Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 16:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Adding Files::register_for_mime_type() to associate a file analyzer

Browse source 
with a MIME type.

Whenever that MIME is detected, Bro will now automatically activate
the analyzer. The interface mimics how well-known ports are defined
for protocol analyzers.

This isn't actually used by any existing file analyzer (because we
don't have any yet that target a specific file format), but there's a
test making sure it works.
This commit is contained in:
Robin Sommer 2014-07-21 16:31:22 +02:00
parent ab3d214a90
commit c9524757d2
9 changed files with 104 additions and 675 deletions
Download patch file Download diff file Expand all files Collapse all files

9
testing/btest/scripts/base/frameworks/file-analysis/bifs/register_mime_type.bro Normal file
View file

@ -0,0 +1,9 @@
# @TEST-EXEC: bro -r $TRACES/http/get.trace %INPUT
# @TEST-EXEC: btest-diff files.log
event bro_init()
{
Files::register_for_mime_type(Files::ANALYZER_MD5, "text/plain");
};