Porting the istate tests to btest.

Note that currently most of them don't pass because (i) the code adding the environment variable for seeding the RNG has not been merged into master yet; and (2) Broccoli to Bro communication is currently broken because of the int64 problem. Once these are fixed, then baselines need to be recreated and checked. Therefore, the istate tests aren't activated in btest.cfg yet.
2025-10-02 06:38:20 +00:00 · 2011-03-29 21:46:06 -07:00 · 2011-03-29 21:46:06 -07:00 · bc39f9f048
commit bc39f9f048
parent 3562682ac9
21 changed files with 641 additions and 0 deletions
--- a/testing/btest/Baseline/istate.base/events
+++ b/testing/btest/Baseline/istate.base/events
@ -0,0 +1,33 @@
 Event [1301452424.097552] connection_pending([id=[orig_h=141.42.64.125, orig_p=56729/tcp, resp_h=125.190.109.199, resp_p=12345/tcp], orig=[size=0, state=1], resp=[size=0, state=6], start_time=1301452418.93139, duration=0.182432889938354, service={}, addl="", hot=0, history="Sr"])
 Event [1301452424.097552] connection_state_remove([id=[orig_h=141.42.64.125, orig_p=56729/tcp, resp_h=125.190.109.199, resp_p=12345/tcp], orig=[size=0, state=1], resp=[size=0, state=6], start_time=1301452418.93139, duration=0.182432889938354, service={}, addl="", hot=0, history="Sr"])
 Event [1301452424.099251] new_connection([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=0, state=1], resp=[size=0, state=0], start_time=1301452424.0315, duration=0.0, service={}, addl="cc=1", hot=0, history=""])
 Event [1301452424.280556] connection_established([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=0, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.182510137557983, service={}, addl="", hot=0, history="Sh"])
 Event [1301452424.280556] protocol_confirmation([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="", hot=0, history="ShAD"]165)
 Event [1301452424.282557] http_request([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="", hot=0, history="ShAD"]"GET""/""/""1.0")
 Event [1301452424.282557] http_begin_entity([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="%events-send-1", hot=0, history="ShAD"]T)
 Event [1301452424.284421] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"USER-AGENT""Wget/1.10")
 Event [1301452424.284421] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"ACCEPT""*/*")
 Event [1301452424.284421] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"HOST""www.icir.org")
 Event [1301452424.284421] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"CONNECTION""Keep-Alive")
 Event [1301452424.284421] http_content_type([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"TEXT""PLAIN")
 Event [1301452424.284421] http_end_entity([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T)
 Event [1301452424.284421] http_message_done([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301452424.0315, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T[start=1301452424.21479, interrupted=F, finish_msg="message ends normally", body_length=0, content_gap_length=0, header_length=86])
 Event [1301452424.465561] http_reply([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1", hot=0, history="ShADd"]"1.1"200"OK")
 Event [1301452424.465561] http_begin_entity([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F)
 Event [1301452424.465561] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"DATE""Fri, 07 Oct 2005 23:23:55 GMT")
 Event [1301452424.465561] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"SERVER""Apache/1.3.33 (Unix)")
 Event [1301452424.465561] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"LAST-MODIFIED""Fri, 07 Oct 2005 16:23:01 GMT")
 Event [1301452424.465561] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"ETAG"""2c96c-23aa-4346a0e5"")
 Event [1301452424.465561] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"ACCEPT-RANGES""bytes")
 Event [1301452424.465561] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"CONTENT-LENGTH""9130")
 Event [1301452424.465561] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"KEEP-ALIVE""timeout=15, max=100")
 Event [1301452424.465561] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"CONNECTION""Keep-Alive")
 Event [1301452424.465561] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"CONTENT-TYPE""text/html")
 Event [1301452424.465561] http_content_type([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301452424.0315, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"TEXT""HTML")
 Event [1301452424.648565] http_entity_data([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=5792, state=4], start_time=1301452424.0315, duration=0.551820039749146, service={}, addl="%events-send-1", hot=0, history="ShADd"]F4096"<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"^J"http://www.w3.org/TR/REC-html40/loose.dtd">^J<HEAD><TITLE>ICIR</TITLE></HEAD>^J<BODY bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#b20000">^J<img src=icir.gif alt="ICIR"><br>^J<p>^JICIR (The ICSI Center for Internet Research)^Jis a ^Jnon-profit^Jresearch institute at^J<a href="http://www.icsi.berkeley.edu">ICSI</a>^Jin ^J<a href="http://dir.yahoo.com/Regional/U_S__States/California/Cities/Berkeley/">Berkeley</a>, ^JCalifornia.<br>^JFor the three years from 1999 to 2001 we were named^JACIRI, the AT&T Center for Internet Research at ICSI, ^Jand were funded by <a href="http://www.att.com">AT&amp;T</a>.<br>^J^JThe goals of ICIR are to:^J<ul>^J<li>Pursue research on the Internet architecture and related networking issues,^J<li>^JParticipate actively in the research (<a href="http://www.acm.org/sigcomm/">SIGCOMM</a> and <a href="http://www.irtf.org/">IRTF</a>) and^Jstandards (<a href="http://www.ietf.org/">IETF</a>) communities,^J<li> Bridge the gap between the Internet research community and commercial ^Jinterests by providing a neutral forum where topics of mutual technical ^Jinterest can be addressed.^J</ul>^J<p>^J<!--^JICIR is now ^J<a href="jobs.html">^Jhiring</a> for both postdoctoral positions and summer interns.