Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Updating docs for recent addition of local_resp.

Browse source
This commit is contained in:
Robin Sommer 2015-03-02 17:10:32 -08:00
parent dfc88094ab
commit d8d13df406
5 changed files with 18 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

9
CHANGES
View file

@ -1,4 +1,8 @@
2.3-490 | 2015-03-02 17:11:10 -0800
* Updating docs for recent addition of local_resp. (Robin Sommer)
2.3-489 | 2015-03-02 15:29:30 -0800 2.3-489 | 2015-03-02 15:29:30 -0800
* Integrate Broker, Bro's new communication library. (Jon Siwek) * Integrate Broker, Bro's new communication library. (Jon Siwek)
@ -8,8 +12,9 @@
Broker support is by default off for now; it can be enabled at Broker support is by default off for now; it can be enabled at
configure time with --enable-broker. It requires CAF configure time with --enable-broker. It requires CAF
(https://github.com/actor-framework/actor-framework); for now (https://github.com/actor-framework/actor-framework); for now iot
needs the "develop" branch. Broker also requires a C++11 compiler. needs CAF's "develop" branch. Broker also requires a C++11
compiler.
Broker will become a mandatory dependency in future Bro versions. Broker will become a mandatory dependency in future Bro versions.

2
VERSION
View file

@ -1 +1 @@
2.3-489 2.3-490

2
doc/scripting/index.rst
View file

@ -826,7 +826,7 @@ example of the ``record`` data type in the earlier sections, the
``conn.log``, is shown by the excerpt below. ``conn.log``, is shown by the excerpt below.
.. btest-include:: ${BRO_SRC_ROOT}/scripts/base/protocols/conn/main.bro .. btest-include:: ${BRO_SRC_ROOT}/scripts/base/protocols/conn/main.bro
:lines: 10-12,16-17,19,21,23,25,28,31,35,38,57,63,69,92,95,99,102,106,110-111,116 :lines: 10-12,16-17,19,21,23,25,28,31,35,38,57,63,69,75,98,101,105,108,112,116-117,122
Looking at the structure of the definition, a new collection of data Looking at the structure of the definition, a new collection of data
types is being defined as a type called ``Info``. Since this type types is being defined as a type called ``Info``. Since this type

1
testing/btest/Baseline/doc.sphinx.include-scripts_base_protocols_conn_main_bro/output
View file

@ -17,6 +17,7 @@ export {
resp_bytes: count &log &optional; resp_bytes: count &log &optional;
conn_state: string &log &optional; conn_state: string &log &optional;
local_orig: bool &log &optional; local_orig: bool &log &optional;
local_resp: bool &log &optional;
missed_bytes: count &log &default=0; missed_bytes: count &log &default=0;
history: string &log &optional; history: string &log &optional;
orig_pkts: count &log &optional; orig_pkts: count &log &optional;

15
testing/btest/doc/sphinx/include-scripts_base_protocols_conn_main_bro.btest
View file

@ -18,11 +18,12 @@ export {
conn_state: string &log &optional; conn_state: string &log &optional;
local_orig: bool &log &optional; local_orig: bool &log &optional;
local_resp: bool &log &optional; local_resp: bool &log &optional;
## missed_bytes: count &log &default=0;
## lower-case. Multiple packets of the same type will only be history: string &log &optional;
## Number of packets that the originator sent. orig_pkts: count &log &optional;
## Number of IP level bytes that the originator sent (as seen on orig_ip_bytes: count &log &optional;
## Number of packets that the responder sent. resp_pkts: count &log &optional;
## the wire, taken from the IP total_length header field). resp_ip_bytes: count &log &optional;
## Only set if :bro:id:`use_conn_size_analyzer` = T.
tunnel_parents: set[string] &log; tunnel_parents: set[string] &log;
};
}