Rename NetSessions to SessionManager

This also includes: - Deprecating the NetSessions name. - Renaming the zeek::sessions global to zeek::session_mgr and deprecating the old name. - Renaming Sessions.{h,cc} to SessionManager.{h,cc}.
2025-10-02 14:48:21 +00:00 · 2021-04-08 18:11:14 -07:00 · 2021-04-08 18:11:14 -07:00 · db1d753b35
commit db1d753b35
parent f7e3556a67
42 changed files with 148 additions and 155 deletions
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@ -287,7 +287,7 @@ set(MAIN_SRCS
    ScriptCoverageManager.cc
    SerializationFormat.cc
    Session.cc
-    Sessions.cc
+    SessionManager.cc
    SmithWaterman.cc
    Stats.cc
    Stmt.cc
--- a/src/Conn.cc
+++ b/src/Conn.cc
@ -10,7 +10,7 @@
 #include "zeek/RunState.h"
 #include "zeek/NetVar.h"
 #include "zeek/Event.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/Reporter.h"
 #include "zeek/Timer.h"
 #include "zeek/iosource/IOSource.h"
@ -25,12 +25,11 @@ namespace zeek {
 uint64_t Connection::total_connections = 0;
 uint64_t Connection::current_connections = 0;
-Connection::Connection(NetSessions* s, const detail::ConnIDKey& k, double t,
+Connection::Connection(const detail::ConnIDKey& k, double t,
                       const ConnID* id, uint32_t flow, const Packet* pkt)
 	: Session(t, connection_timeout, connection_status_update,
 	          detail::connection_status_update_interval)
 	{
 	sessions = s;
 	key = k;
 	key_valid = true;
@ -137,7 +136,7 @@ void Connection::Done()
 		analyzer::tcp::TCP_Endpoint* to = ta->Orig();
 		analyzer::tcp::TCP_Endpoint* tr = ta->Resp();
-		sessions->tcp_stats.StateLeft(to->state, tr->state);
+		session_mgr->tcp_stats.StateLeft(to->state, tr->state);
 		}
 	finished = 1;
--- a/src/Conn.h
+++ b/src/Conn.h
@ -25,7 +25,7 @@
 namespace zeek {
 class Connection;
-class NetSessions;
+class SessionManager;
 class EncapsulationStack;
 class Val;
 class RecordVal;
@ -73,7 +73,7 @@ static inline int addr_port_canon_lt(const IPAddr& addr1, uint32_t p1,
 class Connection final : public Session {
 public:
-	Connection(NetSessions* s, const detail::ConnIDKey& k, double t, const ConnID* id,
+	Connection(const detail::ConnIDKey& k, double t, const ConnID* id,
 	           uint32_t flow, const Packet* pkt);
 	~Connection() override;
@ -247,8 +247,6 @@ protected:
 	// Allow other classes to access pointers to these:
 	friend class detail::SessionTimer;
 	NetSessions* sessions;
 	IPAddr orig_addr;
 	IPAddr resp_addr;
 	uint32_t orig_port, resp_port;	// in network order
--- a/src/Frag.cc
+++ b/src/Frag.cc
@ -6,7 +6,7 @@
 #include "zeek/Hash.h"
 #include "zeek/IP.h"
 #include "zeek/NetVar.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/Reporter.h"
 #include "zeek/RunState.h"
@ -29,7 +29,7 @@ void FragTimer::Dispatch(double t, bool /* is_expire */)
 		reporter->InternalWarning("fragment timer dispatched w/o reassembler");
 	}
-FragReassembler::FragReassembler(NetSessions* arg_s,
+FragReassembler::FragReassembler(SessionManager* arg_s,
                                 const std::unique_ptr<IP_Hdr>& ip, const u_char* pkt,
                                 const FragReassemblerKey& k, double t)
 	: Reassembler(0, REASSEM_FRAG)
@ -355,7 +355,7 @@ FragReassembler* FragmentManager::NextFragment(double t, const std::unique_ptr<I
 	if ( ! f )
 		{
-		f = new FragReassembler(sessions, ip, pkt, key, t);
+		f = new FragReassembler(session_mgr, ip, pkt, key, t);
 		fragments[key] = f;
 		if ( fragments.size() > max_fragments )
 			max_fragments = fragments.size();
--- a/src/Frag.h
+++ b/src/Frag.h
@ -12,7 +12,7 @@
 namespace zeek {
-class NetSessions;
+class SessionManager;
 class IP_Hdr;
 namespace detail {
@ -24,7 +24,7 @@ using FragReassemblerKey = std::tuple<IPAddr, IPAddr, bro_uint_t>;
 class FragReassembler : public Reassembler {
 public:
-	FragReassembler(NetSessions* s, const std::unique_ptr<IP_Hdr>& ip, const u_char* pkt,
+	FragReassembler(SessionManager* s, const std::unique_ptr<IP_Hdr>& ip, const u_char* pkt,
 	                const FragReassemblerKey& k, double t);
 	~FragReassembler() override;
@ -44,7 +44,7 @@ protected:
 	u_char* proto_hdr;
 	std::unique_ptr<IP_Hdr> reassembled_pkt;
-	NetSessions* s;
+	SessionManager* s;
 	uint64_t frag_size;	// size of fully reassembled fragment
 	FragReassemblerKey key;
 	uint16_t next_proto; // first IPv6 fragment header's next proto field
--- a/src/Func.cc
+++ b/src/Func.cc
@ -45,7 +45,7 @@
 #include "zeek/Frame.h"
 #include "zeek/Var.h"
 #include "zeek/analyzer/protocol/login/Login.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/RE.h"
 #include "zeek/Event.h"
 #include "zeek/Traverse.h"
--- a/src/RunState.cc
+++ b/src/RunState.cc
@ -24,7 +24,7 @@ extern "C" {
 };
 #include "zeek/NetVar.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/Event.h"
 #include "zeek/Timer.h"
 #include "zeek/ID.h"
@ -195,7 +195,7 @@ void init_run(const std::optional<std::string>& interface,
 	zeek::detail::init_ip_addr_anonymizers();
-	sessions = new NetSessions();
+	session_mgr = new SessionManager();
 	// Initialize the stepping stone manager. We intentionally throw away the result here.
