Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Expand Broker APIs to allow tracking directionality of peering establishment

Browse source 
This provides ways to figure out for a given peer, or a given address/port pair,
whether the local node originally established the peering.
This commit is contained in:
Christian Kreibich 2025-04-18 15:50:13 -07:00
parent d59f6014b8
commit b430d5235c
9 changed files with 123 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
testing/btest/Baseline/broker.peering-directionality/client.out Normal file
View file

@ -0,0 +1,4 @@
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
peered, this is the outgoing peering: T
via Broker::peers(): T
after unpeering: F

3
testing/btest/Baseline/broker.peering-directionality/server.out Normal file
View file

@ -0,0 +1,3 @@
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
peered, this is the outgoing peering: F
via Broker::peers(): F

2
testing/btest/Baseline/opt.ZAM-bif-tracking/output
View file

@ -1,2 +1,2 @@
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
557 seen BiFs, 0 unseen BiFs (), 0 new BiFs ()
558 seen BiFs, 0 unseen BiFs (), 0 new BiFs ()

54
testing/btest/broker/peering-directionality.zeek Normal file
View file

@ -0,0 +1,54 @@
# This tests whether the script-layer can correctly query if a given Broker
# peering originated from the local node or from another node that peered with it.
#
# @TEST-GROUP: broker
# @TEST-PORT: BROKER_PORT
#
# @TEST-EXEC: btest-bg-run client "zeek -b ../client.zeek >out"
# @TEST-EXEC: btest-bg-run server "zeek -b ../server.zeek >out"
#
# @TEST-EXEC: btest-bg-wait 15
# @TEST-EXEC: btest-diff client/out
# @TEST-EXEC: btest-diff server/out
# @TEST-START-FILE client.zeek
redef exit_only_after_terminate = T;
event zeek_init()
{
Broker::subscribe("zeek/event/my_topic");
Broker::peer("127.0.0.1", to_port(getenv("BROKER_PORT")));
}
event Broker::peer_added(ep: Broker::EndpointInfo, msg: string)
{
print fmt("peered, this is the outgoing peering: %s",
Broker::is_outbound_peering(ep$network$address, ep$network$bound_port));
print fmt("via Broker::peers(): %s", Broker::peers()[0]$is_outbound);
Broker::unpeer("127.0.0.1", to_port(getenv("BROKER_PORT")));
print fmt("after unpeering: %s",
Broker::is_outbound_peering(ep$network$address, ep$network$bound_port));
terminate();
}
# @TEST-END-FILE
# @TEST-START-FILE server.zeek
redef exit_only_after_terminate = T;
event zeek_init()
{
Broker::subscribe("zeek/event/my_topic");
Broker::listen("127.0.0.1", to_port(getenv("BROKER_PORT")));
}
event Broker::peer_added(ep: Broker::EndpointInfo, msg: string)
{
print fmt("peered, this is the outgoing peering: %s",
Broker::is_outbound_peering(ep$network$address, ep$network$bound_port));
print fmt("via Broker::peers(): %s", Broker::peers()[0]$is_outbound);
terminate();
}
# @TEST-END-FILE

1
testing/btest/opt/ZAM-bif-tracking.zeek
View file

@ -38,6 +38,7 @@ global known_BiFs = set(
"Broker::__insert_into_set",
"Broker::__insert_into_table",
"Broker::__is_closed",
"Broker::__is_outbound_peering",
"Broker::__keys",
"Broker::__listen",
"Broker::__node_id",