Weird settings: make constants into options.

The new weird settings are now all updateable during runtime.
2025-10-09 18:18:19 +00:00 · 2018-09-05 12:59:57 -07:00 · 2018-09-05 12:59:57 -07:00 · bec98b98f3
commit bec98b98f3
parent 5c68093bc3
9 changed files with 675 additions and 12 deletions
--- a/scripts/base/frameworks/config/load.bro
+++ b/scripts/base/frameworks/config/load.bro
@ -1,2 +1,3 @@
@load ./main
@load ./input
+@load ./weird
--- a/scripts/base/frameworks/config/weird.bro
+++ b/scripts/base/frameworks/config/weird.bro
@ -0,0 +1,44 @@
+##! This script sets up the config framework change handlers for weirds.
+
+@load ./main
+
+module Config;
+
+function weird_option_change_sampling_whitelist(ID: string, new_value: string_set, location: string) : string_set
+	{
+	if ( ID == "Weird::sampling_whitelist" )
+		{
+		Reporter::set_weird_sampling_whitelist(new_value);
+		}
+	return new_value;
+	}
+
+function weird_option_change_count(ID: string, new_value: count, location: string) : count
+	{
+	if ( ID == "Weird::sampling_threshold" )
+		{
+		Reporter::set_weird_sampling_threshold(new_value);
+		}
+	else if ( ID == "Weird::sampling_rate" )
+		{
+		Reporter::set_weird_sampling_rate(new_value);
+		}
+	return new_value;
+	}
+
+function weird_option_change_interval(ID: string, new_value: interval, location: string) : interval
+	{
+	if ( ID == "Weird::sampling_duration" )
+		{
+		Reporter::set_weird_sampling_duration(new_value);
+		}
+	return new_value;
+	}
+
+event bro_init() &priority=5
+	{
+	Option::set_change_handler("Weird::sampling_whitelist", weird_option_change_sampling_whitelist, 5);
+	Option::set_change_handler("Weird::sampling_threshold", weird_option_change_count, 5);
+	Option::set_change_handler("Weird::sampling_rate", weird_option_change_count, 5);
+	Option::set_change_handler("Weird::sampling_duration", weird_option_change_interval, 5);
+	}
--- a/scripts/base/init-bare.bro
+++ b/scripts/base/init-bare.bro
@ -4847,18 +4847,18 @@ export {
 module Weird;
 export {
 	## Prevents rate-limiting sampling of any weirds named in the table.
-	const sampling_whitelist: set[string] &redef;
+	option sampling_whitelist: set[string] = {};

 	## How many weirds of a given type to tolerate before sampling begins.
 	## I.e. this many consecutive weirds of a given type will be allowed to
 	## raise events for script-layer handling before being rate-limited.
-	const sampling_threshold = 25 &redef;
+	option sampling_threshold : count = 25;

 	## The rate-limiting sampling rate. One out of every of this number of
 	## rate-limited weirds of a given type will be allowed to raise events
 	## for further script-layer handling. Setting the sampling rate to 0
 	## will disable all output of rate-limited weirds.
-	const sampling_rate = 1000 &redef;
+	option sampling_rate : count = 1000;

 	## How long a weird of a given type is allowed to keep state/counters in
 	## memory. For "net" weirds an expiration timer starts per weird name when
@ -4871,7 +4871,7 @@ export {
 	## begins for "foo" and upon triggering will reset the counter for "foo"
 	## and unthrottle its rate-limiting until it once again exceeds the
 	## threshold.
-	const sampling_duration = 10min &redef;
+	option sampling_duration = 10min;
 }

 module GLOBAL;