^J-->^J<hr>^J^J<DIV ALIGN="CENTER">^J^J<table width="100%" cellspacing=16 cellpadding=0>^J^J<tr>^J<td width="35%" valign=top>^J^J<h2>^JPeople^J</h2>^J<ul>^J<li>^J<a href="./shenker/">^JScott Shenker</a>, Group Leader<br> ^J<li><a href="http://www.icir.org/mallman/">Mark Allman</a>^J<li>^J<a href="./floyd/">Sally Floyd</a>^J<!--^J<li><a href="http://www.isi.edu/~govindan/">Ramesh Govindan</a>^J-->^J<li>^J<a href="./karp/papers.html">^JRichard Karp</a>  ^J<!-- (also with the ^J<a href="http://www.icsi.berkeley.edu/Theory/">ICSI Theory Group</a>, ^J<a href="http://www.msri.org/">MSRI</a>, and^J<a href="http://www.cs.berkeley.edu/">UC Berkeley</a>) -->^J<li>^J<a href="./vern/">^JVern Paxson</a>  ^J<li>^J<a href="http://www.icir.org/robin/">^JRobin Sommer</a>^J<li>^J<a href="http://www.cs.berkeley.edu/~nweaver/">^JNicholas Weaver</a>^J<li>^J<a href="http://www.icsi.berkeley.edu/~zhao/">^JJerry Zhao</a>^J<!-- </ul> &nbsp; &nbsp;<b>Group Members</b> <ul> -->^J<li><b><a href="pastvisitors.html">Past Group Members</a></b>,^J<br>including:^J<ul>^J<li>^J<a href="http://www.cs.ucl.ac.uk/staff/M.Handley/">^JMark Handley</a> (UCL)^J<li><a href="./kohler/">Eddie Kohler</a> (UCLA)^J</ul>^J<li><b>Affiliated <a href="http://www.xorp.org/">Xorp</a>^JResearchers</b>:^J  <ul>^J  <li><a href="./jcardona/">Javier Cardona</a>^J  <li><a href="./atanu/">Atanu Ghosh</a> ^J  <li><a href="./hodson/">Orion Hodson</a>^J  <li><a href="./pavlin/">Pavlin Radoslavov</a> ^J  <li><a href="http://www.iet.unipi.it/~luigi">Luigi Rizzo</a>^J  <li><a href="http://people.freebsd.org/~bms/">Bruce Simpson</a>^J</ul>^J<li><b>Affiliated UCB Researchers</b>:^J  <ul>^J  <li><a href="http://www.cs.berkeley.edu/~christos/">Christos Papadimitriou</a>^J  <li><a href="http://www.cs.berkeley.edu/~istoica/">Ion Stoica</a>^J  </ul>^J<li><b>Visitors</b>:^J  <ul>^J  <li><a href="http://grid.sjtu.edu.cn/teachers/dengqn/dengqn.htm">Professor Quin-Ni Deng</a>^J<!--^J  from Shanghai Jiaotong University^J-->^J  <li>Teemu Koponen^J<!--^J  , Helsinki Institute for Information Technology^J-->^J  </ul>^J<!--^J<li><a href="pastvisitors.html">Other researchers</a>^J-->^J<a name=Visitors></a>^J<li><b>Interns:</b>^J<ul>^J<li>Juan Caballero^J<li><a href="http://www.stanford.edu/~casado/">Martin Casado</a>^J<li><a href="http://www.cs.rice.edu/~scrosby/">Scott Crosby</a>^J<li><a href="http://bnrg.cs.berkeley.edu/~wdc/">Weidong Cui</a>^J<li><a href="http://www.cs.berkeley.edu/~chema">Chema Gonzalez</a>^J<li>Halldor Isak Gylfason^J<li><a href="http://www.cl.cam.ac.uk/~cpk25/">Christian Kreibich</a>^J<li><a href="http://www.cs.ucsd.edu/~braghava">Barath Raghavan</a>^J<!--^J<li><a href="newinterns.html">New Interns:</a> ^J-->^J</ul>^J<li><b>Undergraduate Interns:</b>^J<ul>^J<li>Michael Hoisie^J<li>Arthur Wayne Liao^J<li>Christopher Portka^J</ul>^J<li><b><a href="pastvisitors.html">Past Visitors and Interns:</a></b>^J</ul>^J^J</td>^J<td width="30%" vali")
 Event [1301452424.689566] http_entity_data([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=8688, state=4], start_time=1301452424.0315, duration=0.552114009857178, service={}, addl="%events-send-1", hot=0, history="ShADd"]F4096"gn=top>^J^J<h2>^JPublications^J</h2>^J<ul>^J<li><a href="./rfcs.html">^JRFCs</a> with ICIR authors.^J<li>^J<a href="./internetdrafts.html">^JInternet drafts</a> with ICIR authors, 3/2004 ^J(or <a href="http://www.rfc-editor.org/idsearch.html">search</a>^Jthe current list).^J<!--^Jfor "Shenker OR Floyd OR Allman OR Paxson".^J(or the ^J<a^Jhref="^Jhttp://search.ietf.org:80/search/cgi-bin/BrokerQuery.pl.cgi?broker=internet-drafts&query=%28Author%3A+Shenker+OR+Floyd+OR+Handley+OR+Paxson+OR+Kohler%29&caseflag=on&wordflag=off&errorflag=0&maxlineflag=50&maxresultflag=1000&descflag=on&sort=by-NML&verbose=on&maxobjflag=25">current list</a>.)^J^Jhttp://search.ietf.org:80/search/cgi-bin/BrokerQuery.pl.cgi?broker=internet-drafts&query=(Shenker+OR+Floyd+OR+Handley+OR+Paxson+OR+Kohler)&descflag=on">current list</a>).^J-->^J<!--^Jfrom the ^J<a href="http://search.ietf.org/search/brokers/internet-drafts/query.html">^JInternet-Drafts Search Engine</a>).^J-->^J<li>Papers by ^J<a href="./shenker/papers.html">Scott Shenker</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Scott%20w/2%20Shenker%20or%20S%20w/2%20Shenker&co=Citations">RI</a>),^J^J<a href="./mallman/papers/">Mark Allman</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Mark%20w/2%20Allman%20or%20S%20w/2%20Allman&co=Citations">RI</a>),^J^J<a href="./floyd/papers.html">Sally Floyd</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Sally%20w/2%20Floyd%20or%20S%20w/2%20Floyd&co=Citations">RI</a>),^J^J<a href="./karp/papers.html">Richard Karp</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Richard%20w/2%20Karp%20or%20R%20w/2%20Karp&co=Citations">RI</a>),^J<a href="./kohler/pubs/">Eddie Kohler</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=eddie%20w/2%20kohler%20or%20e%20w/2%20kohler&co=Citations">RI</a>),^J<a href="./vern/papers.html">Vern Paxson</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Vern%20w/2%20Paxson%20or%20V%20w/2%20Paxson&co=Citations">RI</a>).^J<li>The <a href="http://citeseer.ist.psu.edu/">^JResearchIndex</a> (RI) and the ^J<a href="http://citeseer.ist.psu.edu/cs">Search</a>^Jand ^J<a href="http://citeseer.ist.psu.edu/Networking/">^JNetworking</a> pages. ^J</ul>^J^J<h2>^JProjects ^J</h2>^J<ul>^J<li>^J<a href="./vern/bro-info.html">Bro</a>^J(detecting network intruders). ^J<li>The <a href="http://www.isi.edu/newarch/">NewArch</a> Project:^JFuture-Generation Internet Architecture.^J<LI>The <a href="http://www.isi.edu/nsnam/ns/">NS</a>^Jnetwork simulator.^J<li> <a href="./tbit/">TBIT</a>^J(TCP Behavior Identification Tool).^J<li> <a href="http://www.xorp.org/">Xorp</a>^J(Extensible Open Router Platform).^J<li>^J<a href="./funded_projects.html">^JOther Funded Projects</a>.^J<li>^J<a href="./research.html">^JAdditional Research Links</a>.^J</ul>^J^J^J</td>^J^J<td width="35%" valign=top>^J    ^J<h2>Research</h2>^J&nbsp; &nbsp;<b>Transport and Congestion</b>^J<ul>^J<li>^J<a href="./kohler/dcp/">DCCP</a>^J(Datagram Congestion Control Protocol).^J<li>^J<a href="./floyd/ecn.html">ECN</a>^J(Explicit Congestion Notification).^J<li>^J<a href="http://www.ietf.org/html.charters/intserv-charter.html">^JIntegrated services</a>.^J<li>^J<a href="./floyd/red.html">RED</a> ^Jqueue management, and^J<a href="./red-pd/">RED-PD</a>.^J<li>^J<a href="./floyd/hstcp.html">HighSpeed TCP</a>.^J<li>^J<a^Jhref="http://www.ietf.cnri.reston.va.us/html.charters/OLD/tcpimpl-charter.html">^JTCP Implementation</a>.^J<li>^JReordering-Robust TCP ^J(<a href="./bkarp/RR-TCP/">RR-TCP</a>).^J<li>TCP^J<a href="./floyd/sacks.html">SACK</a> ^J(Selective Acknowledgment).^J<li>^J<a href="./tfrc/">TFRC</a> ^J(TCP-Friendly Rate Control).^J</ul>^J^J&nbsp; &nbsp;<b>Traffic and Topology</b>^J<ul>^J<LI>^J<a href="http://idmaps.eecs.umich.edu/">IDMaps</a> ^J(Internet Distance Mapping).^J<LI>The <a href="http://www.acm.org/sigcomm/ITA/">^JInternet Traffic Archive</a>.^J<li>^J<a href="http://www-net.cs.umass.edu/minc/">MINC</a>^J(Multicast-based Inference of Network-internal Characteristics).^J<li>^J<a href="http://www.psc.edu/networking/nimi/">NIMI</a>^J(N")
 Event [1301452424.832570] http_entity_data([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=9417, state=4], start_time=1301452424.0315, duration=0.73563814163208, service={}, addl="%events-send-1", hot=0, history="ShADd"]F938"ational Internet Measurement Infrastructure).^J</ul>^J^J<h2>^J<a href="./collaborators.html">^JCollaborators</a>^J</h2>^J^J<!--^J&nbsp; &nbsp;<b>Multicast and Multimedia</b>^J<ul>^J<LI><A href="/malloc/">MALLOC</a>^J(Multicast Address Allocation).^J<LI><a href="http://www.cs.columbia.edu/~hgs/sip/">SIP</a>^J(Session Initiation Protocol).^J<li> <a href="yoid"> Yoid</a> (host-based content distribution). ^J</ul>^J-->^J^J</td>^J^J</tr>^J</table>^J</DIV>^J^J<hr>^J<h2>Information for <a href="./abouticir.html">visitors</a> and <a href="/sysdocs/">local users</a>.</h2>^J<hr>^JLast modified: June 2004. <a href="./COPYRIGHTS">Copyright notice</a>.^J<a href="http://web.archive.org/web/*/http://www.aciri.org/">^JOlder versions</a> of this web page, in its ACIRI incarnation..^J<BR>^JFor more information about this server, mail <I>www@aciri.org</I>.  ^J<BR>^JTo report <a href="scanning.html">unusual activity</a> by any of our hosts, mail <I>abuse@aciri.org</I>.^J</BODY>^J")
 Event [1301452424.832570] http_end_entity([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=9417, state=4], start_time=1301452424.0315, duration=0.73563814163208, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F)
 Event [1301452424.832570] http_message_done([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=9417, state=4], start_time=1301452424.0315, duration=0.73563814163208, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F[start=1301452424.39883, interrupted=F, finish_msg="message ends normally", body_length=9130, content_gap_length=0, header_length=265])
 Event [1301452424.990539] net_done(1301452424.99054)
 Event [1301452424.990539] bro_done()
--- a/testing/btest/Baseline/istate.base/receiver.conn.log
+++ b/testing/btest/Baseline/istate.base/receiver.conn.log
@ -0,0 +1 @@
 1301452418.931393 0.182433 141.42.64.125 125.190.109.199 other 56729 12345 tcp ? ? REJ X
--- a/testing/btest/Baseline/istate.base/receiver.http.log
+++ b/testing/btest/Baseline/istate.base/receiver.http.log
@ -0,0 +1,18 @@
 1301452424.282557 %events-rcv-1 start 141.42.64.125:56730 > 125.190.109.199:80
 1301452424.284421 %events-rcv-1 > USER-AGENT: Wget/1.10
 1301452424.284421 %events-rcv-1 > ACCEPT: */*
 1301452424.284421 %events-rcv-1 > HOST: www.icir.org
 1301452424.284421 %events-rcv-1 > CONNECTION: Keep-Alive
 1301452424.465561 %events-rcv-1 < DATE: Fri, 07 Oct 2005 23:23:55 GMT
 1301452424.465561 %events-rcv-1 < SERVER: Apache/1.3.33 (Unix)
 1301452424.465561 %events-rcv-1 < LAST-MODIFIED: Fri, 07 Oct 2005 16:23:01 GMT
 1301452424.465561 %events-rcv-1 < ETAG: "2c96c-23aa-4346a0e5"
 1301452424.465561 %events-rcv-1 < ACCEPT-RANGES: bytes
 1301452424.465561 %events-rcv-1 < CONTENT-LENGTH: 9130
 1301452424.465561 %events-rcv-1 < KEEP-ALIVE: timeout=15, max=100
 1301452424.465561 %events-rcv-1 < CONNECTION: Keep-Alive
 1301452424.465561 %events-rcv-1 < CONTENT-TYPE: text/html
 1301452424.648565 %events-rcv-1 <= 4096 bytes: "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML ..."
 1301452424.689566 %events-rcv-1 <= 4096 bytes: "gn=top>^J^J<h2>^JPublications^J</h2>^J<ul>^J<l..."
 1301452424.832570 %events-rcv-1 <= 938 bytes: "ational Internet Measurement Infrastruct..."
 1301452424.832570 %events-rcv-1 GET / (200 "OK" [9130] www.icir.org)
--- a/testing/btest/Baseline/istate.base/sender.conn.log
+++ b/testing/btest/Baseline/istate.base/sender.conn.log
@ -0,0 +1,2 @@
 1301452418.931393 0.182433 141.42.64.125 125.190.109.199 other 56729 12345 tcp ? ? REJ X
 1301452424.031503 ? 141.42.64.125 125.190.109.199 http 56730 80 tcp 98 9417 S1 X %events-send-1
--- a/testing/btest/Baseline/istate.base/sender.http.log
+++ b/testing/btest/Baseline/istate.base/sender.http.log
@ -0,0 +1,18 @@
 1301452424.214794 %events-send-1 start 141.42.64.125:56730 > 125.190.109.199:80
 1301452424.214794 %events-send-1 > USER-AGENT: Wget/1.10
 1301452424.214794 %events-send-1 > ACCEPT: */*
 1301452424.214794 %events-send-1 > HOST: www.icir.org
 1301452424.214794 %events-send-1 > CONNECTION: Keep-Alive
 1301452424.398834 %events-send-1 < DATE: Fri, 07 Oct 2005 23:23:55 GMT
 1301452424.398834 %events-send-1 < SERVER: Apache/1.3.33 (Unix)
 1301452424.398834 %events-send-1 < LAST-MODIFIED: Fri, 07 Oct 2005 16:23:01 GMT
 1301452424.398834 %events-send-1 < ETAG: "2c96c-23aa-4346a0e5"
 1301452424.398834 %events-send-1 < ACCEPT-RANGES: bytes
 1301452424.398834 %events-send-1 < CONTENT-LENGTH: 9130
 1301452424.398834 %events-send-1 < KEEP-ALIVE: timeout=15, max=100
 1301452424.398834 %events-send-1 < CONNECTION: Keep-Alive
 1301452424.398834 %events-send-1 < CONTENT-TYPE: text/html
 1301452424.583323 %events-send-1 <= 4096 bytes: "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML ..."
 1301452424.583617 %events-send-1 <= 4096 bytes: "gn=top>^J^J<h2>^JPublications^J</h2>^J<ul>^J<l..."
 1301452424.767141 %events-send-1 <= 938 bytes: "ational Internet Measurement Infrastruct..."
 1301452424.767141 %events-send-1 GET / (200 "OK" [9130] www.icir.org)
--- a/testing/btest/Baseline/istate.events/events
+++ b/testing/btest/Baseline/istate.events/events
@ -0,0 +1,33 @@
 Event [1301459542.350102] connection_pending([id=[orig_h=141.42.64.125, orig_p=56729/tcp, resp_h=125.190.109.199, resp_p=12345/tcp], orig=[size=0, state=1], resp=[size=0, state=6], start_time=1301459537.18049, duration=0.182432889938354, service={}, addl="", hot=0, history="Sr"])
 Event [1301459542.350102] connection_state_remove([id=[orig_h=141.42.64.125, orig_p=56729/tcp, resp_h=125.190.109.199, resp_p=12345/tcp], orig=[size=0, state=1], resp=[size=0, state=6], start_time=1301459537.18049, duration=0.182432889938354, service={}, addl="", hot=0, history="Sr"])
 Event [1301459542.350102] new_connection([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=0, state=1], resp=[size=0, state=0], start_time=1301459542.2806, duration=0.0, service={}, addl="cc=1", hot=0, history=""])
 Event [1301459542.531108] connection_established([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=0, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.182510137557983, service={}, addl="", hot=0, history="Sh"])
 Event [1301459542.533110] protocol_confirmation([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="", hot=0, history="ShAD"]165)
 Event [1301459542.533110] http_request([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="", hot=0, history="ShAD"]"GET""/""/""1.0")
 Event [1301459542.533110] http_begin_entity([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="%events-send-1", hot=0, history="ShAD"]T)
 Event [1301459542.533110] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"USER-AGENT""Wget/1.10")
 Event [1301459542.533110] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"ACCEPT""*/*")
 Event [1301459542.533110] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"HOST""www.icir.org")
 Event [1301459542.533110] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"CONNECTION""Keep-Alive")
 Event [1301459542.533110] http_content_type([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T"TEXT""PLAIN")
 Event [1301459542.533110] http_end_entity([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T)
 Event [1301459542.533110] http_message_done([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=0, state=4], start_time=1301459542.2806, duration=0.183290958404541, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShAD"]T[start=1301459542.46389, interrupted=F, finish_msg="message ends normally", body_length=0, content_gap_length=0, header_length=86])
 Event [1301459542.717115] http_reply([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1", hot=0, history="ShADd"]"1.1"200"OK")
 Event [1301459542.717115] http_begin_entity([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F)
 Event [1301459542.717115] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"DATE""Fri, 07 Oct 2005 23:23:55 GMT")
 Event [1301459542.717115] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"SERVER""Apache/1.3.33 (Unix)")
 Event [1301459542.717115] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"LAST-MODIFIED""Fri, 07 Oct 2005 16:23:01 GMT")
 Event [1301459542.717115] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"ETAG"""2c96c-23aa-4346a0e5"")
 Event [1301459542.717115] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"ACCEPT-RANGES""bytes")
 Event [1301459542.717115] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"CONTENT-LENGTH""9130")
 Event [1301459542.717115] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"KEEP-ALIVE""timeout=15, max=100")
 Event [1301459542.717115] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"CONNECTION""Keep-Alive")
 Event [1301459542.717115] http_header([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"CONTENT-TYPE""text/html")
 Event [1301459542.717115] http_content_type([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=1448, state=4], start_time=1301459542.2806, duration=0.367331027984619, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F"TEXT""HTML")
 Event [1301459542.901119] http_entity_data([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=5792, state=4], start_time=1301459542.2806, duration=0.551820039749146, service={}, addl="%events-send-1", hot=0, history="ShADd"]F4096"<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"^J"http://www.w3.org/TR/REC-html40/loose.dtd">^J<HEAD><TITLE>ICIR</TITLE></HEAD>^J<BODY bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#b20000">^J<img src=icir.gif alt="ICIR"><br>^J<p>^JICIR (The ICSI Center for Internet Research)^Jis a ^Jnon-profit^Jresearch institute at^J<a href="http://www.icsi.berkeley.edu">ICSI</a>^Jin ^J<a href="http://dir.yahoo.com/Regional/U_S__States/California/Cities/Berkeley/">Berkeley</a>, ^JCalifornia.<br>^JFor the three years from 1999 to 2001 we were named^JACIRI, the AT&T Center for Internet Research at ICSI, ^Jand were funded by <a href="http://www.att.com">AT&amp;T</a>.<br>^J^JThe goals of ICIR are to:^J<ul>^J<li>Pursue research on the Internet architecture and related networking issues,^J<li>^JParticipate actively in the research (<a href="http://www.acm.org/sigcomm/">SIGCOMM</a> and <a href="http://www.irtf.org/">IRTF</a>) and^Jstandards (<a href="http://www.ietf.org/">IETF</a>) communities,^J<li> Bridge the gap between the Internet research community and commercial ^Jinterests by providing a neutral forum where topics of mutual technical ^Jinterest can be addressed.^J</ul>^J<p>^J<!--^JICIR is now ^J<a href="jobs.html">^Jhiring</a> for both postdoctoral positions and summer interns.^J-->^J<hr>^J^J<DIV ALIGN="CENTER">^J^J<table width="100%" cellspacing=16 cellpadding=0>^J^J<tr>^J<td width="35%" valign=top>^J^J<h2>^JPeople^J</h2>^J<ul>^J<li>^J<a href="./shenker/">^JScott Shenker</a>, Group Leader<br> ^J<li><a href="http://www.icir.org/mallman/">Mark Allman</a>^J<li>^J<a href="./floyd/">Sally Floyd</a>^J<!--^J<li><a href="http://www.isi.edu/~govindan/">Ramesh Govindan</a>^J-->^J<li>^J<a href="./karp/papers.html">^JRichard Karp</a>  ^J<!-- (also with the ^J<a href="http://www.icsi.berkeley.edu/Theory/">ICSI Theory Group</a>, ^J<a href="http://www.msri.org/">MSRI</a>, and^J<a href="http://www.cs.berkeley.edu/">UC Berkeley</a>) -->^J<li>^J<a href="./vern/">^JVern Paxson</a>  ^J<li>^J<a href="http://www.icir.org/robin/">^JRobin Sommer</a>^J<li>^J<a href="http://www.cs.berkeley.edu/~nweaver/">^JNicholas Weaver</a>^J<li>^J<a href="http://www.icsi.berkeley.edu/~zhao/">^JJerry Zhao</a>^J<!-- </ul> &nbsp; &nbsp;<b>Group Members</b> <ul> -->^J<li><b><a href="pastvisitors.html">Past Group Members</a></b>,^J<br>including:^J<ul>^J<li>^J<a href="http://www.cs.ucl.ac.uk/staff/M.Handley/">^JMark Handley</a> (UCL)^J<li><a href="./kohler/">Eddie Kohler</a> (UCLA)^J</ul>^J<li><b>Affiliated <a href="http://www.xorp.org/">Xorp</a>^JResearchers</b>:^J  <ul>^J  <li><a href="./jcardona/">Javier Cardona</a>^J  <li><a href="./atanu/">Atanu Ghosh</a> ^J  <li><a href="./hodson/">Orion Hodson</a>^J  <li><a href="./pavlin/">Pavlin Radoslavov</a> ^J  <li><a href="http://www.iet.unipi.it/~luigi">Luigi Rizzo</a>^J  <li><a href="http://people.freebsd.org/~bms/">Bruce Simpson</a>^J</ul>^J<li><b>Affiliated UCB Researchers</b>:^J  <ul>^J  <li><a href="http://www.cs.berkeley.edu/~christos/">Christos Papadimitriou</a>^J  <li><a href="http://www.cs.berkeley.edu/~istoica/">Ion Stoica</a>^J  </ul>^J<li><b>Visitors</b>:^J  <ul>^J  <li><a href="http://grid.sjtu.edu.cn/teachers/dengqn/dengqn.htm">Professor Quin-Ni Deng</a>^J<!--^J  from Shanghai Jiaotong University^J-->^J  <li>Teemu Koponen^J<!--^J  , Helsinki Institute for Information Technology^J-->^J  </ul>^J<!--^J<li><a href="pastvisitors.html">Other researchers</a>^J-->^J<a name=Visitors></a>^J<li><b>Interns:</b>^J<ul>^J<li>Juan Caballero^J<li><a href="http://www.stanford.edu/~casado/">Martin Casado</a>^J<li><a href="http://www.cs.rice.edu/~scrosby/">Scott Crosby</a>^J<li><a href="http://bnrg.cs.berkeley.edu/~wdc/">Weidong Cui</a>^J<li><a href="http://www.cs.berkeley.edu/~chema">Chema Gonzalez</a>^J<li>Halldor Isak Gylfason^J<li><a href="http://www.cl.cam.ac.uk/~cpk25/">Christian Kreibich</a>^J<li><a href="http://www.cs.ucsd.edu/~braghava">Barath Raghavan</a>^J<!--^J<li><a href="newinterns.html">New Interns:</a> ^J-->^J</ul>^J<li><b>Undergraduate Interns:</b>^J<ul>^J<li>Michael Hoisie^J<li>Arthur Wayne Liao^J<li>Christopher Portka^J</ul>^J<li><b><a href="pastvisitors.html">Past Visitors and Interns:</a></b>^J</ul>^J^J</td>^J<td width="30%" vali")
 Event [1301459542.941139] http_entity_data([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=8688, state=4], start_time=1301459542.2806, duration=0.552114009857178, service={}, addl="%events-send-1", hot=0, history="ShADd"]F4096"gn=top>^J^J<h2>^JPublications^J</h2>^J<ul>^J<li><a href="./rfcs.html">^JRFCs</a> with ICIR authors.^J<li>^J<a href="./internetdrafts.html">^JInternet drafts</a> with ICIR authors, 3/2004 ^J(or <a href="http://www.rfc-editor.org/idsearch.html">search</a>^Jthe current list).^J<!--^Jfor "Shenker OR Floyd OR Allman OR Paxson".^J(or the ^J<a^Jhref="^Jhttp://search.ietf.org:80/search/cgi-bin/BrokerQuery.pl.cgi?broker=internet-drafts&query=%28Author%3A+Shenker+OR+Floyd+OR+Handley+OR+Paxson+OR+Kohler%29&caseflag=on&wordflag=off&errorflag=0&maxlineflag=50&maxresultflag=1000&descflag=on&sort=by-NML&verbose=on&maxobjflag=25">current list</a>.)^J^Jhttp://search.ietf.org:80/search/cgi-bin/BrokerQuery.pl.cgi?broker=internet-drafts&query=(Shenker+OR+Floyd+OR+Handley+OR+Paxson+OR+Kohler)&descflag=on">current list</a>).^J-->^J<!--^Jfrom the ^J<a href="http://search.ietf.org/search/brokers/internet-drafts/query.html">^JInternet-Drafts Search Engine</a>).^J-->^J<li>Papers by ^J<a href="./shenker/papers.html">Scott Shenker</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Scott%20w/2%20Shenker%20or%20S%20w/2%20Shenker&co=Citations">RI</a>),^J^J<a href="./mallman/papers/">Mark Allman</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Mark%20w/2%20Allman%20or%20S%20w/2%20Allman&co=Citations">RI</a>),^J^J<a href="./floyd/papers.html">Sally Floyd</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Sally%20w/2%20Floyd%20or%20S%20w/2%20Floyd&co=Citations">RI</a>),^J^J<a href="./karp/papers.html">Richard Karp</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Richard%20w/2%20Karp%20or%20R%20w/2%20Karp&co=Citations">RI</a>),^J<a href="./kohler/pubs/">Eddie Kohler</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=eddie%20w/2%20kohler%20or%20e%20w/2%20kohler&co=Citations">RI</a>),^J<a href="./vern/papers.html">Vern Paxson</a>^J(<a^Jhref="http://citeseer.ist.psu.edu/cs?qb=dbnum%3D1%2Cqtype%3Dcitation:&q=Vern%20w/2%20Paxson%20or%20V%20w/2%20Paxson&co=Citations">RI</a>).^J<li>The <a href="http://citeseer.ist.psu.edu/">^JResearchIndex</a> (RI) and the ^J<a href="http://citeseer.ist.psu.edu/cs">Search</a>^Jand ^J<a href="http://citeseer.ist.psu.edu/Networking/">^JNetworking</a> pages. ^J</ul>^J^J<h2>^JProjects ^J</h2>^J<ul>^J<li>^J<a href="./vern/bro-info.html">Bro</a>^J(detecting network intruders). ^J<li>The <a href="http://www.isi.edu/newarch/">NewArch</a> Project:^JFuture-Generation Internet Architecture.^J<LI>The <a href="http://www.isi.edu/nsnam/ns/">NS</a>^Jnetwork simulator.^J<li> <a href="./tbit/">TBIT</a>^J(TCP Behavior Identification Tool).^J<li> <a href="http://www.xorp.org/">Xorp</a>^J(Extensible Open Router Platform).^J<li>^J<a href="./funded_projects.html">^JOther Funded Projects</a>.^J<li>^J<a href="./research.html">^JAdditional Research Links</a>.^J</ul>^J^J^J</td>^J^J<td width="35%" valign=top>^J    ^J<h2>Research</h2>^J&nbsp; &nbsp;<b>Transport and Congestion</b>^J<ul>^J<li>^J<a href="./kohler/dcp/">DCCP</a>^J(Datagram Congestion Control Protocol).^J<li>^J<a href="./floyd/ecn.html">ECN</a>^J(Explicit Congestion Notification).^J<li>^J<a href="http://www.ietf.org/html.charters/intserv-charter.html">^JIntegrated services</a>.^J<li>^J<a href="./floyd/red.html">RED</a> ^Jqueue management, and^J<a href="./red-pd/">RED-PD</a>.^J<li>^J<a href="./floyd/hstcp.html">HighSpeed TCP</a>.^J<li>^J<a^Jhref="http://www.ietf.cnri.reston.va.us/html.charters/OLD/tcpimpl-charter.html">^JTCP Implementation</a>.^J<li>^JReordering-Robust TCP ^J(<a href="./bkarp/RR-TCP/">RR-TCP</a>).^J<li>TCP^J<a href="./floyd/sacks.html">SACK</a> ^J(Selective Acknowledgment).^J<li>^J<a href="./tfrc/">TFRC</a> ^J(TCP-Friendly Rate Control).^J</ul>^J^J&nbsp; &nbsp;<b>Traffic and Topology</b>^J<ul>^J<LI>^J<a href="http://idmaps.eecs.umich.edu/">IDMaps</a> ^J(Internet Distance Mapping).^J<LI>The <a href="http://www.acm.org/sigcomm/ITA/">^JInternet Traffic Archive</a>.^J<li>^J<a href="http://www-net.cs.umass.edu/minc/">MINC</a>^J(Multicast-based Inference of Network-internal Characteristics).^J<li>^J<a href="http://www.psc.edu/networking/nimi/">NIMI</a>^J(N")
