Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-04 15:48:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

FileAnalysis: decentralize unique file handle generator callbacks.

Browse source 
The framework now cycles through callbacks based on a table indexed
by analyzer tags, or the special case of service strings if a given
analyzer is overloaded for multiple protocols (FTP/IRC data).  This
lets each protocol script bundle implement the callback locally and
reduces the FAF's external dependencies.
This commit is contained in:
Jon Siwek 2013-03-13 10:48:26 -05:00
parent bb3228e8f6
commit 878dfff2f2
10 changed files with 108 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/file_analysis/Manager.h
View file

@ -9,6 +9,7 @@
#include "Net.h"
#include "Conn.h"
#include "Val.h"
#include "Analyzer.h"
#include "Info.h"
#include "InfoTimer.h"
@ -141,7 +142,9 @@ protected:
* time the function was evaluated (possibly because some events
* have not yet been drained from the queue).
*/
string GetFileHandle(Connection* conn, bool is_orig);
string GetFileHandle(Connection* conn, bool is_orig) const;
string GetFileHandle(Analyzer* root, Connection* conn,
bool is_orig) const;
/**
* @return the Info object mapped to \a file_id, or a null pointer if no