth
+[orig_h=141.142.220.226, orig_p=137/udp, resp_h=141.142.220.255, resp_p=137/udp], BWaU4aSuwkc
-[orig_h=141.142.220.226, orig_p=55131/udp, resp_h=224.0.0.252, resp_p=5355/udp], kN69dOI3f3l
+[orig_h=141.142.220.226, orig_p=55131/udp, resp_h=224.0.0.252, resp_p=5355/udp], 10XodEwRycf
-[orig_h=141.142.220.226, orig_p=55671/udp, resp_h=224.0.0.252, resp_p=5355/udp], MBl4p2dighc
+[orig_h=141.142.220.226, orig_p=55671/udp, resp_h=224.0.0.252, resp_p=5355/udp], zno26fFZkrh
-[orig_h=141.142.220.238, orig_p=56641/udp, resp_h=141.142.220.255, resp_p=137/udp], M7BBMucyPff
+[orig_h=141.142.220.238, orig_p=56641/udp, resp_h=141.142.220.255, resp_p=137/udp], v5rgkJBig5l

testing/btest/Baseline/core.conn-uid/output.cc

@@ -1,39 +1,39 @@
-[orig_h=141.142.220.202, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], fy6xiLr8WMl
+[orig_h=141.142.220.202, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], UWkUyAuUGXf
-[orig_h=141.142.220.50, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], rs0oKVCARFb
+[orig_h=141.142.220.50, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], arKYeMETxOg
-[orig_h=141.142.220.118, orig_p=35634/tcp, resp_h=208.80.152.2, resp_p=80/tcp], TydSZAPSnUf
+[orig_h=141.142.220.118, orig_p=35634/tcp, resp_h=208.80.152.2, resp_p=80/tcp], k6kgXLOoSKl
-[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], CBxih2i8leh
+[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], nQcgTWjvg4c
-[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], CBxih2i8leh
+[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], nQcgTWjvg4c
-[orig_h=141.142.220.118, orig_p=43927/udp, resp_h=141.142.2.2, resp_p=53/udp], G7cPfJNUB7l
+[orig_h=141.142.220.118, orig_p=43927/udp, resp_h=141.142.2.2, resp_p=53/udp], j4u32Pc5bif
-[orig_h=141.142.220.118, orig_p=37676/udp, resp_h=141.142.2.2, resp_p=53/udp], SdSLy1wlf2c
+[orig_h=141.142.220.118, orig_p=37676/udp, resp_h=141.142.2.2, resp_p=53/udp], TEfuqmmG4bh
-[orig_h=141.142.220.118, orig_p=40526/udp, resp_h=141.142.2.2, resp_p=53/udp], WTlLNH35ckf
+[orig_h=141.142.220.118, orig_p=40526/udp, resp_h=141.142.2.2, resp_p=53/udp], FrJExwHcSal
-[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], MH90l08qRaa
+[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 5OKnoww6xl4
-[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], qeN1HyRHpc6
+[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 3PKsZ2Uye21
-[orig_h=141.142.220.118, orig_p=32902/udp, resp_h=141.142.2.2, resp_p=53/udp], w5rU7L9Lbi4
+[orig_h=141.142.220.118, orig_p=32902/udp, resp_h=141.142.2.2, resp_p=53/udp], VW0XPVINV8a
-[orig_h=141.142.220.118, orig_p=59816/udp, resp_h=141.142.2.2, resp_p=53/udp], kdTi9xhoA51
+[orig_h=141.142.220.118, orig_p=59816/udp, resp_h=141.142.2.2, resp_p=53/udp], fRFu0wcOle6
-[orig_h=141.142.220.118, orig_p=59714/udp, resp_h=141.142.2.2, resp_p=53/udp], BGGpa2FRSKa
+[orig_h=141.142.220.118, orig_p=59714/udp, resp_h=141.142.2.2, resp_p=53/udp], qSsw6ESzHV4
-[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], HFpdIhKARP5
+[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], iE6yhOq3SF
-[orig_h=141.142.220.118, orig_p=58206/udp, resp_h=141.142.2.2, resp_p=53/udp], deH6MH2gGX4
+[orig_h=141.142.220.118, orig_p=58206/udp, resp_h=141.142.2.2, resp_p=53/udp], GSxOnSLghOa
-[orig_h=141.142.220.118, orig_p=38911/udp, resp_h=141.142.2.2, resp_p=53/udp], lOMhOvhRTD
+[orig_h=141.142.220.118, orig_p=38911/udp, resp_h=141.142.2.2, resp_p=53/udp], qCaWGmzFtM5
-[orig_h=141.142.220.118, orig_p=59746/udp, resp_h=141.142.2.2, resp_p=53/udp], QG8fxWUYz6a
+[orig_h=141.142.220.118, orig_p=59746/udp, resp_h=141.142.2.2, resp_p=53/udp], 70MGiRM1Qf4
