diff --git a/CHANGES b/CHANGES index 77b404540f..2c02956e6b 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,29 @@ +2.4-184 | 2015-10-23 14:33:11 -0700 + + * Removing pcap options for AF_PACKET support. Addresses BIT-1363. + (Robin Sommer) + + * Correct a typo in controller.bro documentation. (Daniel Thayer) + + * Extend SSL DPD signature to allow alert before server_hello. + (Johanna Amann) + + * Make join_string_vec work with vectors containing empty elements. + (Johanna Amann) + + * Fix support for HTTP CONNECT when server adds headers to response. + (Eric Karasuda). + + * Load static CA list for validation tests too. (Johanna Amann) + + * Remove cluster certificate validation script. (Johanna Amann) + + * Fix a bug in diff-remove-x509-names canonifier. (Daniel Thayer) + + * Fix test canonifiers in scripts/policy/protocols/ssl. (Daniel + Thayer) + 2.4-169 | 2015-10-01 17:21:21 -0700 * Fixed parsing of V_ASN1_GENERALIZEDTIME timestamps in x509 diff --git a/CMakeLists.txt b/CMakeLists.txt index 846f2b484a..b96923aa56 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -155,7 +155,6 @@ include(TestBigEndian) test_big_endian(WORDS_BIGENDIAN) include(CheckSymbolExists) check_symbol_exists(htonll arpa/inet.h HAVE_BYTEORDER_64) -check_symbol_exists(PACKET_FANOUT linux/if_packet.h HAVE_PACKET_FANOUT) include(OSSpecific) include(CheckTypes) diff --git a/NEWS b/NEWS index 0ef4c4bbe5..8633d7aaf1 100644 --- a/NEWS +++ b/NEWS @@ -20,10 +20,6 @@ New Dependencies - The pcap buffer size can set through the new option Pcap::bufsize. -- Bro can now leverage packet fanout mode on Linux through the new - options Pcap::packet_fanout_enable, Pcap::packet_fanout_id, and - Pcap::packet_fanout_defrag. - New Functionality ----------------- diff --git a/VERSION b/VERSION index 622ec2383c..208274b761 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.4-169 +2.4-184 diff --git a/bro-config.h.in b/bro-config.h.in index fd24a1fe30..755a9eee98 100644 --- a/bro-config.h.in +++ b/bro-config.h.in @@ -213,9 +213,6 @@ /* Common IPv6 extension structure */ #cmakedefine HAVE_IP6_EXT -/* Linux packet fanout */ -#cmakedefine HAVE_PACKET_FANOUT - /* String with host architecture (e.g., "linux-x86_64") */ #define HOST_ARCHITECTURE "@HOST_ARCHITECTURE@" diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro index 2d8a20e7a3..94b6ed33e5 100644 --- a/scripts/base/init-bare.bro +++ b/scripts/base/init-bare.bro @@ -3707,19 +3707,8 @@ export { const snaplen = 8192 &redef; ## Number of Mbytes to provide as buffer space when capturing from live - ## interfaces. + ## interfaces. const bufsize = 128 &redef; - - ## Toggle whether to do packet fanout (Linux-only). - const packet_fanout_enable = F &redef; - - ## If packet fanout is enabled, the id to sue for it. This should be shared amongst - ## worker processes processing the same socket. - const packet_fanout_id = 0 &redef; - - ## If packet fanout is enabled, whether packets are to be defragmented before - ## fanout is applied. - const packet_fanout_defrag = T &redef; } # end export module GLOBAL; diff --git a/src/iosource/pcap/Source.cc b/src/iosource/pcap/Source.cc index 98be670e7a..8158266f1c 100644 --- a/src/iosource/pcap/Source.cc +++ b/src/iosource/pcap/Source.cc @@ -13,10 +13,6 @@ #include #endif -#ifdef HAVE_PACKET_FANOUT -#include -#endif - using namespace iosource::pcap; PcapSource::~PcapSource() @@ -156,24 +152,6 @@ void PcapSource::OpenLive() // Was closed, couldn't get header size. return; -#ifdef HAVE_PACKET_FANOUT - // Turn on cluster mode for the device. - if ( BifConst::Pcap::packet_fanout_enable ) - { - uint32_t packet_fanout_arg = (PACKET_FANOUT_HASH << 16) - | (BifConst::Pcap::packet_fanout_id & 0xffff); - - if ( BifConst::Pcap::packet_fanout_defrag ) - packet_fanout_arg |= (PACKET_FANOUT_FLAG_DEFRAG << 16); - - if ( setsockopt(props.selectable_fd, SOL_PACKET, PACKET_FANOUT, &packet_fanout_arg, sizeof(packet_fanout_arg)) == -1 ) - { - Error(fmt("packet fanout: %s", strerror(errno))); - return; - } - } -#endif - props.is_live = true; Opened(props); diff --git a/src/iosource/pcap/const.bif b/src/iosource/pcap/const.bif index 8b6d0b9017..877dccef74 100644 --- a/src/iosource/pcap/const.bif +++ b/src/iosource/pcap/const.bif @@ -2,8 +2,3 @@ const Pcap::snaplen: count; const Pcap::bufsize: count; - -const Pcap::packet_fanout_enable: bool; -const Pcap::packet_fanout_id: count; -const Pcap::packet_fanout_defrag: bool; -