 	SteppingStoneManager::Get();
@ -390,13 +390,13 @@ void finish_run(int drain_events)
 	if ( drain_events )
 		{
-		if ( sessions )
+		if ( session_mgr )
-			sessions->Drain();
+			session_mgr->Drain();
 		event_mgr.Drain();
-		if ( sessions )
+		if ( session_mgr )
-			sessions->Done();
+			session_mgr->Done();
 		}
 #ifdef DEBUG
@ -413,7 +413,7 @@ void delete_run()
 	{
 	util::detail::set_processing_status("TERMINATING", "delete_run");
-	delete sessions;
+	delete session_mgr;
 	delete SteppingStoneManager::Get();
 	for ( int i = 0; i < zeek::detail::NUM_ADDR_ANONYMIZATION_METHODS; ++i )
--- a/src/Session.cc
+++ b/src/Session.cc
@ -7,7 +7,7 @@
 #include "zeek/Val.h"
 #include "zeek/Event.h"
 #include "zeek/Desc.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/IP.h"
 namespace zeek {
@ -217,7 +217,7 @@ void Session::DeleteTimer(double /* t */)
 	if ( is_active )
 		Event(session_timeout_event, nullptr);
-	sessions->Remove(this);
+	session_mgr->Remove(this);
 	}
 void Session::AddTimer(timer_func timer, double t, bool do_expire,
@ -247,7 +247,7 @@ void Session::InactivityTimer(double t)
 	if ( last_time + inactivity_timeout <= t )
 		{
 		Event(session_timeout_event, nullptr);
-		sessions->Remove(this);
+		session_mgr->Remove(this);
 		++detail::killed_by_inactivity;
 		}
 	else
@ -267,7 +267,7 @@ void Session::StatusUpdateTimer(double t)
 void Session::RemoveConnectionTimer(double t)
 	{
 	RemovalEvent();
-	sessions->Remove(this);
+	session_mgr->Remove(this);
 	}
 } // namespace zeek
--- a/src/SessionManager.cc
+++ b/src/SessionManager.cc
@ -1,7 +1,7 @@
 // See the file "COPYING" in the main distribution directory for copyright.
 #include "zeek/zeek-config.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include <netinet/in.h>
 #include <arpa/inet.h>
@ -31,27 +31,28 @@
 #include "zeek/analyzer/protocol/stepping-stone/events.bif.h"
-zeek::NetSessions* zeek::sessions;
+zeek::SessionManager* zeek::session_mgr = nullptr;
 zeek::SessionManager*& zeek::sessions = zeek::session_mgr;
 namespace zeek {
-NetSessions::NetSessions()
+SessionManager::SessionManager()
 	: stats(telemetry_mgr->GaugeFamily("zeek", "session_stats",
 	                                   {"tcp", "udp", "icmp"},
 	                                   "Zeek Session Stats", "1", false))
 	{
 	}
-NetSessions::~NetSessions()
+SessionManager::~SessionManager()
 	{
 	Clear();
 	}
-void NetSessions::Done()
+void SessionManager::Done()
 	{
 	}
-void NetSessions::ProcessTransportLayer(double t, const Packet* pkt, size_t remaining)
+void SessionManager::ProcessTransportLayer(double t, const Packet* pkt, size_t remaining)
 	{
 	const std::unique_ptr<IP_Hdr>& ip_hdr = pkt->ip_hdr;
@ -60,7 +61,7 @@ void NetSessions::ProcessTransportLayer(double t, const Packet* pkt, size_t rema
 	if ( len < ip_hdr_len )
 		{
-		sessions->Weird("bogus_IP_header_lengths", pkt);
+		session_mgr->Weird("bogus_IP_header_lengths", pkt);
 		return;
 		}
@ -208,7 +209,7 @@ void NetSessions::ProcessTransportLayer(double t, const Packet* pkt, size_t rema
 		}
 	}
-int NetSessions::ParseIPPacket(int caplen, const u_char* const pkt, int proto,
+int SessionManager::ParseIPPacket(int caplen, const u_char* const pkt, int proto,
                               IP_Hdr*& inner)
 	{
 	if ( proto == IPPROTO_IPV6 )
@ -245,7 +246,7 @@ int NetSessions::ParseIPPacket(int caplen, const u_char* const pkt, int proto,
 	return 0;
 	}