 Event [1301459543.085124] http_entity_data([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=9417, state=4], start_time=1301459542.2806, duration=0.73563814163208, service={}, addl="%events-send-1", hot=0, history="ShADd"]F938"ational Internet Measurement Infrastructure).^J</ul>^J^J<h2>^J<a href="./collaborators.html">^JCollaborators</a>^J</h2>^J^J<!--^J&nbsp; &nbsp;<b>Multicast and Multimedia</b>^J<ul>^J<LI><A href="/malloc/">MALLOC</a>^J(Multicast Address Allocation).^J<LI><a href="http://www.cs.columbia.edu/~hgs/sip/">SIP</a>^J(Session Initiation Protocol).^J<li> <a href="yoid"> Yoid</a> (host-based content distribution). ^J</ul>^J-->^J^J</td>^J^J</tr>^J</table>^J</DIV>^J^J<hr>^J<h2>Information for <a href="./abouticir.html">visitors</a> and <a href="/sysdocs/">local users</a>.</h2>^J<hr>^JLast modified: June 2004. <a href="./COPYRIGHTS">Copyright notice</a>.^J<a href="http://web.archive.org/web/*/http://www.aciri.org/">^JOlder versions</a> of this web page, in its ACIRI incarnation..^J<BR>^JFor more information about this server, mail <I>www@aciri.org</I>.  ^J<BR>^JTo report <a href="scanning.html">unusual activity</a> by any of our hosts, mail <I>abuse@aciri.org</I>.^J</BODY>^J")
 Event [1301459543.085124] http_end_entity([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=9417, state=4], start_time=1301459542.2806, duration=0.73563814163208, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F)
 Event [1301459543.085124] http_message_done([id=[orig_h=141.42.64.125, orig_p=56730/tcp, resp_h=125.190.109.199, resp_p=80/tcp], orig=[size=98, state=4], resp=[size=9417, state=4], start_time=1301459542.2806, duration=0.73563814163208, service={}, addl="%events-send-1 %events-rcv-1", hot=0, history="ShADd"]F[start=1301459542.64793, interrupted=F, finish_msg="message ends normally", body_length=9130, content_gap_length=0, header_length=265])
 Event [1301459543.238173] net_done(1301459543.23817)
 Event [1301459543.238173] bro_done()
--- a/testing/btest/Baseline/istate.events/receiver.conn.log
+++ b/testing/btest/Baseline/istate.events/receiver.conn.log
@ -0,0 +1 @@
 1301459537.180494 0.182433 141.42.64.125 125.190.109.199 other 56729 12345 tcp ? ? REJ X
--- a/testing/btest/Baseline/istate.events/receiver.http.log
+++ b/testing/btest/Baseline/istate.events/receiver.http.log
@ -0,0 +1,18 @@
 1301459542.533110 %events-rcv-1 start 141.42.64.125:56730 > 125.190.109.199:80
 1301459542.533110 %events-rcv-1 > USER-AGENT: Wget/1.10
 1301459542.533110 %events-rcv-1 > ACCEPT: */*
 1301459542.533110 %events-rcv-1 > HOST: www.icir.org
 1301459542.533110 %events-rcv-1 > CONNECTION: Keep-Alive
 1301459542.717115 %events-rcv-1 < DATE: Fri, 07 Oct 2005 23:23:55 GMT
 1301459542.717115 %events-rcv-1 < SERVER: Apache/1.3.33 (Unix)
 1301459542.717115 %events-rcv-1 < LAST-MODIFIED: Fri, 07 Oct 2005 16:23:01 GMT
 1301459542.717115 %events-rcv-1 < ETAG: "2c96c-23aa-4346a0e5"
 1301459542.717115 %events-rcv-1 < ACCEPT-RANGES: bytes
 1301459542.717115 %events-rcv-1 < CONTENT-LENGTH: 9130
 1301459542.717115 %events-rcv-1 < KEEP-ALIVE: timeout=15, max=100
 1301459542.717115 %events-rcv-1 < CONNECTION: Keep-Alive
 1301459542.717115 %events-rcv-1 < CONTENT-TYPE: text/html
 1301459542.901119 %events-rcv-1 <= 4096 bytes: "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML ..."
 1301459542.941139 %events-rcv-1 <= 4096 bytes: "gn=top>^J^J<h2>^JPublications^J</h2>^J<ul>^J<l..."
 1301459543.085124 %events-rcv-1 <= 938 bytes: "ational Internet Measurement Infrastruct..."
 1301459543.085124 %events-rcv-1 GET / (200 "OK" [9130] www.icir.org)
--- a/testing/btest/Baseline/istate.events/sender.conn.log
+++ b/testing/btest/Baseline/istate.events/sender.conn.log
@ -0,0 +1,2 @@
 1301459537.180494 0.182433 141.42.64.125 125.190.109.199 other 56729 12345 tcp ? ? REJ X
 1301459542.280604 ? 141.42.64.125 125.190.109.199 http 56730 80 tcp 98 9417 S1 X %events-send-1
--- a/testing/btest/Baseline/istate.events/sender.http.log
+++ b/testing/btest/Baseline/istate.events/sender.http.log
@ -0,0 +1,18 @@
 1301459542.463895 %events-send-1 start 141.42.64.125:56730 > 125.190.109.199:80
 1301459542.463895 %events-send-1 > USER-AGENT: Wget/1.10
 1301459542.463895 %events-send-1 > ACCEPT: */*
 1301459542.463895 %events-send-1 > HOST: www.icir.org
 1301459542.463895 %events-send-1 > CONNECTION: Keep-Alive
 1301459542.647935 %events-send-1 < DATE: Fri, 07 Oct 2005 23:23:55 GMT
 1301459542.647935 %events-send-1 < SERVER: Apache/1.3.33 (Unix)
 1301459542.647935 %events-send-1 < LAST-MODIFIED: Fri, 07 Oct 2005 16:23:01 GMT
 1301459542.647935 %events-send-1 < ETAG: "2c96c-23aa-4346a0e5"
 1301459542.647935 %events-send-1 < ACCEPT-RANGES: bytes
 1301459542.647935 %events-send-1 < CONTENT-LENGTH: 9130
 1301459542.647935 %events-send-1 < KEEP-ALIVE: timeout=15, max=100
 1301459542.647935 %events-send-1 < CONNECTION: Keep-Alive
 1301459542.647935 %events-send-1 < CONTENT-TYPE: text/html
 1301459542.832424 %events-send-1 <= 4096 bytes: "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML ..."
 1301459542.832718 %events-send-1 <= 4096 bytes: "gn=top>^J^J<h2>^JPublications^J</h2>^J<ul>^J<l..."
 1301459543.016242 %events-send-1 <= 938 bytes: "ational Internet Measurement Infrastruct..."