-[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], UIP6iZhtlr6
+[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], h5DsfNtYzi1
-[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 0Afy8jm0Ud4
+[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], P654jzLoe3a
-[orig_h=141.142.220.118, orig_p=45000/udp, resp_h=141.142.2.2, resp_p=53/udp], KPGOQiXPvk1
+[orig_h=141.142.220.118, orig_p=45000/udp, resp_h=141.142.2.2, resp_p=53/udp], Tw8jXtpTGu6
-[orig_h=141.142.220.118, orig_p=48479/udp, resp_h=141.142.2.2, resp_p=53/udp], nqlkNbjwfRa
+[orig_h=141.142.220.118, orig_p=48479/udp, resp_h=141.142.2.2, resp_p=53/udp], c4Zw9TmAE05
-[orig_h=141.142.220.118, orig_p=48128/udp, resp_h=141.142.2.2, resp_p=53/udp], fMtKHwQfRy5
+[orig_h=141.142.220.118, orig_p=48128/udp, resp_h=141.142.2.2, resp_p=53/udp], EAr0uf4mhq
-[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], FRRZfatA245
+[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], GvmoxJFXdTa
-[orig_h=141.142.220.118, orig_p=56056/udp, resp_h=141.142.2.2, resp_p=53/udp], BtftcY0cTm
+[orig_h=141.142.220.118, orig_p=56056/udp, resp_h=141.142.2.2, resp_p=53/udp], 0Q4FH8sESw5
-[orig_h=141.142.220.118, orig_p=55092/udp, resp_h=141.142.2.2, resp_p=53/udp], VYKU5X3Lyvg
+[orig_h=141.142.220.118, orig_p=55092/udp, resp_h=141.142.2.2, resp_p=53/udp], slFea8xwSmb
-[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], PdBORleidTl
+[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], UfGkYA2HI2g
-[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], qeN1HyRHpc6
+[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 3PKsZ2Uye21
-[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], MH90l08qRaa
+[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 5OKnoww6xl4
-[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], HFpdIhKARP5
+[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], iE6yhOq3SF
-[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 0Afy8jm0Ud4
+[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], P654jzLoe3a
-[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], UIP6iZhtlr6
+[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], h5DsfNtYzi1
-[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], FRRZfatA245
+[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], GvmoxJFXdTa
-[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], PdBORleidTl
+[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], UfGkYA2HI2g
-[orig_h=173.192.163.128, orig_p=80/tcp, resp_h=141.142.220.235, resp_p=6705/tcp], n5MDsVnlWob
+[orig_h=173.192.163.128, orig_p=80/tcp, resp_h=141.142.220.235, resp_p=6705/tcp], i2rO3KD1Syg
-[orig_h=141.142.220.44, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], 7bufSycmF0g
+[orig_h=141.142.220.44, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], 2cx26uAvUPl
-[orig_h=141.142.220.226, orig_p=137/udp, resp_h=141.142.220.255, resp_p=137/udp], 4XYJohCKlth
+[orig_h=141.142.220.226, orig_p=137/udp, resp_h=141.142.220.255, resp_p=137/udp], BWaU4aSuwkc
-[orig_h=141.142.220.226, orig_p=55131/udp, resp_h=224.0.0.252, resp_p=5355/udp], kN69dOI3f3l
+[orig_h=141.142.220.226, orig_p=55131/udp, resp_h=224.0.0.252, resp_p=5355/udp], 10XodEwRycf
-[orig_h=141.142.220.226, orig_p=55671/udp, resp_h=224.0.0.252, resp_p=5355/udp], MBl4p2dighc
+[orig_h=141.142.220.226, orig_p=55671/udp, resp_h=224.0.0.252, resp_p=5355/udp], zno26fFZkrh
-[orig_h=141.142.220.238, orig_p=56641/udp, resp_h=141.142.220.255, resp_p=137/udp], M7BBMucyPff
+[orig_h=141.142.220.238, orig_p=56641/udp, resp_h=141.142.220.255, resp_p=137/udp], v5rgkJBig5l

