mirror of
https://github.com/zeek/zeek.git
synced 2025-10-06 08:38:20 +00:00
reap the fruits of v += e
This commit is contained in:
Vern Paxson
parent
81c63a0c65
commit
88fd7510c6
37 changed files with 132 additions and 132 deletions
|
|
@ -178,7 +178,7 @@ event DHCP::aggregate_msgs(ts: time, id: conn_id, uid: string, is_orig: bool, ms
|
|||
if ( uid !in log_info$uids )
|
||||
add log_info$uids[uid];
|
||||
|
||||
log_info$msg_types[|log_info$msg_types|] = DHCP::message_types[msg$m_type];
|
||||
log_info$msg_types += DHCP::message_types[msg$m_type];
|
||||
|
||||
# Let's watch for messages in any DHCP message type
|
||||
# and split them out based on client and server.
|
||||
|
|
|
|||
|
|
@ -324,11 +324,11 @@ hook DNS::do_reply(c: connection, msg: dns_msg, ans: dns_answer, reply: string)
|
|||
{
|
||||
if ( ! c$dns?$answers )
|
||||
c$dns$answers = vector();
|
||||
c$dns$answers[|c$dns$answers|] = reply;
|
||||
c$dns$answers += reply;
|
||||
|
||||
if ( ! c$dns?$TTLs )
|
||||
c$dns$TTLs = vector();
|
||||
c$dns$TTLs[|c$dns$TTLs|] = ans$TTL;
|
||||
c$dns$TTLs += ans$TTL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -87,14 +87,14 @@ event file_over_new_connection(f: fa_file, c: connection, is_orig: bool) &priori
|
|||
if ( ! c$http?$orig_fuids )
|
||||
c$http$orig_fuids = string_vec(f$id);
|
||||
else
|
||||
c$http$orig_fuids[|c$http$orig_fuids|] = f$id;
|
||||
c$http$orig_fuids += f$id;
|
||||
|
||||
if ( f$info?$filename )
|
||||
{
|
||||
if ( ! c$http?$orig_filenames )
|
||||
c$http$orig_filenames = string_vec(f$info$filename);
|
||||
else
|
||||
c$http$orig_filenames[|c$http$orig_filenames|] = f$info$filename;
|
||||
c$http$orig_filenames += f$info$filename;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -103,14 +103,14 @@ event file_over_new_connection(f: fa_file, c: connection, is_orig: bool) &priori
|
|||
if ( ! c$http?$resp_fuids )
|
||||
c$http$resp_fuids = string_vec(f$id);
|
||||
else
|
||||
c$http$resp_fuids[|c$http$resp_fuids|] = f$id;
|
||||
c$http$resp_fuids += f$id;
|
||||
|
||||
if ( f$info?$filename )
|
||||
{
|
||||
if ( ! c$http?$resp_filenames )
|
||||
c$http$resp_filenames = string_vec(f$info$filename);
|
||||
else
|
||||
c$http$resp_filenames[|c$http$resp_filenames|] = f$info$filename;
|
||||
c$http$resp_filenames += f$info$filename;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -130,14 +130,14 @@ event file_sniff(f: fa_file, meta: fa_metadata) &priority=5
|
|||
if ( ! f$http?$orig_mime_types )
|
||||
f$http$orig_mime_types = string_vec(meta$mime_type);
|
||||
else
|
||||
f$http$orig_mime_types[|f$http$orig_mime_types|] = meta$mime_type;
|
||||
f$http$orig_mime_types += meta$mime_type;
|
||||
}
|
||||
else
|
||||
{
|
||||
if ( ! f$http?$resp_mime_types )
|
||||
f$http$resp_mime_types = string_vec(meta$mime_type);
|
||||
else
|
||||
f$http$resp_mime_types[|f$http$resp_mime_types|] = meta$mime_type;
|
||||
f$http$resp_mime_types += meta$mime_type;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ function extract_keys(data: string, kv_splitter: pattern): string_vec
|
|||
{
|
||||
local key_val = split_string1(parts[part_index], /=/);
|
||||
if ( 0 in key_val )
|
||||
key_vec[|key_vec|] = key_val[0];
|
||||
key_vec += key_val[0];
|
||||
}
|
||||
return key_vec;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -226,7 +226,7 @@ event sip_header(c: connection, is_request: bool, name: string, value: string) &
|
|||
c$sip$user_agent = value;
|
||||
break;
|
||||
case "VIA", "V":
|
||||
c$sip$request_path[|c$sip$request_path|] = split_string1(value, /;[ ]?branch/)[0];
|
||||
c$sip$request_path += split_string1(value, /;[ ]?branch/)[0];
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
@ -256,7 +256,7 @@ event sip_header(c: connection, is_request: bool, name: string, value: string) &
|
|||
c$sip$response_to = value;
|
||||
break;
|
||||
case "VIA", "V":
|
||||
c$sip$response_path[|c$sip$response_path|] = split_string1(value, /;[ ]?branch/)[0];
|
||||
c$sip$response_path += split_string1(value, /;[ ]?branch/)[0];
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -49,5 +49,5 @@ event bro_init() &priority=5
|
|||
event file_over_new_connection(f: fa_file, c: connection, is_orig: bool) &priority=5
|
||||
{
|
||||
if ( c?$smtp && !c$smtp$tls )
|
||||
c$smtp$fuids[|c$smtp$fuids|] = f$id;
|
||||
c$smtp$fuids += f$id;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -295,7 +295,7 @@ event mime_one_header(c: connection, h: mime_header_rec) &priority=3
|
|||
c$smtp$process_received_from = F;
|
||||
}
|
||||
if ( c$smtp$path[|c$smtp$path|-1] != ip )
|
||||
c$smtp$path[|c$smtp$path|] = ip;
|
||||
c$smtp$path += ip;
|
||||
}
|
||||
|
||||
event connection_state_remove(c: connection) &priority=-5
|
||||
|
|
|
|||
|
|
@ -121,13 +121,13 @@ event file_sniff(f: fa_file, meta: fa_metadata) &priority=5
|
|||
|
||||
if ( f$is_orig )
|
||||
{
|
||||
c$ssl$client_cert_chain[|c$ssl$client_cert_chain|] = f$info;
|
||||
c$ssl$client_cert_chain_fuids[|c$ssl$client_cert_chain_fuids|] = f$id;
|
||||
c$ssl$client_cert_chain += f$info;
|
||||
c$ssl$client_cert_chain_fuids += f$id;
|
||||
}
|
||||
else
|
||||
{
|
||||
c$ssl$cert_chain[|c$ssl$cert_chain|] = f$info;
|
||||
c$ssl$cert_chain_fuids[|c$ssl$cert_chain_fuids|] = f$id;
|
||||
c$ssl$cert_chain += f$info;
|
||||
c$ssl$cert_chain_fuids += f$id;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue