GH-234: rename Broxygen to Zeexygen along with roles/directives

* All "Broxygen" usages have been replaced in
  code, documentation, filenames, etc.

* Sphinx roles/directives like ":bro:see" are now ":zeek:see"

* The "--broxygen" command-line option is now "--zeexygen"

scripts/base/protocols/conn/contents.zeek

@@ -2,7 +2,7 @@
 ##! responders data or both.  By default nothing is extracted, and in order 
 ##! to actually extract data the ``c$extract_orig`` and/or the
 ##! ``c$extract_resp`` variable must be set to ``T``.  One way to achieve this
-##! would be to handle the :bro:id:`connection_established` event elsewhere
+##! would be to handle the :zeek:id:`connection_established` event elsewhere
 ##! and set the ``extract_orig`` and ``extract_resp`` options there.
 ##! However, there may be trouble with the timing due to event queue delay.
 ##!

scripts/base/protocols/conn/main.zeek

@@ -78,13 +78,13 @@ export {
 
 		## If the connection is originated locally, this value will be T.
 		## If it was originated remotely it will be F.  In the case that
-		## the :bro:id:`Site::local_nets` variable is undefined, this
+		## the :zeek:id:`Site::local_nets` variable is undefined, this
 		## field will be left empty at all times.
 		local_orig:   bool            &log &optional;
 
 		## If the connection is responded to locally, this value will be T.
 		## If it was responded to remotely it will be F.  In the case that
-		## the :bro:id:`Site::local_nets` variable is undefined, this
+		## the :zeek:id:`Site::local_nets` variable is undefined, this
 		## field will be left empty at all times.
 		local_resp:   bool            &log &optional;
 
@@ -128,18 +128,18 @@ export {
 		## (at least) 10 times; the third instance, 100 times; etc.
 		history:      string          &log &optional;
 		## Number of packets that the originator sent.
-		## Only set if :bro:id:`use_conn_size_analyzer` = T.
+		## Only set if :zeek:id:`use_conn_size_analyzer` = T.
 		orig_pkts:     count      &log &optional;
 		## Number of IP level bytes that the originator sent (as seen on
 		## the wire, taken from the IP total_length header field).
-		## Only set if :bro:id:`use_conn_size_analyzer` = T.
+		## Only set if :zeek:id:`use_conn_size_analyzer` = T.
 		orig_ip_bytes: count      &log &optional;
 		## Number of packets that the responder sent.
-		## Only set if :bro:id:`use_conn_size_analyzer` = T.
+		## Only set if :zeek:id:`use_conn_size_analyzer` = T.
 		resp_pkts:     count      &log &optional;
 		## Number of IP level bytes that the responder sent (as seen on
 		## the wire, taken from the IP total_length header field).
-		## Only set if :bro:id:`use_conn_size_analyzer` = T.
+		## Only set if :zeek:id:`use_conn_size_analyzer` = T.
 		resp_ip_bytes: count      &log &optional;
 		## If this connection was over a tunnel, indicate the
 		## *uid* values for any encapsulating parent connections
@@ -147,7 +147,7 @@ export {
 		tunnel_parents: set[string] &log &optional;
 	};
 
-	## Event that can be handled to access the :bro:type:`Conn::Info`
+	## Event that can be handled to access the :zeek:type:`Conn::Info`
 	## record as it is sent on to the logging framework.
 	global log_conn: event(rec: Info);
 }

scripts/base/protocols/dhcp/main.zeek

@@ -89,13 +89,13 @@ export {
 	## This event is used internally to distribute data around clusters
 	## since DHCP doesn't follow the normal "connection" model used by
 	## most protocols. It can also be handled to extend the DHCP log.
-	## bro:see::`DHCP::log_info`.
+	## :zeek:see:`DHCP::log_info`.
 	global DHCP::aggregate_msgs: event(ts: time, id: conn_id, uid: string, is_orig: bool, msg: DHCP::Msg, options: DHCP::Options);
 
 	## This is a global variable that is only to be used in the
-	## :bro::see::`DHCP::aggregate_msgs` event. It can be used to avoid
+	## :zeek:see:`DHCP::aggregate_msgs` event. It can be used to avoid
 	## looking up the info record for a transaction ID in every event handler
-	## for :bro:see::`DHCP::aggregate_msgs`.
+	## for :zeek:see:`DHCP::aggregate_msgs`.
 	global DHCP::log_info: Info;
 
 	## Event that can be handled to access the DHCP

scripts/base/protocols/dns/main.zeek

@@ -80,7 +80,7 @@ export {
 		saw_reply: bool                &default=F;
 	};
 
-	## An event that can be handled to access the :bro:type:`DNS::Info`
+	## An event that can be handled to access the :zeek:type:`DNS::Info`
 	## record as it is sent to the logging framework.
 	global log_dns: event(rec: Info);
 
@@ -109,7 +109,7 @@ export {
 	## is_query: Indicator for if this is being called for a query or a response.
 	global set_session: hook(c: connection, msg: dns_msg, is_query: bool);
 
