Merge remote-tracking branch 'origin/master' into topic/seth/sumstats-updates

2025-10-04 07:38:19 +00:00 · 2013-08-02 13:17:48 -04:00 · 2013-08-02 13:17:48 -04:00 · d6edbd27b1
commit d6edbd27b1
parent 4f8100774c 1b40412818
96 changed files with 3085 additions and 839 deletions
--- a/scripts/policy/frameworks/packet-filter/shunt.bro
+++ b/scripts/policy/frameworks/packet-filter/shunt.bro
@ -34,8 +34,8 @@ export {
 	global current_shunted_host_pairs: function(): set[conn_id];

 	redef enum Notice::Type += {
-		## Indicative that :bro:id:`max_bpf_shunts` connections are already
-		## being shunted with BPF filters and no more are allowed.
+		## Indicative that :bro:id:`PacketFilter::max_bpf_shunts` connections
+		## are already being shunted with BPF filters and no more are allowed.
 		No_More_Conn_Shunts_Available,

 		## Limitations in BPF make shunting some connections with BPF impossible.
--- a/scripts/policy/misc/load-balancing.bro
+++ b/scripts/policy/misc/load-balancing.bro
@ -12,12 +12,12 @@ export {
 		## Apply BPF filters to each worker in a way that causes them to
 		## automatically flow balance traffic between them.
 		AUTO_BPF,
-		## Load balance traffic across the workers by making each one apply
-		## a restrict filter to only listen to a single MAC address.  This
-		## is a somewhat common deployment option for sites doing network
-		## based load balancing with MAC address rewriting and passing the
-		## traffic to a single interface.  Multiple MAC addresses will show
-		## up on the same interface and need filtered to a single address.
+		# Load balance traffic across the workers by making each one apply
+		# a restrict filter to only listen to a single MAC address.  This
+		# is a somewhat common deployment option for sites doing network
+		# based load balancing with MAC address rewriting and passing the
+		# traffic to a single interface.  Multiple MAC addresses will show
+		# up on the same interface and need filtered to a single address.
 		#MAC_ADDR_BPF,
 	};

--- a/scripts/policy/tuning/defaults/packet-fragments.bro
+++ b/scripts/policy/tuning/defaults/packet-fragments.bro
@ -1,10 +1,10 @@
-## Capture TCP fragments, but not UDP (or ICMP), since those are a lot more
-## common due to high-volume, fragmenting protocols such as NFS :-(.
+# Capture TCP fragments, but not UDP (or ICMP), since those are a lot more
+# common due to high-volume, fragmenting protocols such as NFS :-(.

-## This normally isn't used because of the default open packet filter 
-## but we set it anyway in case the user is using a packet filter.
-## Note: This was removed because the default model now is to have a wide
-##       open packet filter.
+# This normally isn't used because of the default open packet filter 
+# but we set it anyway in case the user is using a packet filter.
+# Note: This was removed because the default model now is to have a wide
+#       open packet filter.
 #redef capture_filters += { ["frag"] = "(ip[6:2] & 0x3fff != 0) and tcp" };

 ## Shorten the fragment timeout from never expiring to expiring fragments after