 1301459543.016242 %events-send-1 GET / (200 "OK" [9130] www.icir.org)
--- a/testing/btest/Baseline/istate.persistence/vars.read.log
+++ b/testing/btest/Baseline/istate.persistence/vars.read.log
@ -0,0 +1,33 @@
 42
 -42
 Hallihallo
 1.2.3.4
 1.2.0.0/16
 3.14
 131.159
 42.0 secs
 {
 [1] = qwerty,
 [2] = uiop
 }
 file "test" of string
 /^?(12345)$?/
 {
 1,
 5,
 3,
 2,
 4
 }
 {
 [2, DEF] = 102,
 [1, ABC] = 101,
 [3, GHI] = 103
 }
 {
 [12345] = /^?(12345)$?/,
 [12346] = /^?(12345)$?/
 }
 42/udp
 [1, 2, 3]
 [a=yuyuyu, b=[a=rec1, b=100, c=1.24], c=[a=rec2, b=200, c=2.24], d=7.77]
--- a/testing/btest/Baseline/istate.persistence/vars.write.log
+++ b/testing/btest/Baseline/istate.persistence/vars.write.log
@ -0,0 +1,33 @@
 42
 -42
 Hallihallo
 1.2.3.4
 1.2.0.0/16
 3.14
 131.159
 42.0 secs
 {
 [1] = qwerty,
 [2] = uiop
 }
 file "test" of string
 /^?(12345)$?/
 {
 1,
 5,
 2,
 4,
 3
 }
 {
 [1, ABC] = 101,
 [2, DEF] = 102,
 [3, GHI] = 103
 }
 {
 [12345] = /^?(12345)$?/,
 [12346] = /^?(12345)$?/
 }
 42/udp
 [1, 2, 3]
 [a=yuyuyu, b=[a=rec1, b=100, c=1.24], c=[a=rec2, b=200, c=2.24], d=7.77]
--- a/testing/btest/Baseline/istate.sync/receiver.vars.log
+++ b/testing/btest/Baseline/istate.sync/receiver.vars.log
@ -0,0 +1,34 @@
 421
 1234567
 Jodel
 4.3.2.1
 4.0.0.0/8
 21.0
 192.150.186
 42.0 secs
 {
 [1] = asdfg2,
 [3] = asdfg1
 }
 file "test2" of string
 /^?(abbcdefgh)$?/
 {
 4,
 6,
 3,
 2,
 5
 }
 {
 [4, JKL] = 104,
 [3, GHI] = 103,
 [2, DEF] = 103
 }
 {
 [12345] = /^?(12345)$?/,
 [6767] = /^?(QWERTZ)$?/,
 [12346] = /^?(12345)$?/
 }
 6667/tcp
 [2, 20, 3, 4]
 [a=zxzxzx, b=[a=pop, b=43, c=9.999], c=[a=IOIOI, b=201, c=612.2], d=6.6666]
--- a/testing/btest/Baseline/istate.sync/sender.vars.log
+++ b/testing/btest/Baseline/istate.sync/sender.vars.log
@ -0,0 +1,34 @@
 421
 1234567
 Jodel
 4.3.2.1
 4.0.0.0/8
 21.0
 192.150.186
 42.0 secs
 {
 [1] = asdfg2,
 [3] = asdfg1
 }
 file "test2" of string
 /^?(abbcdefgh)$?/
 {
 5,
 4,
 6,
 3,
 2
 }
 {
 [3, GHI] = 103,
 [4, JKL] = 104,
 [2, DEF] = 103
 }
 {
 [6767] = /^?(QWERTZ)$?/,
 [12345] = /^?(12345)$?/,
 [12346] = /^?(12345)$?/
 }
 6667/tcp
 [2, 20, 3, 4]
 [a=zxzxzx, b=[a=pop, b=43, c=9.999], c=[a=IOIOI, b=201, c=612.2], d=6.6666]
--- a/testing/btest/Traces/empty.trace
+++ b/testing/btest/Traces/empty.trace
--- a/testing/btest/Traces/web.trace
+++ b/testing/btest/Traces/web.trace
--- a/testing/btest/istate/broccoli.bro
+++ b/testing/btest/istate/broccoli.bro
@ -0,0 +1,12 @@
 # @TEST-REQUIRES: grep -vq '#define BROv6' $BUILD/config.h
 # @TEST-REQUIRES: test -e $BUILD/aux/broccoli/src/libbroccoli.so
 #
 # @TEST-EXEC: btest-bg-run bro bro $DIST/aux/broccoli/test/broping-record.bro
 # @TEST-EXEC: sleep 1
 # @TEST-EXEC: btest-bg-run broccoli $BUILD/aux/broccoli/test/broping -r -c 5 127.0.0.1
 # @TEST-EXEC: sleep 1
 # @TEST-EXEC: btest-bg-wait -k 5
 # @TEST-EXEC: btest-diff bro/.stdout.log
 # @TEST-EXEC: btest-diff broccoli/.stdout.log
--- a/testing/btest/istate/events.bro
+++ b/testing/btest/istate/events.bro
@ -0,0 +1,61 @@
 #
 # @TEST-EXEC: btest-bg-run sender   bro -C -r $TRACES/web.trace --pseudo-realtime ../sender.bro
 # @TEST-EXEC: sleep 1
 # @TEST-EXEC: btest-bg-run receiver bro ../receiver.bro
 # @TEST-EXEC: sleep 1
 # @TEST-EXEC: btest-bg-wait -k 5
 #
 # @TEST-EXEC: btest-diff sender/conn.log
 # @TEST-EXEC: btest-diff sender/http.log
 # @TEST-EXEC: btest-diff receiver/conn.log
 # @TEST-EXEC: btest-diff receiver/http.log
 # @TEST-EXEC: cat receiver/http.log | sed 's/^\([^ ]* \)\{2\}//' >http.rec.log
 # @TEST-EXEC: cat sender/http.log | sed 's/^\([^ ]* \)\{2\}//' >http.snd.log
 # @TEST-EXEC: cmp http.rec.log http.snd.log
 #
 # @TEST-EXEC: bro -x receiver/events.bst | sed 's/127.0.0.1:[0-9]*//g' | grep -v Event.*remote_ >events
 # @TEST-EXEC: btest-diff events
@TEST-START-FILE sender.bro
@load tcp
@load http-request
@load http-reply
@load http-header
@load http-body
@load http-abstract
@load listen-clear
@load capture-events	
 redef peer_description = "events-send";
 # Make sure the HTTP connection really gets out.
 # (We still miss one final connection event because we shutdown before
 # it gets propagated but that's ok.)
 redef tcp_close_delay = 0secs;
@TEST-END-FILE
 #############
@TEST-START-FILE receiver.bro
@load tcp
@load http-request
@load http-reply
@load http-header
@load http-body
@load http-abstract
@load capture-events	
@load remote
 redef peer_description = "events-rcv";
 redef Remote::destinations += {
    ["foo"] = [$host = 127.0.0.1, $events = /.*/, $connect=T]
 };
