Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'empty_services' of https://github.com/mauropalumbo75/zeek

Browse source 
* 'empty_services' of https://github.com/mauropalumbo75/zeek:
  remove empty services and include udp active connections when logging in connection_state_remove
This commit is contained in:
Jon Siwek 2019-08-09 09:56:06 -07:00
commit a68c9f6b71
5 changed files with 13 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
CHANGES
View file

@ -1,4 +1,10 @@
3.1.0-dev.7 | 2019-08-09 09:56:06 -0700
* Remove empty services from known_services.log (Mauro Palumbo)
* Add check to log to known_services.log when removing active udp connections (Mauro Palumbo)
3.1.0-dev.5 | 2019-08-09 09:33:22 -0700 3.1.0-dev.5 | 2019-08-09 09:33:22 -0700
* Add Intel::read_error event to allow custom error handling (Mauro Palumbo) * Add Intel::read_error event to allow custom error handling (Mauro Palumbo)

2
VERSION
View file

@ -1 +1 @@
3.1.0-dev.5 3.1.0-dev.7

5
scripts/policy/protocols/conn/known-services.zeek
View file

@ -210,7 +210,10 @@ event connection_state_remove(c: connection) &priority=-5
if ( c$known_services_done ) if ( c$known_services_done )
return; return;
if ( c$resp$state != TCP_ESTABLISHED ) if ( c$resp$state != TCP_ESTABLISHED && c$resp$state != UDP_ACTIVE )
return;
if ( |c$service| == 0 )
return; return;
known_services_done(c); known_services_done(c);

2
testing/external/commit-hash.zeek-testing vendored
View file

@ -1 +1 @@
4e78e7e6f9baf56ec6303d2580f380628fd31e36 5e5a5e8dbb94215a7ca1def810f4bbe0322bc72e

2
testing/external/commit-hash.zeek-testing-private vendored
View file

@ -1 +1 @@
6fef8f0d8eb896856fa72551af65668d0ea01bf4 b7cf5aa8224fb39baf7497d187f48165fad050da