testing/btest/Baseline/core.conn-uid/output.cc2

@@ -1,39 +1,39 @@
-[orig_h=141.142.220.202, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], fy6xiLr8WMl
+[orig_h=141.142.220.202, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], UWkUyAuUGXf
-[orig_h=141.142.220.50, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], rs0oKVCARFb
+[orig_h=141.142.220.50, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], arKYeMETxOg
-[orig_h=141.142.220.118, orig_p=35634/tcp, resp_h=208.80.152.2, resp_p=80/tcp], TydSZAPSnUf
+[orig_h=141.142.220.118, orig_p=35634/tcp, resp_h=208.80.152.2, resp_p=80/tcp], k6kgXLOoSKl
-[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], CBxih2i8leh
+[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], nQcgTWjvg4c
-[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], CBxih2i8leh
+[orig_h=141.142.220.118, orig_p=48649/tcp, resp_h=208.80.152.118, resp_p=80/tcp], nQcgTWjvg4c
-[orig_h=141.142.220.118, orig_p=43927/udp, resp_h=141.142.2.2, resp_p=53/udp], G7cPfJNUB7l
+[orig_h=141.142.220.118, orig_p=43927/udp, resp_h=141.142.2.2, resp_p=53/udp], j4u32Pc5bif
-[orig_h=141.142.220.118, orig_p=37676/udp, resp_h=141.142.2.2, resp_p=53/udp], SdSLy1wlf2c
+[orig_h=141.142.220.118, orig_p=37676/udp, resp_h=141.142.2.2, resp_p=53/udp], TEfuqmmG4bh
-[orig_h=141.142.220.118, orig_p=40526/udp, resp_h=141.142.2.2, resp_p=53/udp], WTlLNH35ckf
+[orig_h=141.142.220.118, orig_p=40526/udp, resp_h=141.142.2.2, resp_p=53/udp], FrJExwHcSal
-[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], MH90l08qRaa
+[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 5OKnoww6xl4
-[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], qeN1HyRHpc6
+[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 3PKsZ2Uye21
-[orig_h=141.142.220.118, orig_p=32902/udp, resp_h=141.142.2.2, resp_p=53/udp], w5rU7L9Lbi4
+[orig_h=141.142.220.118, orig_p=32902/udp, resp_h=141.142.2.2, resp_p=53/udp], VW0XPVINV8a
-[orig_h=141.142.220.118, orig_p=59816/udp, resp_h=141.142.2.2, resp_p=53/udp], kdTi9xhoA51
+[orig_h=141.142.220.118, orig_p=59816/udp, resp_h=141.142.2.2, resp_p=53/udp], fRFu0wcOle6
-[orig_h=141.142.220.118, orig_p=59714/udp, resp_h=141.142.2.2, resp_p=53/udp], BGGpa2FRSKa
+[orig_h=141.142.220.118, orig_p=59714/udp, resp_h=141.142.2.2, resp_p=53/udp], qSsw6ESzHV4
-[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], HFpdIhKARP5
+[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], iE6yhOq3SF
-[orig_h=141.142.220.118, orig_p=58206/udp, resp_h=141.142.2.2, resp_p=53/udp], deH6MH2gGX4
+[orig_h=141.142.220.118, orig_p=58206/udp, resp_h=141.142.2.2, resp_p=53/udp], GSxOnSLghOa
-[orig_h=141.142.220.118, orig_p=38911/udp, resp_h=141.142.2.2, resp_p=53/udp], lOMhOvhRTD
+[orig_h=141.142.220.118, orig_p=38911/udp, resp_h=141.142.2.2, resp_p=53/udp], qCaWGmzFtM5
-[orig_h=141.142.220.118, orig_p=59746/udp, resp_h=141.142.2.2, resp_p=53/udp], QG8fxWUYz6a
+[orig_h=141.142.220.118, orig_p=59746/udp, resp_h=141.142.2.2, resp_p=53/udp], 70MGiRM1Qf4
-[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], UIP6iZhtlr6
+[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], h5DsfNtYzi1
-[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 0Afy8jm0Ud4
+[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], P654jzLoe3a
-[orig_h=141.142.220.118, orig_p=45000/udp, resp_h=141.142.2.2, resp_p=53/udp], KPGOQiXPvk1
+[orig_h=141.142.220.118, orig_p=45000/udp, resp_h=141.142.2.2, resp_p=53/udp], Tw8jXtpTGu6
-[orig_h=141.142.220.118, orig_p=48479/udp, resp_h=141.142.2.2, resp_p=53/udp], nqlkNbjwfRa
+[orig_h=141.142.220.118, orig_p=48479/udp, resp_h=141.142.2.2, resp_p=53/udp], c4Zw9TmAE05
-[orig_h=141.142.220.118, orig_p=48128/udp, resp_h=141.142.2.2, resp_p=53/udp], fMtKHwQfRy5
+[orig_h=141.142.220.118, orig_p=48128/udp, resp_h=141.142.2.2, resp_p=53/udp], EAr0uf4mhq
-[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], FRRZfatA245
+[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], GvmoxJFXdTa
-[orig_h=141.142.220.118, orig_p=56056/udp, resp_h=141.142.2.2, resp_p=53/udp], BtftcY0cTm
+[orig_h=141.142.220.118, orig_p=56056/udp, resp_h=141.142.2.2, resp_p=53/udp], 0Q4FH8sESw5
-[orig_h=141.142.220.118, orig_p=55092/udp, resp_h=141.142.2.2, resp_p=53/udp], VYKU5X3Lyvg
+[orig_h=141.142.220.118, orig_p=55092/udp, resp_h=141.142.2.2, resp_p=53/udp], slFea8xwSmb
-[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], PdBORleidTl
+[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], UfGkYA2HI2g
-[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], qeN1HyRHpc6
+[orig_h=141.142.220.118, orig_p=49997/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 3PKsZ2Uye21
-[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], MH90l08qRaa
+[orig_h=141.142.220.118, orig_p=49996/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 5OKnoww6xl4
-[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], HFpdIhKARP5
+[orig_h=141.142.220.118, orig_p=49998/tcp, resp_h=208.80.152.3, resp_p=80/tcp], iE6yhOq3SF
-[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], 0Afy8jm0Ud4
+[orig_h=141.142.220.118, orig_p=50000/tcp, resp_h=208.80.152.3, resp_p=80/tcp], P654jzLoe3a
-[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], UIP6iZhtlr6
+[orig_h=141.142.220.118, orig_p=49999/tcp, resp_h=208.80.152.3, resp_p=80/tcp], h5DsfNtYzi1
-[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], FRRZfatA245
+[orig_h=141.142.220.118, orig_p=50001/tcp, resp_h=208.80.152.3, resp_p=80/tcp], GvmoxJFXdTa
-[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], PdBORleidTl
+[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp], UfGkYA2HI2g
-[orig_h=173.192.163.128, orig_p=80/tcp, resp_h=141.142.220.235, resp_p=6705/tcp], n5MDsVnlWob
+[orig_h=173.192.163.128, orig_p=80/tcp, resp_h=141.142.220.235, resp_p=6705/tcp], i2rO3KD1Syg
-[orig_h=141.142.220.44, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], 7bufSycmF0g
+[orig_h=141.142.220.44, orig_p=5353/udp, resp_h=224.0.0.251, resp_p=5353/udp], 2cx26uAvUPl
-[orig_h=141.142.220.226, orig_p=137/udp, resp_h=141.142.220.255, resp_p=137/udp], 4XYJohCKlth
+[orig_h=141.142.220.226, orig_p=137/udp, resp_h=141.142.220.255, resp_p=137/udp], BWaU4aSuwkc
-[orig_h=141.142.220.226, orig_p=55131/udp, resp_h=224.0.0.252, resp_p=5355/udp], kN69dOI3f3l
+[orig_h=141.142.220.226, orig_p=55131/udp, resp_h=224.0.0.252, resp_p=5355/udp], 10XodEwRycf
-[orig_h=141.142.220.226, orig_p=55671/udp, resp_h=224.0.0.252, resp_p=5355/udp], MBl4p2dighc
+[orig_h=141.142.220.226, orig_p=55671/udp, resp_h=224.0.0.252, resp_p=5355/udp], zno26fFZkrh
-[orig_h=141.142.220.238, orig_p=56641/udp, resp_h=141.142.220.255, resp_p=137/udp], M7BBMucyPff
+[orig_h=141.142.220.238, orig_p=56641/udp, resp_h=141.142.220.255, resp_p=137/udp], v5rgkJBig5l

