mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
Updating CHANGES and VERSION.
This commit is contained in:
Robin Sommer
parent
fea63eef30
commit
cdb27a953d
3 changed files with 73 additions and 8 deletions
4
CHANGES
4
CHANGES
|
|
@ -1,4 +1,8 @@
|
|||
|
||||
2.4-907 | 2016-08-09 15:42:17 -0400
|
||||
|
||||
* Updating NEWS.
|
||||
|
||||
2.4-905 | 2016-08-09 08:19:37 -0700
|
||||
|
||||
* GSSAPI analyzer now forwards authentication blobs more correctly.
|
||||
|
|
|
|||
75
NEWS
75
NEWS
|
|
@ -4,8 +4,8 @@ release. For an exhaustive list of changes, see the ``CHANGES`` file
|
|||
(note that submodules, such as BroControl and Broccoli, come with
|
||||
their own ``CHANGES``.)
|
||||
|
||||
Bro 2.5 (in progress)
|
||||
=====================
|
||||
Bro 2.5
|
||||
=======
|
||||
|
||||
New Dependencies
|
||||
----------------
|
||||
|
|
@ -137,6 +137,39 @@ New Functionality
|
|||
- Table expiration timeout expressions are evaluated dynamically as
|
||||
timestmaps are updated.
|
||||
|
||||
- The pcap buffer size can be set through the new option Pcap::bufsize.
|
||||
|
||||
- Input framework readers Table and Event can now define a custom
|
||||
event to receive logging messages.
|
||||
|
||||
- New BroControl functionality in aux/broctl:
|
||||
|
||||
- There is a new node type "logger" that can be specified in
|
||||
node.cfg (that file has a commented-out example). The purpose of
|
||||
this new node type is to receive logs from all nodes in a cluster
|
||||
in order to reduce the load on the manager node. However, if
|
||||
there is no "logger" node, then the manager node will handle
|
||||
logging as usual.
|
||||
|
||||
- The post-terminate script will send email if it fails to archive
|
||||
any log files. These mails can be turned off by changing the
|
||||
value of the new BroControl option MailArchiveLogFail.
|
||||
|
||||
- Added the ability for "broctl deploy" to reload the BroControl
|
||||
configuration (both broctl.cfg and node.cfg). This happens
|
||||
automatically if broctl detects any changes to those config files
|
||||
since the last time the config was loaded. Note that this feature
|
||||
is relevant only when using the BroControl shell interactively.
|
||||
|
||||
- The BroControl plugin API has a new function "broctl_config".
|
||||
This gives plugin authors the ability to add their own script code
|
||||
to the autogenerated broctl-config.bro script.
|
||||
|
||||
- There is a new BroControl plugin for custom load balancing. This
|
||||
plugin can be used by setting "lb_method=custom" for your worker
|
||||
nodes in node.cfg. To support packet source plugins, it allows
|
||||
configuration of a prefix and suffix for the interface name.
|
||||
|
||||
- New Bro plugins in aux/plugins:
|
||||
|
||||
- af_packet: Native AF_PACKET support.
|
||||
|
|
@ -147,11 +180,6 @@ New Functionality
|
|||
- redis: An experimental log writer for Redis.
|
||||
- tcprs: An TCP-level analyzer detecting retransmissions, reordering, and more.
|
||||
|
||||
- The pcap buffer size can be set through the new option Pcap::bufsize.
|
||||
|
||||
- Input framework readers Table and Event can now define a custom
|
||||
event to receive logging messages.
|
||||
|
||||
Changed Functionality
|
||||
---------------------
|
||||
|
||||
|
|
@ -209,6 +237,39 @@ Changed Functionality
|
|||
would refuse to inspect the payload. Now, Bro will consider these
|
||||
connections as complete and all analyzers will process them notmally.
|
||||
|
||||
- Changed BroControl functionality in aux/broctl:
|
||||
|
||||
- The networks.cfg file now contains private IP space 172.16.0.0/12
|
||||
by default.
|
||||
|
||||
- Upon startup, if broctl can't get IP addresses from the "ifconfig"
|
||||
command for any reason, then broctl will now also try to use the
|
||||
"ip" command.
|
||||
|
||||
- BroControl will now automatically search the Bro plugin directory
|
||||
for BroControl plugins (in addition to all the other places where
|
||||
BroControl searches). This enables automatic loading of
|
||||
BroControl plugins that are provided by a Bro plugin.
|
||||
|
||||
- Changed the default value of the StatusCmdShowAll option so that
|
||||
the "broctl status" command runs faster. This also means that
|
||||
there is no longer a "Peers" column in the status output by
|
||||
default.
|
||||
|
||||
- Users can now specify a more granular log expiration interval. The
|
||||
BroControl option LogExpireInterval can be set to an arbitrary
|
||||
time interval instead of just an integer number of days. The time
|
||||
interval is specified as an integer followed by a time unit:
|
||||
"day", "hr", or "min". For backward compatibility, an integer
|
||||
value without a time unit is still interpreted as a number of
|
||||
days.
|
||||
|
||||
- Changed the text of crash report emails. Now crash reports tell
|
||||
the user to forward the mail to the Bro team only when a backtrace
|
||||
is included in the crash report. If there is no backtrace, then
|
||||
the crash report includes instructions on how to get backtraces
|
||||
included in future crash reports.
|
||||
|
||||
Removed Functionality
|
||||
---------------------
|
||||
|
||||
|
|
|
|||
2
VERSION
2
VERSION
|
|
@ -1 +1 @@
|
|||
2.4-905
|
||||
2.4-907
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue