From c73bb8fdc4361f08b0333861e3e2dd9798bc6f7d Mon Sep 17 00:00:00 2001
From: Jon Siwek <jsiwek@corelight.com>
Date: Thu, 6 Sep 2018 18:26:20 -0500
Subject: [PATCH] Disable broker message forwarding by default

Still finding it to not be foolproof enough to enable generally for all
nodes in a cluster.  Specific/advanced use-cases may still consider
enabling, possibly just for specific nodes.
---
 CHANGES                                                      | 4 ++++
 VERSION                                                      | 2 +-
 aux/broker                                                   | 2 +-
 scripts/base/frameworks/broker/main.bro                      | 2 +-
 testing/btest/scripts/base/frameworks/cluster/forwarding.bro | 2 ++
 5 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index 1927e61d07..15e7a5041b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,8 @@
 
+2.5-983 | 2018-09-06 18:26:20 -0500
+
+  * Disable broker message forwarding by default (Jon Siwek, Corelight)
+
 2.5-982 | 2018-09-06 08:58:09 -0500
 
   * Documentation updates (Daniel Thayer)
diff --git a/VERSION b/VERSION
index 2dfbf3a711..9468fbc13a 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.5-982
+2.5-983
diff --git a/aux/broker b/aux/broker
index 96c574a9de..88242c8ca0 160000
--- a/aux/broker
+++ b/aux/broker
@@ -1 +1 @@
-Subproject commit 96c574a9de7709d73715a91368a5ef52de1af6ef
+Subproject commit 88242c8ca0e8745df1fe6ba115b54d9f5c160095
diff --git a/scripts/base/frameworks/broker/main.bro b/scripts/base/frameworks/broker/main.bro
index 613ebed14e..f00edfe1ba 100644
--- a/scripts/base/frameworks/broker/main.bro
+++ b/scripts/base/frameworks/broker/main.bro
@@ -74,7 +74,7 @@ export {
 	const max_sleep = 0 &redef;
 
 	## Forward all received messages to subscribing peers.
-	const forward_messages = T &redef;
+	const forward_messages = F &redef;
 
 	## The default topic prefix where logs will be published.  The log's stream
 	## id is appended when writing to a particular stream.
diff --git a/testing/btest/scripts/base/frameworks/cluster/forwarding.bro b/testing/btest/scripts/base/frameworks/cluster/forwarding.bro
index e6e743ec0f..db60b48a05 100644
--- a/testing/btest/scripts/base/frameworks/cluster/forwarding.bro
+++ b/testing/btest/scripts/base/frameworks/cluster/forwarding.bro
@@ -28,6 +28,8 @@ global peer_count = 0;
 global peers_lost = 0;
 global fully_connected_nodes = 0;
 
+redef Broker::forward_messages = T;
+
 event forwarded_event()
 	{
 	print "got forwarded event";