@TEST-END-FILE
--- a/testing/btest/istate/persistence.bro
+++ b/testing/btest/istate/persistence.bro
@ -0,0 +1,113 @@
 #
 # @TEST-EXEC: bro -r $TRACES/empty.trace write.bro %INPUT 
 # @TEST-EXEC: cp vars.log vars.write.log
 # @TEST-EXEC: bro read.bro %INPUT 
 # @TEST-EXEC: cp vars.log vars.read.log
 # @TEST-EXEC: btest-diff vars.read.log
 # @TEST-EXEC: btest-diff vars.write.log
 # @TEST-EXEC: cmp vars.read.log vars.write.log
 ### Common code for reader and writer.
 event bro_done()
 	{
 	local out = open("vars.log");
 	print out, foo1;
 	print out, foo2;
 	print out, foo3;
 	print out, foo4;
 	print out, foo5;
 	print out, foo6;
 	print out, foo7;
 	print out, foo8;
 	print out, foo9;
 	print out, foo10;
 	print out, foo11;
 	print out, foo12;
 	print out, foo13;
 	print out, foo14;
 	print out, foo15;
 	print out, foo16;
 	print out, foo17;
 	}
@TEST-START-FILE read.bro
 global foo1: count &persistent &synchronized;
 global foo2: int &persistent &synchronized;
 global foo3: string &persistent &synchronized; 
 global foo4: addr &persistent &synchronized; 
 global foo5: subnet &persistent &synchronized; 
 global foo6: double &persistent &synchronized; 
 global foo7: net &persistent &synchronized; 
 global foo8: interval &persistent &synchronized; 
 global foo9: table[count] of string &persistent &synchronized;
 global foo10: file &persistent &synchronized; 
 global foo11: pattern &persistent &synchronized; 
 global foo12: set[count] &persistent &synchronized; 
 global foo13: table[count, string] of count &persistent &synchronized;
 global foo14: table[count] of pattern &persistent &synchronized;
 global foo15: port &persistent &synchronized;
 global foo16: vector of count &persistent &synchronized;
 type type1: record {
    a: string;
    b: count &default=42;
    c: double &optional;
    };
 type type2: record {
    a: string;
    b: type1;
    c: type1;
    d: double;
    };
 global foo17: type2  &persistent &synchronized;
@TEST-END-FILE
@TEST-START-FILE write.bro
 global foo1 = 42 &persistent &synchronized;
 global foo2 = -42 &persistent &synchronized;
 global foo3 = "Hallihallo" &persistent &synchronized; 
 global foo4 = 1.2.3.4 &persistent &synchronized; 
 global foo5 = 1.2.0.0/16 &persistent &synchronized; 
 global foo6 = 3.14 &persistent &synchronized; 
 global foo7 = 131.159. &persistent &synchronized; 
 global foo8 = 42 secs &persistent &synchronized; 
 global foo9 = { [1] = "qwerty", [2] = "uiop" } &persistent &synchronized;
 global foo10 = open("test") &persistent &synchronized; 
 global foo11 = /12345/ &persistent &synchronized; 
 global foo12 = { 1,2,3,4,5 } &persistent &synchronized; 
 global foo13  =  { [1,"ABC"] = 101, [2,"DEF"] = 102, [3,"GHI"] = 103 } &persistent &synchronized;
 global foo14  =  { [12345] = foo11, [12346] = foo11 } &persistent &synchronized;
 global foo15 = 42/udp &persistent &synchronized;
 global foo16: vector of count = [1,2,3] &persistent &synchronized;
 type type1: record {
    a: string;
    b: count &default=42;
    c: double &optional;
    };
 type type2: record {
    a: string;
    b: type1;
    c: type1;
    d: double;
    };
 global foo17: type2 = [
 	$a = "yuyuyu",
    $b = [$a="rec1", $b=100, $c=1.24],
    $c = [$a="rec2", $b=200, $c=2.24],
   	$d = 7.77				   
 	] &persistent &synchronized;
@TEST-END-FILE
--- a/testing/btest/istate/pybroccoli.py
+++ b/testing/btest/istate/pybroccoli.py
@ -0,0 +1,13 @@
 # @TEST-REQUIRES: grep -vq '#define BROv6' $BUILD/config.h
 # @TEST-REQUIRES: test -e $BUILD/aux/broccoli/src/libbroccoli.so
 # @TEST-REQUIRES: test -e $BUILD/aux/broccoli/bindings/broccoli-python/_broccoli_intern.so
 #
 # @TEST-EXEC: btest-bg-run bro bro $DIST/aux/broccoli/bindings/broccoli-python/tests/test.bro
 # @TEST-EXEC: sleep 1
 # @TEST-EXEC: btest-bg-run python python $DIST/aux/broccoli/bindings/broccoli-python/tests/test.py
 # @TEST-EXEC: sleep 1
 # @TEST-EXEC: btest-bg-wait -k 5
 # @TEST-EXEC: btest-diff bro/.stdout.log
 # @TEST-EXEC: btest-diff broccoli/.stdout.log
--- a/testing/btest/istate/sync.bro
+++ b/testing/btest/istate/sync.bro
@ -0,0 +1,164 @@
 #
 # @TEST-EXEC: btest-bg-run sender   bro %INPUT ../sender.bro
 # @TEST-EXEC: sleep 1
 # @TEST-EXEC: btest-bg-run receiver bro %INPUT ../receiver.bro
 # @TEST-EXEC: sleep 1
 # @TEST-EXEC: btest-bg-wait -k 5
 #
 # @TEST-EXEC: btest-diff sender/vars.log
 # @TEST-EXEC: btest-diff receiver/vars.log
 # @TEST-EXEC: cmp sender/vars.log receiver/vars.log
 ### Common code for sender and receiver.
 # Instantiate variables.
 global foo1 = 42 &persistent &synchronized;
 global foo2 = -42 &persistent &synchronized;
 global foo3 = "Hallihallo" &persistent &synchronized; 
 global foo4 = 1.2.3.4 &persistent &synchronized; 
 global foo5 = 1.2.0.0/16 &persistent &synchronized; 
 global foo6 = 3.14 &persistent &synchronized; 
 global foo7 = 131.159. &persistent &synchronized; 
 global foo8 = 42 secs &persistent &synchronized; 
 global foo9 = { [1] = "qwerty", [2] = "uiop" } &persistent &synchronized;
 global foo10 = open("test") &persistent &synchronized; 
 global foo11 = /12345/ &persistent &synchronized; 
 global foo12 = { 1,2,3,4,5 } &persistent &synchronized; 
 global foo13  =  { [1,"ABC"] = 101, [2,"DEF"] = 102, [3,"GHI"] = 103 } &persistent &synchronized;
 global foo14  =  { [12345] = foo11, [12346] = foo11 } &persistent &synchronized;
 global foo15 = 42/udp &persistent &synchronized;
 global foo16: vector of count = [1,2,3] &persistent &synchronized;
 type type1: record {
    a: string;
    b: count &default=42;
    c: double &optional;
    };
 type type2: record {
    a: string;
    b: type1;
    c: type1;
    d: double;
    };
 global foo17: type2 = [
 	$a = "yuyuyu",
    $b = [$a="rec1", $b=100, $c=1.24],
    $c = [$a="rec2", $b=200, $c=2.24],
   	$d = 7.77				   
 	] &persistent &synchronized;
 # Print variables.
 event bro_done()
 	{
 	local out = open("vars.log");
 	print out, foo1;
 	print out, foo2;
 	print out, foo3;
 	print out, foo4;
 	print out, foo5;
 	print out, foo6;
 	print out, foo7;
 	print out, foo8;
 	print out, foo9;
 	print out, foo10;
 	print out, foo11;
 	print out, foo12;
 	print out, foo13;
 	print out, foo14;
 	print out, foo15;
 	print out, foo16;
 	print out, foo17;
 	}
@TEST-START-FILE sender.bro
 # Perform modifications on variables.
 function modify()
 	{
 	foo1 = 420;
 	++foo1;
 	--foo2;
 	foo3 = "Jodel";
 	foo4 = 4.3.2.1; 
 	foo5 = 4.0.0.0/8; 
 	foo6 = 21;
 	foo7 = 192.150.186; 
 	foo9[3] = "asdfg1";
 	foo9[1] = "asdfg2";
 	delete foo9[2];
 	foo10 = open("test2");
 	foo11 = /abbcdefgh/;
 	add foo12[6];
 	delete foo12[1];
 	foo13[4,"JKL"] = 104;
 	delete foo13[1,"ABC"];
 	++foo13[2,"DEF"];
 	foo14[6767] = /QWERTZ/;
 	foo15 = 6667/tcp;
 	foo16[4] = 4;
 	foo16[2] = 20;
 	++foo16[1];
 	local x: type1;
 	x$a = "pop";
 	++x$b;
 	x$c = 9.999;
 	foo17$a = "zxzxzx";
 	foo17$b = x;
 	foo17$c$a = "IOIOI";
 	++foo17$c$b;
 	foo17$c$c = 612.2;
 	foo17$d = 6.6666;
 	foo2 = 1234567;
 }
@load listen-clear
 event remote_connection_handshake_done(p: event_peer)
 	{
 	modify();
 	terminate_communication();
 	}
 redef Remote::destinations += {
    ["foo"] = [$host = 127.0.0.1, $sync=T]
 };
@TEST-END-FILE
 #############
@TEST-START-FILE receiver.bro
@load capture-events	
@load remote
 redef Remote::destinations += {
    ["foo"] = [$host = 127.0.0.1, $events = /.*/, $connect=T, $sync=T]
 };
@TEST-END-FILE
		`@ -0,0 +1 @@`
							`1301452418.931393 0.182433 141.42.64.125 125.190.109.199 other 56729 12345 tcp ? ? REJ X`
		`@ -0,0 +1,2 @@`
							`1301452418.931393 0.182433 141.42.64.125 125.190.109.199 other 56729 12345 tcp ? ? REJ X`
							`1301452424.031503 ? 141.42.64.125 125.190.109.199 http 56730 80 tcp 98 9417 S1 X %events-send-1`
		`@ -0,0 +1 @@`
							`1301459537.180494 0.182433 141.42.64.125 125.190.109.199 other 56729 12345 tcp ? ? REJ X`
		`@ -0,0 +1,2 @@`
							`1301459537.180494 0.182433 141.42.64.125 125.190.109.199 other 56729 12345 tcp ? ? REJ X`
							`1301459542.280604 ? 141.42.64.125 125.190.109.199 http 56730 80 tcp 98 9417 S1 X %events-send-1`