testing/btest/Baseline/core.print-bpf-filters-ipv4/conn.log

@@ -1,2 +1,2 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	missed_bytes	history
-1128727435.450898	fy6xiLr8WMl	141.42.64.125	56730	125.190.109.199	80	tcp	http	1.73330307006836	98	9417	SF	-	0	ShADdFaf
+1128727435.450898	UWkUyAuUGXf	141.42.64.125	56730	125.190.109.199	80	tcp	http	1.73330307006836	98	9417	SF	-	0	ShADdFaf

testing/btest/Baseline/core.vlan-mpls/conn.log

@@ -1,4 +1,4 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	missed_bytes	history
-952109346.874907	fy6xiLr8WMl	10.1.2.1	11001	10.34.0.1	23	tcp	-	2.10255992412567	25	0	SH	-	0	-
+952109346.874907	UWkUyAuUGXf	10.1.2.1	11001	10.34.0.1	23	tcp	-	2.10255992412567	25	0	SH	-	0	-
-1128727435.450898	rs0oKVCARFb	141.42.64.125	56730	125.190.109.199	80	tcp	http	1.73330307006836	98	9417	SF	-	0	ShADdFaf
+1128727435.450898	arKYeMETxOg	141.42.64.125	56730	125.190.109.199	80	tcp	http	1.73330307006836	98	9417	SF	-	0	ShADdFaf
-1278600802.069419	TydSZAPSnUf	10.20.80.1	50343	10.0.0.15	80	tcp	-	0.00415205955505371	9	3429	SF	-	0	ShADadfF
+1278600802.069419	k6kgXLOoSKl	10.20.80.1	50343	10.0.0.15	80	tcp	-	0.00415205955505371	9	3429	SF	-	0	ShADadfF

testing/btest/Baseline/istate.events-ssl/receiver.http.log

@@ -1,2 +1,2 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	method	host	uri	referrer	user_agent	request_content_length	response_content_length	status_code	status_msg	filename	tags	username	password	proxied	mime_type	md5	extraction_file
-1313385054.894163	rs0oKVCARFb	141.42.64.125	56730	125.190.109.199	80	GET	www.icir.org	/	-	Wget/1.10	-	9130	200	OK	-	-	-	-	-	text/html	-	-
+1313448356.390278	arKYeMETxOg	141.42.64.125	56730	125.190.109.199	80	GET	www.icir.org	/	-	Wget/1.10	-	9130	200	OK	-	-	-	-	-	text/html	-	-

testing/btest/Baseline/istate.events-ssl/sender.http.log

@@ -1,2 +1,2 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	method	host	uri	referrer	user_agent	request_content_length	response_content_length	status_code	status_msg	filename	tags	username	password	proxied	mime_type	md5	extraction_file
-1313385054.894163	rs0oKVCARFb	141.42.64.125	56730	125.190.109.199	80	GET	www.icir.org	/	-	Wget/1.10	-	9130	200	OK	-	-	-	-	-	text/html	-	-
+1313448356.390278	arKYeMETxOg	141.42.64.125	56730	125.190.109.199	80	GET	www.icir.org	/	-	Wget/1.10	-	9130	200	OK	-	-	-	-	-	text/html	-	-

testing/btest/Baseline/istate.events/receiver.http.log

@@ -1,2 +1,2 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	method	host	uri	referrer	user_agent	request_content_length	response_content_length	status_code	status_msg	filename	tags	username	password	proxied	mime_type	md5	extraction_file
-1313385081.412259	rs0oKVCARFb	141.42.64.125	56730	125.190.109.199	80	GET	www.icir.org	/	-	Wget/1.10	-	9130	200	OK	-	-	-	-	-	text/html	-	-
+1313448372.638550	arKYeMETxOg	141.42.64.125	56730	125.190.109.199	80	GET	www.icir.org	/	-	Wget/1.10	-	9130	200	OK	-	-	-	-	-	text/html	-	-

testing/btest/Baseline/istate.events/sender.http.log

@@ -1,2 +1,2 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	method	host	uri	referrer	user_agent	request_content_length	response_content_length	status_code	status_msg	filename	tags	username	password	proxied	mime_type	md5	extraction_file
-1313385081.412259	rs0oKVCARFb	141.42.64.125	56730	125.190.109.199	80	GET	www.icir.org	/	-	Wget/1.10	-	9130	200	OK	-	-	-	-	-	text/html	-	-
+1313448372.638550	arKYeMETxOg	141.42.64.125	56730	125.190.109.199	80	GET	www.icir.org	/	-	Wget/1.10	-	9130	200	OK	-	-	-	-	-	text/html	-	-

testing/btest/Baseline/policy.protocols.dns.event-priority/dns.log

@@ -1,2 +1,2 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	trans_id	query	qclass	qclass_name	qtype	qtype_name	rcode	rcode_name	QR	AA	TC	RD	RA	Z	TTL	answers	auth	addl
-930613226.529070	fy6xiLr8WMl	212.180.42.100	25000	131.243.64.3	53	tcp	34798	-	-	-	-	-	0	NOERROR	F	F	F	F	T	0	31337.0	4.3.2.1	-	-
+930613226.529070	UWkUyAuUGXf	212.180.42.100	25000	131.243.64.3	53	tcp	34798	-	-	-	-	-	0	NOERROR	F	F	F	F	T	0	31337.0	4.3.2.1	-	-

testing/btest/Baseline/policy.protocols.http.http-mime-and-md5/http.log

@@ -1,6 +1,6 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	method	host	uri	referrer	user_agent	request_content_length	response_content_length	status_code	status_msg	filename	tags	username	password	proxied	mime_type	md5	extraction_file
-1258577884.844956	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/style/enhanced.css	http://www.mozilla.org/projects/calendar/	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	946	200	OK	-	-	-	-	-	FAKE_MIME	-	-
+1258577884.844956	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/style/enhanced.css	http://www.mozilla.org/projects/calendar/	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	946	200	OK	-	-	-	-	-	FAKE_MIME	-	-
-1258577884.960135	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/script/urchin.js	http://www.mozilla.org/projects/calendar/	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	6716	200	OK	-	-	-	-	-	FAKE_MIME	-	-
+1258577884.960135	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/script/urchin.js	http://www.mozilla.org/projects/calendar/	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	6716	200	OK	-	-	-	-	-	FAKE_MIME	-	-
-1258577885.317160	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/images/template/screen/bullet_utility.png	http://www.mozilla.org/style/screen.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	94	200	OK	-	-	-	-	-	FAKE_MIME	-	-
+1258577885.317160	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/images/template/screen/bullet_utility.png	http://www.mozilla.org/style/screen.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	94	200	OK	-	-	-	-	-	FAKE_MIME	-	-
-1258577885.349639	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/images/template/screen/key-point-top.png	http://www.mozilla.org/style/screen.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	2349	200	OK	-	-	-	-	-	image/png	e0029eea80812e9a8e57b8d05d52938a	-
+1258577885.349639	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/images/template/screen/key-point-top.png	http://www.mozilla.org/style/screen.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	2349	200	OK	-	-	-	-	-	image/png	e0029eea80812e9a8e57b8d05d52938a	-
-1258577885.394612	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/projects/calendar/images/header-sunbird.png	http://www.mozilla.org/projects/calendar/calendar.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	27579	200	OK	-	-	-	-	-	image/png	30aa926344f58019d047e85ba049ca1e	-
+1258577885.394612	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/projects/calendar/images/header-sunbird.png	http://www.mozilla.org/projects/calendar/calendar.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	27579	200	OK	-	-	-	-	-	image/png	30aa926344f58019d047e85ba049ca1e	-

testing/btest/Baseline/policy.protocols.http.http-pipelining/http.log

@@ -1,6 +1,6 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	method	host	uri	referrer	user_agent	request_content_length	response_content_length	status_code	status_msg	filename	tags	username	password	proxied	md5	extraction_file
-1258577884.844956	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/style/enhanced.css	http://www.mozilla.org/projects/calendar/	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	946	200	OK	-	-	-	-	-	-	-
+1258577884.844956	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/style/enhanced.css	http://www.mozilla.org/projects/calendar/	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	946	200	OK	-	-	-	-	-	-	-
-1258577884.960135	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/script/urchin.js	http://www.mozilla.org/projects/calendar/	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	6716	200	OK	-	-	-	-	-	-	-
+1258577884.960135	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/script/urchin.js	http://www.mozilla.org/projects/calendar/	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	6716	200	OK	-	-	-	-	-	-	-
-1258577885.317160	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/images/template/screen/bullet_utility.png	http://www.mozilla.org/style/screen.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	94	200	OK	-	-	-	-	-	-	-
+1258577885.317160	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/images/template/screen/bullet_utility.png	http://www.mozilla.org/style/screen.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	94	200	OK	-	-	-	-	-	-	-
-1258577885.349639	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/images/template/screen/key-point-top.png	http://www.mozilla.org/style/screen.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	2349	200	OK	-	-	-	-	-	-	-
+1258577885.349639	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/images/template/screen/key-point-top.png	http://www.mozilla.org/style/screen.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	2349	200	OK	-	-	-	-	-	-	-
-1258577885.394612	fy6xiLr8WMl	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/projects/calendar/images/header-sunbird.png	http://www.mozilla.org/projects/calendar/calendar.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	27579	200	OK	-	-	-	-	-	-	-
+1258577885.394612	UWkUyAuUGXf	192.168.1.104	1673	63.245.209.11	80	GET	www.mozilla.org	/projects/calendar/images/header-sunbird.png	http://www.mozilla.org/projects/calendar/calendar.css	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5	-	27579	200	OK	-	-	-	-	-	-	-

testing/btest/Baseline/policy.protocols.irc.basic/irc.log

@@ -1,5 +1,5 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	nick	user	channels	command	value	addl	tags	dcc_file_name	dcc_file_size	extraction_file
-1311189164.119437	fy6xiLr8WMl	192.168.1.77	57640	66.198.80.67	6667	-	-	-	NICK	bloed	-	-	-	-	-
+1311189164.119437	UWkUyAuUGXf	192.168.1.77	57640	66.198.80.67	6667	-	-	-	NICK	bloed	-	-	-	-	-
-1311189164.119437	fy6xiLr8WMl	192.168.1.77	57640	66.198.80.67	6667	bloed	-	-	USER	sdkfje	sdkfje Montreal.QC.CA.Undernet.org dkdkrwq	-	-	-	-
+1311189164.119437	UWkUyAuUGXf	192.168.1.77	57640	66.198.80.67	6667	bloed	-	-	USER	sdkfje	sdkfje Montreal.QC.CA.Undernet.org dkdkrwq	-	-	-	-
-1311189174.474127	fy6xiLr8WMl	192.168.1.77	57640	66.198.80.67	6667	bloed	sdkfje	-	JOIN	#easymovies	-	-	-	-	-
+1311189174.474127	UWkUyAuUGXf	192.168.1.77	57640	66.198.80.67	6667	bloed	sdkfje	-	JOIN	#easymovies	-	-	-	-	-
-1311189316.326025	fy6xiLr8WMl	192.168.1.77	57640	66.198.80.67	6667	bloed	sdkfje	-	DCC	#easymovies	-	-	ladyvampress-default(2011-07-07)-OS.zip	42208	-
+1311189316.326025	UWkUyAuUGXf	192.168.1.77	57640	66.198.80.67	6667	bloed	sdkfje	-	DCC	#easymovies	-	-	ladyvampress-default(2011-07-07)-OS.zip	42208	-

