mirror of
https://github.com/zeek/zeek.git
synced 2025-10-11 19:18:19 +00:00
Merge remote-tracking branch 'origin/master' into topic/johanna/ocsp-sct-validate
This commit is contained in:
Johanna Amann
commit
b7a7e45a07
87 changed files with 1583 additions and 172 deletions
|
|
@ -26,6 +26,13 @@ export {
|
|||
## This option is also available as a per-filter ``$config`` option.
|
||||
const use_json = F &redef;
|
||||
|
||||
## Define the gzip level to compress the logs. If 0, then no gzip
|
||||
## compression is performed. Enabling compression also changes
|
||||
## the log file name extension to include ".gz".
|
||||
##
|
||||
## This option is also available as a per-filter ``$config`` option.
|
||||
const gzip_level = 0 &redef;
|
||||
|
||||
## Format of timestamps when writing out JSON. By default, the JSON
|
||||
## formatter will use double values for timestamps which represent the
|
||||
## number of seconds from the UNIX epoch.
|
||||
|
|
|
|||
|
|
@ -318,7 +318,7 @@ function openflow_add_rule(p: PluginState, r: Rule) : bool
|
|||
++flow_mod$cookie;
|
||||
}
|
||||
else
|
||||
event rule_error(r, p, "Error while executing OpenFlow::flow_mod");
|
||||
event NetControl::rule_error(r, p, "Error while executing OpenFlow::flow_mod");
|
||||
}
|
||||
|
||||
return T;
|
||||
|
|
@ -338,7 +338,7 @@ function openflow_remove_rule(p: PluginState, r: Rule, reason: string) : bool
|
|||
of_messages[r$cid, flow_mod$command] = OfTable($p=p, $r=r);
|
||||
else
|
||||
{
|
||||
event rule_error(r, p, "Error while executing OpenFlow::flow_mod");
|
||||
event NetControl::rule_error(r, p, "Error while executing OpenFlow::flow_mod");
|
||||
return F;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -21,10 +21,10 @@ redef Cluster::manager2worker_events += /Notice::begin_suppression/;
|
|||
redef Cluster::worker2manager_events += /Notice::cluster_notice/;
|
||||
|
||||
@if ( Cluster::local_node_type() != Cluster::MANAGER )
|
||||
event Notice::begin_suppression(n: Notice::Info)
|
||||
event Notice::begin_suppression(ts: time, suppress_for: interval, note: Type, identifier: string)
|
||||
{
|
||||
local suppress_until = n$ts + n$suppress_for;
|
||||
suppressing[n$note, n$identifier] = suppress_until;
|
||||
local suppress_until = ts + suppress_for;
|
||||
suppressing[note, identifier] = suppress_until;
|
||||
}
|
||||
@endif
|
||||
|
||||
|
|
|
|||
|
|
@ -261,9 +261,14 @@ export {
|
|||
|
||||
## This event is generated when a notice begins to be suppressed.
|
||||
##
|
||||
## n: The record containing notice data regarding the notice type
|
||||
## about to be suppressed.
|
||||
global begin_suppression: event(n: Notice::Info);
|
||||
## ts: time indicating then when the notice to be suppressed occured.
|
||||
##
|
||||
## suppress_for: length of time that this notice should be suppressed.
|
||||
##
|
||||
## note: The :bro:type:`Notice::Type` of the notice.
|
||||
##
|
||||
## identifier: The identifier string of the notice that should be suppressed.
|
||||
global begin_suppression: event(ts: time, suppress_for: interval, note: Type, identifier: string);
|
||||
|
||||
## A function to determine if an event is supposed to be suppressed.
|
||||
##
|
||||
|
|
@ -504,7 +509,7 @@ hook Notice::notice(n: Notice::Info) &priority=-5
|
|||
{
|
||||
local suppress_until = n$ts + n$suppress_for;
|
||||
suppressing[n$note, n$identifier] = suppress_until;
|
||||
event Notice::begin_suppression(n);
|
||||
event Notice::begin_suppression(n$ts, n$suppress_for, n$note, n$identifier);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2145,6 +2145,16 @@ export {
|
|||
rep_dur: interval;
|
||||
## The length in bytes of the reply.
|
||||
rep_len: count;
|
||||
## The user id of the reply.
|
||||
rpc_uid: count;
|
||||
## The group id of the reply.
|
||||
rpc_gid: count;
|
||||
## The stamp of the reply.
|
||||
rpc_stamp: count;
|
||||
## The machine name of the reply.
|
||||
rpc_machine_name: string;
|
||||
## The auxiliary ids of the reply.
|
||||
rpc_auxgids: index_vec;
|
||||
};
|
||||
|
||||
## NFS file attributes. Field names are based on RFC 1813.
|
||||
|
|
@ -2175,6 +2185,16 @@ export {
|
|||
fname: string; ##< The name of the file we are interested in.
|
||||
};
|
||||
|
||||
## NFS *rename* arguments.
|
||||
##
|
||||
## .. bro:see:: nfs_proc_rename
|
||||
type renameopargs_t : record {
|
||||
src_dirfh : string;
|
||||
src_fname : string;
|
||||
dst_dirfh : string;
|
||||
dst_fname : string;
|
||||
};
|
||||
|
||||
## NFS lookup reply. If the lookup failed, *dir_attr* may be set. If the
|
||||
## lookup succeeded, *fh* is always set and *obj_attr* and *dir_attr*
|
||||
## may be set.
|
||||
|
|
@ -2267,6 +2287,16 @@ export {
|
|||
dir_post_attr: fattr_t &optional; ##< Optional attributes associated w/ dir.
|
||||
};
|
||||
|
||||
## NFS reply for *rename*. Corresponds to *wcc_data* in the spec.
|
||||
##
|
||||
## .. bro:see:: nfs_proc_rename
|
||||
type renameobj_reply_t: record {
|
||||
src_dir_pre_attr: wcc_attr_t;
|
||||
src_dir_post_attr: fattr_t;
|
||||
dst_dir_pre_attr: wcc_attr_t;
|
||||
dst_dir_post_attr: fattr_t;
|
||||
};
|
||||
|
||||
## NFS *readdir* arguments. Used for both *readdir* and *readdirplus*.
|
||||
##
|
||||
## .. bro:see:: nfs_proc_readdir
|
||||
|
|
|
|||
|
|
@ -86,5 +86,5 @@ export {
|
|||
|
||||
function at_least(version_string: string): bool
|
||||
{
|
||||
return Version::parse(version_string)$version_number >= Version::number;
|
||||
return Version::number >= Version::parse(version_string)$version_number;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue