Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix some stupid, not that easy to find bugs.

Browse source 
Functionality seems to work completely again - including all tests passing.
This commit is contained in:
Bernhard Amann 2012-03-18 10:50:10 -07:00
parent 3286d013c9
commit bf597012f8
9 changed files with 690 additions and 314 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/input/Manager.cc
View file

@ -837,7 +837,7 @@ int Manager::SendEntryTable(Filter* i, const Value* const *vals) {
Ref(valval); Ref(valval);
if ( filter->num_val_fields == 0 ) { if ( filter->num_val_fields == 0 ) {
Ref(filter->description); Ref(filter->description);
SendEvent(filter->event, 4, filter->description->Ref(), ev, predidx); SendEvent(filter->event, 3, filter->description->Ref(), ev, predidx);
} else { } else {
SendEvent(filter->event, 4, filter->description->Ref(), ev, predidx, valval); SendEvent(filter->event, 4, filter->description->Ref(), ev, predidx, valval);
} }
@ -898,7 +898,7 @@ void Manager::EndCurrentSend(ReaderFrontend* reader) {
Ref(predidx); Ref(predidx);
Ref(val); Ref(val);
bool result = CallPred(filter->pred, 3, ev, predidx, val); bool result = CallPred(filter->pred, 4, filter->description->Ref(), ev, predidx, val);
if ( result == false ) { if ( result == false ) {
// Keep it. Hence - we quit and simply go to the next entry of lastDict // Keep it. Hence - we quit and simply go to the next entry of lastDict
@ -943,7 +943,7 @@ void Manager::EndCurrentSend(ReaderFrontend* reader) {
} }
SendEvent(handler, 2, new BroString(i->name), new BroString(i->source)); SendEvent(handler, 2, new StringVal(i->name.c_str()), new StringVal(i->source.c_str()));
} }
void Manager::Put(ReaderFrontend* reader, Value* *vals) { void Manager::Put(ReaderFrontend* reader, Value* *vals) {
@ -1154,7 +1154,7 @@ bool Manager::Delete(ReaderFrontend* reader, Value* *vals) {
int startpos = 0; int startpos = 0;
Val* predidx = ValueToRecordVal(vals, filter->itype, &startpos); Val* predidx = ValueToRecordVal(vals, filter->itype, &startpos);
filterresult = CallPred(filter->pred, 3, ev, predidx, val); filterresult = CallPred(filter->pred, 4, filter->description->Ref(), ev, predidx, val);
if ( filterresult == false ) { if ( filterresult == false ) {
// keep it. // keep it.
@ -1170,7 +1170,7 @@ bool Manager::Delete(ReaderFrontend* reader, Value* *vals) {
assert(val != 0); assert(val != 0);
Ref(val); Ref(val);
EnumVal *ev = new EnumVal(BifEnum::Input::EVENT_REMOVED, BifType::Enum::Input::Event); EnumVal *ev = new EnumVal(BifEnum::Input::EVENT_REMOVED, BifType::Enum::Input::Event);
SendEvent(filter->event, 3, ev, idxval, val); SendEvent(filter->event, 4, filter->description->Ref(), ev, idxval, val);
} }
} }

2
src/input/ReaderBackend.cc
View file

@ -177,6 +177,8 @@ bool ReaderBackend::Init(string arg_source, int mode, const int arg_num_fields,
DisableFrontend(); DisableFrontend();
} }
disabled = !success;
return success; return success;
} }

8
src/input/readers/Ascii.cc
View file

@ -89,6 +89,9 @@ bool Ascii::DoInit(string path, int arg_mode, int arg_num_fields, const Field* c
mode = arg_mode; mode = arg_mode;
mtime = 0; mtime = 0;
num_fields = arg_num_fields;
fields = arg_fields;
if ( ( mode != MANUAL ) && (mode != REREAD) && ( mode != STREAM ) ) { if ( ( mode != MANUAL ) && (mode != REREAD) && ( mode != STREAM ) ) {
Error(Fmt("Unsupported read mode %d for source %s", mode, path.c_str())); Error(Fmt("Unsupported read mode %d for source %s", mode, path.c_str()));
return false; return false;
@ -106,9 +109,6 @@ bool Ascii::DoInit(string path, int arg_mode, int arg_num_fields, const Field* c
return false; return false;
} }
num_fields = arg_num_fields;
fields = arg_fields;
switch ( mode ) { switch ( mode ) {
case MANUAL: case MANUAL:
case REREAD: case REREAD:
@ -480,7 +480,7 @@ bool Ascii::DoUpdate() {
bool Ascii::DoHeartbeat(double network_time, double current_time) bool Ascii::DoHeartbeat(double network_time, double current_time)
{ {
ReaderBackend::DoHeartbeat(network_time, current_time); ReaderBackend::DoHeartbeat(network_time, current_time);
switch ( mode ) { switch ( mode ) {
case MANUAL: case MANUAL:
// yay, we do nothing :) // yay, we do nothing :)

160
testing/btest/Baseline/scripts.base.frameworks.input.repeat/out Normal file
View file

@ -0,0 +1,160 @@
input0
input.log
{
[1] = T
}
input1
input.log
{
[1] = T
}
input2
input.log
{
[1] = T
}
input3
input.log
{
[1] = T
}
input4
input.log
{
[1] = T
}
input5
input.log
{
[1] = T
}
input6
input.log
{
[1] = T
}
input7
input.log
{
[1] = T
}
input8
input.log
{
[1] = T
}
input9
input.log
{
[1] = T
}
input10
input.log
{
[1] = T
}
input11
input.log
{
[1] = T
}
input12
input.log
{
[1] = T
}
input13
input.log
{
[1] = T
}
input14
input.log
{
[1] = T
}
input15
input.log
{
[1] = T
}
input16
input.log
{
[1] = T
}
input17
input.log
{
[1] = T
}
input18
input.log
{
[1] = T
}
input19
input.log
{
[1] = T
}
input20
input.log
{
[1] = T
}
input21
input.log
{
[1] = T
}
input22
input.log
{
[1] = T
}
input23
input.log
{
[1] = T
}
input24
input.log
{
[1] = T
}
input25
input.log
{
[1] = T
}
input26
input.log
{
[1] = T
}
input27
input.log
{
[1] = T
}
input28
input.log
{
[1] = T
}
input29
input.log
{
[1] = T
}
input30
input.log
{
[1] = T
}
input31
input.log
{
[1] = T
}

662
testing/btest/Baseline/scripts.base.frameworks.input.reread/out
View file

@ -14,8 +14,44 @@ BB
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
============EVENT============ ============EVENT============
Description
[source=../input.log, reader=Input::READER_ASCII, mode=Input::REREAD, autostart=T, name=ssh, destination={
[-42] = [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
}, idx=<no value description>, val=<no value description>, want_record=T, ev=line
{
print A::outfile, ============EVENT============;
print A::outfile, Description;
print A::outfile, A::description;
print A::outfile, Type;
print A::outfile, A::tpe;
print A::outfile, Left;
print A::outfile, A::left;
print A::outfile, Right;
print A::outfile, A::right;
}, pred=anonymous-function
{
print A::outfile, ============PREDICATE============;
print A::outfile, A::typ;
print A::outfile, A::left;
print A::outfile, A::right;
return (T);
}]
Type
Input::EVENT_NEW Input::EVENT_NEW
Left
[i=-42] [i=-42]
Right
[b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
@ -59,8 +95,56 @@ BB
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
============EVENT============ ============EVENT============
Description
[source=../input.log, reader=Input::READER_ASCII, mode=Input::REREAD, autostart=T, name=ssh, destination={
[-43] = [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-42] = [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
}, idx=<no value description>, val=<no value description>, want_record=T, ev=line
{
print A::outfile, ============EVENT============;
print A::outfile, Description;
print A::outfile, A::description;
print A::outfile, Type;
print A::outfile, A::tpe;
print A::outfile, Left;
print A::outfile, A::left;
print A::outfile, Right;
print A::outfile, A::right;
}, pred=anonymous-function
{
print A::outfile, ============PREDICATE============;
print A::outfile, A::typ;
print A::outfile, A::left;
print A::outfile, A::right;
return (T);
}]
Type
Input::EVENT_NEW Input::EVENT_NEW
Left
[i=-43] [i=-43]
Right
[b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
@ -116,8 +200,56 @@ BB
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
============EVENT============ ============EVENT============
Description
[source=../input.log, reader=Input::READER_ASCII, mode=Input::REREAD, autostart=T, name=ssh, destination={
[-43] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-42] = [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
}, idx=<no value description>, val=<no value description>, want_record=T, ev=line
{
print A::outfile, ============EVENT============;
print A::outfile, Description;
print A::outfile, A::description;
print A::outfile, Type;
print A::outfile, A::tpe;
print A::outfile, Left;
print A::outfile, A::left;
print A::outfile, Right;
print A::outfile, A::right;
}, pred=anonymous-function
{
print A::outfile, ============PREDICATE============;
print A::outfile, A::typ;
print A::outfile, A::left;
print A::outfile, A::right;
return (T);
}]
Type
Input::EVENT_CHANGED Input::EVENT_CHANGED
Left
[i=-43] [i=-43]
Right
[b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
@ -173,8 +305,68 @@ BB
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
============EVENT============ ============EVENT============
Description
[source=../input.log, reader=Input::READER_ASCII, mode=Input::REREAD, autostart=T, name=ssh, destination={
[-43] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-44] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-42] = [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
}, idx=<no value description>, val=<no value description>, want_record=T, ev=line
{
print A::outfile, ============EVENT============;
print A::outfile, Description;
print A::outfile, A::description;
print A::outfile, Type;
print A::outfile, A::tpe;
print A::outfile, Left;
print A::outfile, A::left;
print A::outfile, Right;
print A::outfile, A::right;
}, pred=anonymous-function
{
print A::outfile, ============PREDICATE============;
print A::outfile, A::typ;
print A::outfile, A::left;
print A::outfile, A::right;
return (T);
}]
Type
Input::EVENT_NEW Input::EVENT_NEW
Left
[i=-44] [i=-44]
Right
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
@ -203,8 +395,80 @@ BB
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
============EVENT============ ============EVENT============
Description
[source=../input.log, reader=Input::READER_ASCII, mode=Input::REREAD, autostart=T, name=ssh, destination={
[-43] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-44] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-45] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-42] = [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
}, idx=<no value description>, val=<no value description>, want_record=T, ev=line
{
print A::outfile, ============EVENT============;
print A::outfile, Description;
print A::outfile, A::description;
print A::outfile, Type;
print A::outfile, A::tpe;
print A::outfile, Left;
print A::outfile, A::left;
print A::outfile, Right;
print A::outfile, A::right;
}, pred=anonymous-function
{
print A::outfile, ============PREDICATE============;
print A::outfile, A::typ;
print A::outfile, A::left;
print A::outfile, A::right;
return (T);
}]
Type
Input::EVENT_NEW Input::EVENT_NEW
Left
[i=-45] [i=-45]
Right
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
@ -233,8 +497,92 @@ BB
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
============EVENT============ ============EVENT============
Description
[source=../input.log, reader=Input::READER_ASCII, mode=Input::REREAD, autostart=T, name=ssh, destination={
[-43] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-46] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-44] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-45] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-42] = [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
}, idx=<no value description>, val=<no value description>, want_record=T, ev=line
{
print A::outfile, ============EVENT============;
print A::outfile, Description;
print A::outfile, A::description;
print A::outfile, Type;
print A::outfile, A::tpe;
print A::outfile, Left;
print A::outfile, A::left;
print A::outfile, Right;
print A::outfile, A::right;
}, pred=anonymous-function
{
print A::outfile, ============PREDICATE============;
print A::outfile, A::typ;
print A::outfile, A::left;
print A::outfile, A::right;
return (T);
}]
Type
Input::EVENT_NEW Input::EVENT_NEW
Left
[i=-46] [i=-46]
Right
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
@ -263,8 +611,104 @@ BB
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
============EVENT============ ============EVENT============
Description
[source=../input.log, reader=Input::READER_ASCII, mode=Input::REREAD, autostart=T, name=ssh, destination={
[-43] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-46] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-44] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-47] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-45] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]],
[-42] = [b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
}, idx=<no value description>, val=<no value description>, want_record=T, ev=line
{
print A::outfile, ============EVENT============;
print A::outfile, Description;
print A::outfile, A::description;
print A::outfile, Type;
print A::outfile, A::tpe;
print A::outfile, Left;
print A::outfile, A::left;
print A::outfile, Right;
print A::outfile, A::right;
}, pred=anonymous-function
{
print A::outfile, ============PREDICATE============;
print A::outfile, A::typ;
print A::outfile, A::left;
print A::outfile, A::right;
return (T);
}]
Type
Input::EVENT_NEW Input::EVENT_NEW
Left
[i=-47] [i=-47]
Right
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
@ -293,22 +737,8 @@ BB
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
============EVENT============ ============EVENT============
Input::EVENT_NEW Description
[i=-48] [source=../input.log, reader=Input::READER_ASCII, mode=Input::REREAD, autostart=T, name=ssh, destination={
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
==========SERVERS============
{
[-43] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [-43] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
@ -393,10 +823,30 @@ BB
}, se={ }, se={
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
} }, idx=<no value description>, val=<no value description>, want_record=T, ev=line
============PREDICATE============ {
Input::EVENT_REMOVED print A::outfile, ============EVENT============;
[i=-43] print A::outfile, Description;
print A::outfile, A::description;
print A::outfile, Type;
print A::outfile, A::tpe;
print A::outfile, Left;
print A::outfile, A::left;
print A::outfile, Right;
print A::outfile, A::right;
}, pred=anonymous-function
{
print A::outfile, ============PREDICATE============;
print A::outfile, A::typ;
print A::outfile, A::left;
print A::outfile, A::right;
return (T);
}]
Type
Input::EVENT_NEW
Left
[i=-48]
Right
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
@ -408,175 +858,10 @@ AA,
BB BB
}, se={ }, se={
}, vc=[10, 20, 30], ve=[]]
============PREDICATE============
Input::EVENT_REMOVED
[i=-46]
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============PREDICATE============
Input::EVENT_REMOVED
[i=-44]
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============PREDICATE============
Input::EVENT_REMOVED
[i=-47]
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============PREDICATE============
Input::EVENT_REMOVED
[i=-45]
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============PREDICATE============
Input::EVENT_REMOVED
[i=-42]
[b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============EVENT============
Input::EVENT_REMOVED
[i=-43]
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============EVENT============
Input::EVENT_REMOVED
[i=-46]
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============EVENT============
Input::EVENT_REMOVED
[i=-44]
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============EVENT============
Input::EVENT_REMOVED
[i=-47]
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============EVENT============
Input::EVENT_REMOVED
[i=-45]
[b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]]
============EVENT============
Input::EVENT_REMOVED
[i=-42]
[b=T, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2,
4,
1,
3
}, ss={
CC,
AA,
BB
}, se={
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]]
==========SERVERS============ ==========SERVERS============
{ {
[-48] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={ [-43] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0, s=hurz, sc={
2, 2,
4, 4,
1, 1,
@ -587,6 +872,5 @@ AA,
BB BB
}, se={ }, se={
}, vc=[10, 20, 30], ve=[]] }, vc=[10, 20, 30], ve=[]],
} [-46] = [b=F, e=SSH::LOG, c=21, p=123/unknown, sn=10.0.0.0/24, a=1.2.3.4, d=3.14, t=1315801931.273616, iv=100.0,
done