testing/btest/Baseline/policy.protocols.irc.dcc-extract/irc.log

@@ -1,5 +1,5 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	nick	user	channels	command	value	addl	tags	dcc_file_name	dcc_file_size	dcc_mime_type	extraction_file
-1311189164.119437	fy6xiLr8WMl	192.168.1.77	57640	66.198.80.67	6667	-	-	-	NICK	bloed	-	-	-	-	-	-
+1311189164.119437	UWkUyAuUGXf	192.168.1.77	57640	66.198.80.67	6667	-	-	-	NICK	bloed	-	-	-	-	-	-
-1311189164.119437	fy6xiLr8WMl	192.168.1.77	57640	66.198.80.67	6667	bloed	-	-	USER	sdkfje	sdkfje Montreal.QC.CA.Undernet.org dkdkrwq	-	-	-	-	-
+1311189164.119437	UWkUyAuUGXf	192.168.1.77	57640	66.198.80.67	6667	bloed	-	-	USER	sdkfje	sdkfje Montreal.QC.CA.Undernet.org dkdkrwq	-	-	-	-	-
-1311189174.474127	fy6xiLr8WMl	192.168.1.77	57640	66.198.80.67	6667	bloed	sdkfje	-	JOIN	#easymovies	-	-	-	-	-	-
+1311189174.474127	UWkUyAuUGXf	192.168.1.77	57640	66.198.80.67	6667	bloed	sdkfje	-	JOIN	#easymovies	-	-	-	-	-	-
-1311189316.326025	fy6xiLr8WMl	192.168.1.77	57640	66.198.80.67	6667	bloed	sdkfje	-	DCC	#easymovies	-	IRC::EXTRACTED_FILE	ladyvampress-default(2011-07-07)-OS.zip	42208	FAKE_MIME	irc-dcc-item_192.168.1.77:57655-209.197.168.151:1024_1.dat
+1311189316.326025	UWkUyAuUGXf	192.168.1.77	57640	66.198.80.67	6667	bloed	sdkfje	-	DCC	#easymovies	-	IRC::EXTRACTED_FILE	ladyvampress-default(2011-07-07)-OS.zip	42208	FAKE_MIME	irc-dcc-item_192.168.1.77:57655-209.197.168.151:1024_1.dat

testing/btest/Baseline/policy.protocols.smtp.basic/smtp.log

@@ -1,2 +1,2 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	mid	helo	mailfrom	rcptto	date	from	to	reply_to	msg_id	in_reply_to	subject	x_originating_ip	first_received	second_received	last_reply	path	user_agent
-1254722768.219663	56gKBmhBBB6	10.10.1.4	1470	74.53.140.153	25	@50da4BEzauh	GP	<gurpartap@patriots.in>	<raj_deol2002in@yahoo.co.in>	Mon, 5 Oct 2009 11:36:07 +0530	"Gurpartap Singh" <gurpartap@patriots.in>	<raj_deol2002in@yahoo.co.in>	-	<000301ca4581$ef9e57f0$cedb07d0$@in>	-	SMTP	-	-	-	250 OK id=1Mugho-0003Dg-Un	74.53.140.153,10.10.1.4	Microsoft Office Outlook 12.0
+1254722768.219663	arKYeMETxOg	10.10.1.4	1470	74.53.140.153	25	@56gKBmhBBB6	GP	<gurpartap@patriots.in>	<raj_deol2002in@yahoo.co.in>	Mon, 5 Oct 2009 11:36:07 +0530	"Gurpartap Singh" <gurpartap@patriots.in>	<raj_deol2002in@yahoo.co.in>	-	<000301ca4581$ef9e57f0$cedb07d0$@in>	-	SMTP	-	-	-	250 OK id=1Mugho-0003Dg-Un	74.53.140.153,10.10.1.4	Microsoft Office Outlook 12.0