-	## Yields a queue of :bro:see:`DNS::Info` objects for a given
+	## Yields a queue of :zeek:see:`DNS::Info` objects for a given
 	## DNS message query/transaction ID.
 	type PendingMessages: table[count] of Queue::Queue;
 
@@ -126,7 +126,7 @@ export {
 	option max_pending_query_ids = 50;
 
 	## A record type which tracks the status of DNS queries for a given
-	## :bro:type:`connection`.
+	## :zeek:type:`connection`.
 	type State: record {
 		## A single query that hasn't been matched with a response yet.
 		## Note this is maintained separate from the *pending_queries*

scripts/base/protocols/ftp/gridftp.zeek

@@ -6,7 +6,7 @@
 ##! indicating the GSI mechanism for GSSAPI was used.  This analysis
 ##! is all supported internally, this script simply adds the "gridftp"
 ##! label to the *service* field of the control channel's
-##! :bro:type:`connection` record.
+##! :zeek:type:`connection` record.
 ##!
 ##! GridFTP data channels are identified by a heuristic that relies on
 ##! the fact that default settings for GridFTP clients typically
@@ -33,7 +33,7 @@ export {
 	option size_threshold = 1073741824;
 
 	## Time during which we check whether a connection's size exceeds the
-	## :bro:see:`GridFTP::size_threshold`.
+	## :zeek:see:`GridFTP::size_threshold`.
 	option max_time = 2 min;
 
 	## Whether to skip further processing of the GridFTP data channel once
@@ -46,8 +46,8 @@ export {
 	global data_channel_detected: event(c: connection);
 
 	## The initial criteria used to determine whether to start polling
-	## the connection for the :bro:see:`GridFTP::size_threshold` to have
-	## been exceeded.  This is called in a :bro:see:`ssl_established` event
+	## the connection for the :zeek:see:`GridFTP::size_threshold` to have
+	## been exceeded.  This is called in a :zeek:see:`ssl_established` event
 	## handler and by default looks for both a client and server certificate
 	## and for a NULL bulk cipher.  One way in which this function could be
 	## redefined is to make it also consider client/server certificate
@@ -56,7 +56,7 @@ export {
 	## c: The connection which may possibly be a GridFTP data channel.
 	##
 	## Returns: true if the connection should be further polled for an
-	##          exceeded :bro:see:`GridFTP::size_threshold`, else false.
+	##          exceeded :zeek:see:`GridFTP::size_threshold`, else false.
 	const data_channel_initial_criteria: function(c: connection): bool &redef;
 }
 

scripts/base/protocols/ftp/main.zeek

@@ -36,7 +36,7 @@ export {
 	## Parse FTP reply codes into the three constituent single digit values.
 	global parse_ftp_reply_code: function(code: count): ReplyCode;
 
-	## Event that can be handled to access the :bro:type:`FTP::Info`
+	## Event that can be handled to access the :zeek:type:`FTP::Info`
 	## record as it is sent on to the logging framework.
 	global log_ftp: event(rec: Info);
 }

scripts/base/protocols/ftp/utils.zeek

@@ -7,16 +7,16 @@
 module FTP;
 
 export {
-	## Creates a URL from an :bro:type:`FTP::Info` record.
+	## Creates a URL from an :zeek:type:`FTP::Info` record.
 	##
-	## rec: An :bro:type:`FTP::Info` record.
+	## rec: An :zeek:type:`FTP::Info` record.
 	##
 	## Returns: A URL, not prefixed by ``"ftp://"``.
 	global build_url: function(rec: Info): string;
 
-	## Creates a URL from an :bro:type:`FTP::Info` record.
+	## Creates a URL from an :zeek:type:`FTP::Info` record.
 	##
-	## rec: An :bro:type:`FTP::Info` record.
+	## rec: An :zeek:type:`FTP::Info` record.
 	##
 	## Returns: A URL prefixed with ``"ftp://"``.
 	global build_url_ftp: function(rec: Info): string;

scripts/base/protocols/http/entities.zeek

@@ -14,44 +14,44 @@ export {
 	};
 
 	## Maximum number of originator files to log.
-	## :bro:see:`HTTP::max_files_policy` even is called once this
+	## :zeek:see:`HTTP::max_files_policy` even is called once this
 	## limit is reached to determine if it's enforced.
 	option max_files_orig = 15;
 
 	## Maximum number of responder files to log.
-	## :bro:see:`HTTP::max_files_policy` even is called once this
+	## :zeek:see:`HTTP::max_files_policy` even is called once this
 	## limit is reached to determine if it's enforced.
 	option max_files_resp = 15;
 
