Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 21:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Rewrite internal handling of rules.

Browse source 
This has no user-facing changes. It makes the internal handling of rules
much easier (no crazy duplicate rules in case our rules are added to
several backends).

It also fixes several open ends and small bugs in the process.
This commit is contained in:
Johanna Amann 2016-03-09 15:43:47 -08:00
parent 562e5a9f63
commit 7ef431808d
31 changed files with 409 additions and 295 deletions
Download patch file Download diff file Expand all files Collapse all files

4
testing/btest/scripts/base/frameworks/netcontrol/multiple.bro
View file

@ -1,5 +1,6 @@
# @TEST-EXEC: bro -r $TRACES/tls/ecdhe.pcap %INPUT
# @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff netcontrol.log
# @TEST-EXEC: btest-diff openflow.log
@load base/frameworks/netcontrol
@ -22,6 +23,7 @@ event remove_all()
NetControl::remove_rule(rules[i]);
}
event connection_established(c: connection)
{
local id = c$id;
@ -30,6 +32,6 @@ event connection_established(c: connection)
rules[|rules|] = NetControl::whitelist_address(id$orig_h, 0secs);
rules[|rules|] = NetControl::redirect_flow([$src_h=id$orig_h, $src_p=id$orig_p, $dst_h=id$resp_h, $dst_p=id$resp_p], 5, 0secs);
schedule 10sec { remove_all() };
schedule 1sec { remove_all() };
}