Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Removing legacy binpac analyzer for DNS and HTTP.

Browse source
This commit is contained in:
Robin Sommer 2013-04-03 13:38:08 -07:00
parent e0c4bd1a82
commit bfda42b9e9
13 changed files with 5 additions and 866 deletions
Download patch file Download diff file Expand all files Collapse all files

12
scripts/base/protocols/dns/main.bro
View file

@ -117,19 +117,13 @@ redef capture_filters += {
["netbios-ns"] = "udp port 137",
};
const dns_udp_ports = { 53/udp, 137/udp, 5353/udp, 5355/udp };
const dns_tcp_ports = { 53/tcp };
redef likely_server_ports += { dns_udp_ports, dns_tcp_ports };
const ports = { 53/udp, 53/tcp, 137/udp, 5353/udp, 5355/udp };
redef likely_server_ports += { ports };
event bro_init() &priority=5
{
Log::create_stream(DNS::LOG, [$columns=Info, $ev=log_dns]);
Analyzer::register_for_ports(Analyzer::ANALYZER_DNS, dns_tcp_ports);
Analyzer::register_for_ports(Analyzer::ANALYZER_DNS, dns_udp_ports);
Analyzer::register_for_ports(Analyzer::ANALYZER_DNS_TCP_BINPAC, dns_tcp_ports);
Analyzer::register_for_ports(Analyzer::ANALYZER_DNS_UDP_BINPAC, dns_udp_ports);
Analyzer::register_for_ports(Analyzer::ANALYZER_DNS, ports);
}
function new_session(c: connection, trans_id: count): Info