 	## Called when reaching the max number of files across a given HTTP
-	## connection according to :bro:see:`HTTP::max_files_orig`
-	## or :bro:see:`HTTP::max_files_resp`.  Break from the hook
+	## connection according to :zeek:see:`HTTP::max_files_orig`
+	## or :zeek:see:`HTTP::max_files_resp`.  Break from the hook
 	## early to signal that the file limit should not be applied.
 	global max_files_policy: hook(f: fa_file, is_orig: bool);
 
 	redef record Info += {
 		## An ordered vector of file unique IDs.
-		## Limited to :bro:see:`HTTP::max_files_orig` entries.
+		## Limited to :zeek:see:`HTTP::max_files_orig` entries.
 		orig_fuids:      vector of string &log &optional;
 
 		## An ordered vector of filenames from the client.
-		## Limited to :bro:see:`HTTP::max_files_orig` entries.
+		## Limited to :zeek:see:`HTTP::max_files_orig` entries.
 		orig_filenames:  vector of string &log &optional;
 
 		## An ordered vector of mime types.
-		## Limited to :bro:see:`HTTP::max_files_orig` entries.
+		## Limited to :zeek:see:`HTTP::max_files_orig` entries.
 		orig_mime_types: vector of string &log &optional;
 
 		## An ordered vector of file unique IDs.
-		## Limited to :bro:see:`HTTP::max_files_resp` entries.
+		## Limited to :zeek:see:`HTTP::max_files_resp` entries.
 		resp_fuids:      vector of string &log &optional;
 
 		## An ordered vector of filenames from the server.
-		## Limited to :bro:see:`HTTP::max_files_resp` entries.
+		## Limited to :zeek:see:`HTTP::max_files_resp` entries.
 		resp_filenames:  vector of string &log &optional;
 
 		## An ordered vector of mime types.
-		## Limited to :bro:see:`HTTP::max_files_resp` entries.
+		## Limited to :zeek:see:`HTTP::max_files_resp` entries.
 		resp_mime_types: vector of string &log &optional;
 
 		## The current entity.

scripts/base/protocols/http/utils.zeek

@@ -17,18 +17,18 @@ export {
 	## Returns: A vector of strings containing the keys.
 	global extract_keys: function(data: string, kv_splitter: pattern): string_vec;
 	
-	## Creates a URL from an :bro:type:`HTTP::Info` record.  This should
+	## Creates a URL from an :zeek:type:`HTTP::Info` record.  This should
 	## handle edge cases such as proxied requests appropriately.
 	##
-	## rec: An :bro:type:`HTTP::Info` record.
+	## rec: An :zeek:type:`HTTP::Info` record.
 	##
 	## Returns: A URL, not prefixed by ``"http://"``.
 	global build_url: function(rec: Info): string;
 	
-	## Creates a URL from an :bro:type:`HTTP::Info` record.  This should
+	## Creates a URL from an :zeek:type:`HTTP::Info` record.  This should
 	## handle edge cases such as proxied requests appropriately.
 	##
-	## rec: An :bro:type:`HTTP::Info` record.
+	## rec: An :zeek:type:`HTTP::Info` record.
 	##
 	## Returns: A URL prefixed with ``"http://"``.
 	global build_url_http: function(rec: Info): string;

scripts/base/protocols/ssh/main.zeek

@@ -75,7 +75,7 @@ export {
 	## c: The connection over which the :abbr:`SSH (Secure Shell)`
 	##    connection took place.
 	##
-	## .. bro:see:: ssh_server_version ssh_client_version
+	## .. zeek:see:: ssh_server_version ssh_client_version
 	##    ssh_auth_successful ssh_auth_result ssh_auth_attempted
 	##    ssh_capabilities ssh2_server_host_key ssh1_server_host_key
 	##    ssh_server_host_key ssh_encrypted_packet ssh2_dh_server_params
@@ -98,7 +98,7 @@ export {
 	## auth_attempts: The number of authentication attempts that were
 	##    observed.
 	##
-	## .. bro:see:: ssh_server_version ssh_client_version
+	## .. zeek:see:: ssh_server_version ssh_client_version
 	##    ssh_auth_successful ssh_auth_failed ssh_auth_attempted
 	##    ssh_capabilities ssh2_server_host_key ssh1_server_host_key
 	##    ssh_server_host_key ssh_encrypted_packet ssh2_dh_server_params
@@ -106,10 +106,10 @@ export {
 	global ssh_auth_result: event(c: connection, result: bool, auth_attempts: count);
 
 	## Event that can be handled when the analyzer sees an SSH server host
-	## key. This abstracts :bro:id:`ssh1_server_host_key` and
-	## :bro:id:`ssh2_server_host_key`.
+	## key. This abstracts :zeek:id:`ssh1_server_host_key` and
+	## :zeek:id:`ssh2_server_host_key`.
 	##
-	## .. bro:see:: ssh_server_version ssh_client_version
+	## .. zeek:see:: ssh_server_version ssh_client_version
 	##    ssh_auth_successful ssh_auth_failed ssh_auth_result
 	##    ssh_auth_attempted ssh_capabilities ssh2_server_host_key
 	##    ssh1_server_host_key ssh_encrypted_packet ssh2_dh_server_params