Merge remote-tracking branch 'origin/topic/seth/notice-suppression'

* origin/topic/seth/notice-suppression: Updated a notice related baseline and added a necessary @load line. Notice suppression clean up and notice/cluster integrtion fixes. Updates for notice suppression to use the &create_expire attribute Small, mostly cosmetic updates and fixing a test. Fix crash on exit (addresses #607). Duplicate notice suppression. Closes #623.
2025-10-17 14:08:20 +00:00 · 2011-09-22 19:20:19 -07:00 · 2011-09-22 19:20:19 -07:00 · c9b9bab473
commit c9b9bab473
parent fc491c087b d18fdef2d4
17 changed files with 323 additions and 44 deletions
--- a/testing/btest/scripts/base/frameworks/notice/cluster.bro
+++ b/testing/btest/scripts/base/frameworks/notice/cluster.bro
@ -0,0 +1,29 @@
+# @TEST-EXEC: btest-bg-run manager-1 BROPATH=$BROPATH:.. CLUSTER_NODE=manager-1 bro %INPUT
+# @TEST-EXEC: btest-bg-run proxy-1   BROPATH=$BROPATH:.. CLUSTER_NODE=proxy-1 bro %INPUT
+# @TEST-EXEC: sleep 1
+# @TEST-EXEC: btest-bg-run worker-1  BROPATH=$BROPATH:.. CLUSTER_NODE=worker-1 bro %INPUT
+# @TEST-EXEC: btest-bg-wait -k 6
+# @TEST-EXEC: btest-diff manager-1/notice.log
+
+@TEST-START-FILE cluster-layout.bro
+redef Cluster::nodes = {
+	["manager-1"] = [$node_type=Cluster::MANAGER, $ip=127.0.0.1, $p=27757/tcp, $workers=set("worker-1")],
+	["proxy-1"] = [$node_type=Cluster::PROXY,     $ip=127.0.0.1, $p=27758/tcp, $manager="manager-1", $workers=set("worker-1")],
+	["worker-1"] = [$node_type=Cluster::WORKER,   $ip=127.0.0.1, $p=27760/tcp, $manager="manager-1", $proxy="proxy-1", $interface="eth0"],
+};
+@TEST-END-FILE
+
+redef enum Notice::Type += {
+	Test_Notice,
+};
+
+event delayed_notice()
+	{
+	if ( Cluster::node == "worker-1" )
+		NOTICE([$note=Test_Notice, $msg="test notice!"]);
+	}
+
+event bro_init()
+	{
+	schedule 1secs { delayed_notice() };
+	}
--- a/testing/btest/scripts/base/frameworks/notice/suppression-cluster.bro
+++ b/testing/btest/scripts/base/frameworks/notice/suppression-cluster.bro
@ -0,0 +1,35 @@
+# @TEST-EXEC: btest-bg-run manager-1 BROPATH=$BROPATH:.. CLUSTER_NODE=manager-1 bro %INPUT
+# @TEST-EXEC: btest-bg-run proxy-1   BROPATH=$BROPATH:.. CLUSTER_NODE=proxy-1 bro %INPUT
+# @TEST-EXEC: sleep 1
+# @TEST-EXEC: btest-bg-run worker-1  BROPATH=$BROPATH:.. CLUSTER_NODE=worker-1 bro %INPUT
+# @TEST-EXEC: btest-bg-run worker-2  BROPATH=$BROPATH:.. CLUSTER_NODE=worker-2 bro %INPUT
+# @TEST-EXEC: btest-bg-wait -k 5
+# @TEST-EXEC: btest-diff manager-1/notice.log
+
+@TEST-START-FILE cluster-layout.bro
+redef Cluster::nodes = {
+	["manager-1"] = [$node_type=Cluster::MANAGER, $ip=127.0.0.1, $p=27757/tcp, $workers=set("worker-1", "worker-2")],
+	["proxy-1"] = [$node_type=Cluster::PROXY,     $ip=127.0.0.1, $p=27758/tcp, $manager="manager-1", $workers=set("worker-1", "worker-2")],
+	["worker-1"] = [$node_type=Cluster::WORKER,   $ip=127.0.0.1, $p=27760/tcp, $manager="manager-1", $proxy="proxy-1"],
+	["worker-2"] = [$node_type=Cluster::WORKER,   $ip=127.0.0.1, $p=27761/tcp, $manager="manager-1", $proxy="proxy-1"],
+};
+@TEST-END-FILE
+
+redef enum Notice::Type += {
+	Test_Notice,
+};
+
+event delayed_notice()
+	{
+	NOTICE([$note=Test_Notice,
+	        $msg="test notice!",
+	        $identifier="this identifier is static"]);
+	}
+
+event bro_init() &priority=5
+	{
+	if ( Cluster::node == "worker-1" )
+		schedule 4secs { delayed_notice() };
+	if ( Cluster::node == "worker-2" )
+		schedule 1secs { delayed_notice() };
+	}
--- a/testing/btest/scripts/base/frameworks/notice/suppression-disable.bro
+++ b/testing/btest/scripts/base/frameworks/notice/suppression-disable.bro
@ -0,0 +1,16 @@
+# @TEST-EXEC: bro -b %INPUT
+# @TEST-EXEC: btest-diff notice.log
+
+@load base/frameworks/notice
+
+redef enum Notice::Type += {
+	Test_Notice,
+};
+
+redef Notice::not_suppressed_types += { Test_Notice };
+
+event bro_init()
+	{
+	NOTICE([$note=Test_Notice, $msg="test", $identifier="static"]);
+	NOTICE([$note=Test_Notice, $msg="another test", $identifier="static"]);
+	}
--- a/testing/btest/scripts/base/frameworks/notice/suppression.bro
+++ b/testing/btest/scripts/base/frameworks/notice/suppression.bro
@ -0,0 +1,23 @@
+# @TEST-EXEC: bro -b %INPUT
+# @TEST-EXEC: btest-diff notice.log
+
+@load base/frameworks/notice
+
+redef enum Notice::Type += {
+	Test_Notice,
+};
+
+# The second notice needs to be scheduled due to how the notice framework
+# uses the event queue.
+
+event second_notice()
+	{
+	NOTICE([$note=Test_Notice, $msg="another test", $identifier="static"]);
+	}
+
+event bro_init()
+	{
+	NOTICE([$note=Test_Notice, $msg="test", $identifier="static"]);
+	schedule 1msec { second_notice() };
+	}
+