15
testing/btest/Baseline/scripts.base.frameworks.input.twofilters/out
View file

@ -1,15 +0,0 @@
VALID
VALID
VALID
VALID
VALID
VALID
VALID
MARK
VALID
VALID
VALID
VALID
VALID
VALID
VALID

41
testing/btest/scripts/base/frameworks/input/repeat.bro Normal file
View file

@ -0,0 +1,41 @@
#
# @TEST-EXEC: bro -b %INPUT >out
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
#separator \x09
#path ssh
#fields i b
#types int bool
1 T
@TEST-END-FILE
redef InputAscii::empty_field = "EMPTY";
module A;
type Idx: record {
i: int;
};
type Val: record {
b: bool;
};
global destination: table[int] of Val = table();
const one_to_32: vector of count = {1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32};
event bro_init()
{
for ( i in one_to_32 ) {
Input::add_table([$source="input.log", $name=fmt("input%d", i), $idx=Idx, $val=Val, $destination=destination, $want_record=F]);
Input::remove(fmt("input%d", i));
}
}
event Input::update_finished(name: string, source: string) {
print name;
print source;
print destination;
}

6
testing/btest/scripts/base/frameworks/input/reread.bro
View file

@ -92,9 +92,13 @@ global try: count;
event line(description: Input::TableDescription, tpe: Input::Event, left: Idx, right: Val) { event line(description: Input::TableDescription, tpe: Input::Event, left: Idx, right: Val) {
print outfile, "============EVENT============"; print outfile, "============EVENT============";
#print outfile, description; print outfile, "Description";
print outfile, description;
print outfile, "Type";
print outfile, tpe; print outfile, tpe;
print outfile, "Left";
print outfile, left; print outfile, left;
print outfile, "Right";
print outfile, right; print outfile, right;
} }

100
testing/btest/scripts/base/frameworks/input/twofilters.bro
View file

@ -1,100 +0,0 @@
#
# @TEST-EXEC: bro %INPUT >out
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
#separator \x09
#path ssh
#fields i b
#types int bool
1 T
2 T
3 F
4 F
5 F
6 F
7 T
@TEST-END-FILE
redef InputAscii::empty_field = "EMPTY";
module A;
type Idx: record {
i: int;
};
type Val: record {
b: bool;
};
global destination1: table[int] of Val = table();
global destination2: table[int] of Val = table();
global done: bool = F;
event bro_init()
{
# first read in the old stuff into the table...
Input::create_stream(A::INPUT, [$source="input.log", $autostart=F]);
Input::add_tablefilter(A::INPUT, [$name="input", $idx=Idx, $val=Val, $destination=destination1, $want_record=F,
$pred(typ: Input::Event, left: Idx, right: bool) = { return right; }
]);
Input::add_tablefilter(A::INPUT, [$name="input2",$idx=Idx, $val=Val, $destination=destination2]);
Input::force_update(A::INPUT);
}
event Input::update_finished(name: string, source: string) {
if ( done == T ) {
return;
}
done = T;
if ( 1 in destination1 ) {
print "VALID";
}
if ( 2 in destination1 ) {
print "VALID";
}
if ( !(3 in destination1) ) {
print "VALID";
}
if ( !(4 in destination1) ) {
print "VALID";
}
if ( !(5 in destination1) ) {
print "VALID";
}
if ( !(6 in destination1) ) {
print "VALID";
}
if ( 7 in destination1 ) {
print "VALID";
}
print "MARK";
if ( 2 in destination2 ) {
print "VALID";
}
if ( 2 in destination2 ) {
print "VALID";
}
if ( 3 in destination2 ) {
print "VALID";
}
if ( 4 in destination2 ) {
print "VALID";
}
if ( 5 in destination2 ) {
print "VALID";
}
if ( 6 in destination2 ) {
print "VALID";
}
if ( 7 in destination2 ) {
print "VALID";
}
}