testing/btest/Baseline/policy.protocols.smtp.mime-extract/smtp_entities.log

@@ -1,4 +1,4 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	mid	filename	content_len	mime_type	md5	extraction_file	excerpt
-1254722770.692743	56gKBmhBBB6	10.10.1.4	1470	74.53.140.153	25	@50da4BEzauh	-	79	FAKE_MIME	-	smtp-entity_10.10.1.4:1470-74.53.140.153:25_1.dat	-
+1254722770.692743	arKYeMETxOg	10.10.1.4	1470	74.53.140.153	25	@56gKBmhBBB6	-	79	FAKE_MIME	-	smtp-entity_10.10.1.4:1470-74.53.140.153:25_1.dat	-
-1254722770.692743	56gKBmhBBB6	10.10.1.4	1470	74.53.140.153	25	@50da4BEzauh	-	1918	FAKE_MIME	-	-	-
+1254722770.692743	arKYeMETxOg	10.10.1.4	1470	74.53.140.153	25	@56gKBmhBBB6	-	1918	FAKE_MIME	-	-	-
-1254722770.692804	56gKBmhBBB6	10.10.1.4	1470	74.53.140.153	25	@50da4BEzauh	NEWS.txt	10823	FAKE_MIME	-	smtp-entity_10.10.1.4:1470-74.53.140.153:25_2.dat	-
+1254722770.692804	arKYeMETxOg	10.10.1.4	1470	74.53.140.153	25	@56gKBmhBBB6	NEWS.txt	10823	FAKE_MIME	-	smtp-entity_10.10.1.4:1470-74.53.140.153:25_2.dat	-

testing/btest/Baseline/policy.protocols.smtp.mime/smtp_entities.log

@@ -1,4 +1,4 @@
 # ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	mid	filename	content_len	mime_type	md5	extraction_file	excerpt
-1254722770.692743	56gKBmhBBB6	10.10.1.4	1470	74.53.140.153	25	@50da4BEzauh	-	79	FAKE_MIME	92bca2e6cdcde73647125da7dccbdd07	-	-
+1254722770.692743	arKYeMETxOg	10.10.1.4	1470	74.53.140.153	25	@56gKBmhBBB6	-	79	FAKE_MIME	92bca2e6cdcde73647125da7dccbdd07	-	-
-1254722770.692743	56gKBmhBBB6	10.10.1.4	1470	74.53.140.153	25	@50da4BEzauh	-	1918	FAKE_MIME	-	-	-
+1254722770.692743	arKYeMETxOg	10.10.1.4	1470	74.53.140.153	25	@56gKBmhBBB6	-	1918	FAKE_MIME	-	-	-
-1254722770.692804	56gKBmhBBB6	10.10.1.4	1470	74.53.140.153	25	@50da4BEzauh	NEWS.txt	10823	FAKE_MIME	a968bb0f9f9d95835b2e74c845877e87	-	-
+1254722770.692804	arKYeMETxOg	10.10.1.4	1470	74.53.140.153	25	@56gKBmhBBB6	NEWS.txt	10823	FAKE_MIME	a968bb0f9f9d95835b2e74c845877e87	-	-

testing/btest/bifs/unique_id-pools.bro

@@ -6,11 +6,11 @@
 @TEST-START-FILE order_rand.bro
 
 print unique_id("A-");
-print unique_id_from("beta", "E-");
+print unique_id_from(5, "E-");
 print unique_id("B-");
-print unique_id_from("alpha", "D-");
+print unique_id_from(4, "D-");
 print unique_id("C-");
-print unique_id_from("beta", "F-");
+print unique_id_from(5, "F-");
 
 @TEST-END-FILE
 
@@ -19,9 +19,9 @@ print unique_id_from("beta", "F-");
 print unique_id("A-");
 print unique_id("B-");
 print unique_id("C-");
-print unique_id_from("alpha", "D-");
+print unique_id_from(4, "D-");
-print unique_id_from("beta", "E-");
+print unique_id_from(5, "E-");
-print unique_id_from("beta", "F-");
+print unique_id_from(5, "F-");
 
 @TEST-END-FILE
 

testing/btest/bifs/unique_id-rnd.bro

@@ -7,6 +7,6 @@
 print unique_id("A-");
 print unique_id("B-");
 print unique_id("C-");
-print unique_id_from("alpha", "D-");
+print unique_id_from(4, "D-");
-print unique_id_from("beta", "E-");
+print unique_id_from(5, "E-");
-print unique_id_from("beta", "F-");
+print unique_id_from(5, "F-");

testing/btest/bifs/unique_id.bro

@@ -5,6 +5,6 @@
 print unique_id("A-");
 print unique_id("B-");
 print unique_id("C-");
-print unique_id_from("alpha", "D-");
+print unique_id_from(4, "D-");
-print unique_id_from("beta", "E-");
+print unique_id_from(5, "E-");
-print unique_id_from("beta", "F-");
+print unique_id_from(5, "F-");