-bool NetSessions::CheckHeaderTrunc(int proto, uint32_t len, uint32_t caplen,
+bool SessionManager::CheckHeaderTrunc(int proto, uint32_t len, uint32_t caplen,
                                   const Packet* p)
 	{
 	uint32_t min_hdr_len = 0;
@ -279,7 +280,7 @@ bool NetSessions::CheckHeaderTrunc(int proto, uint32_t len, uint32_t caplen,
 	return false;
 	}
-Connection* NetSessions::FindConnection(Val* v)
+Connection* SessionManager::FindConnection(Val* v)
 	{
 	const auto& vt = v->GetType();
 	if ( ! IsRecord(vt->Tag()) )
@ -342,7 +343,7 @@ Connection* NetSessions::FindConnection(Val* v)
 	return conn;
 	}
-void NetSessions::Remove(Session* s)
+void SessionManager::Remove(Session* s)
 	{
 	Connection* c = static_cast<Connection*>(s);
@ -378,7 +379,7 @@ void NetSessions::Remove(Session* s)
 		}
 	}
-void NetSessions::Insert(Session* s)
+void SessionManager::Insert(Session* s)
 	{
 	assert(s->IsKeyValid());
@ -402,7 +403,7 @@ void NetSessions::Insert(Session* s)
 		}
 	}
-void NetSessions::Drain()
+void SessionManager::Drain()
 	{
 	for ( const auto& entry : session_map )
 		{
@ -412,7 +413,7 @@ void NetSessions::Drain()
 		}
 	}
-void NetSessions::Clear()
+void SessionManager::Clear()
 	{
 	for ( const auto& entry : session_map )
 		Unref(entry.second);
@ -422,7 +423,7 @@ void NetSessions::Clear()
 	detail::fragment_mgr->Clear();
 	}
-void NetSessions::GetStats(SessionStats& s)
+void SessionManager::GetStats(SessionStats& s)
 	{
 	s.max_TCP_conns = stats.GetOrAdd({{"tcp", "max_conns"}}).Value();
 	s.num_TCP_conns = stats.GetOrAdd({{"tcp", "num_conns"}}).Value();
@ -441,7 +442,7 @@ void NetSessions::GetStats(SessionStats& s)
 	s.num_packets = packet_mgr->PacketsProcessed();
 	}
-Connection* NetSessions::NewConn(const detail::ConnIDKey& k, double t, const ConnID* id,
+Connection* SessionManager::NewConn(const detail::ConnIDKey& k, double t, const ConnID* id,
                                    const u_char* data, int proto, uint32_t flow_label,
                                    const Packet* pkt)
 	{
@ -482,7 +483,7 @@ Connection* NetSessions::NewConn(const detail::ConnIDKey& k, double t, const Con
 	if ( ! WantConnection(src_h, dst_h, tproto, flags, flip) )
 		return nullptr;
-	Connection* conn = new Connection(this, k, t, id, flow_label, pkt);
+	Connection* conn = new Connection(k, t, id, flow_label, pkt);
 	conn->SetTransport(tproto);
 	if ( flip )
@ -501,7 +502,7 @@ Connection* NetSessions::NewConn(const detail::ConnIDKey& k, double t, const Con
 	return conn;
 	}
-bool NetSessions::IsLikelyServerPort(uint32_t port, TransportProto proto) const
+bool SessionManager::IsLikelyServerPort(uint32_t port, TransportProto proto) const
 	{
 	// We keep a cached in-core version of the table to speed up the lookup.
 	static std::set<bro_uint_t> port_cache;
@ -528,7 +529,7 @@ bool NetSessions::IsLikelyServerPort(uint32_t port, TransportProto proto) const
 	return port_cache.find(port) != port_cache.end();
 	}
-bool NetSessions::WantConnection(uint16_t src_port, uint16_t dst_port,
+bool SessionManager::WantConnection(uint16_t src_port, uint16_t dst_port,
                                 TransportProto transport_proto,
                                 uint8_t tcp_flags, bool& flip_roles)
 	{
@ -575,7 +576,7 @@ bool NetSessions::WantConnection(uint16_t src_port, uint16_t dst_port,
 	return true;
 	}
-void NetSessions::Weird(const char* name, const Packet* pkt, const char* addl, const char* source)
+void SessionManager::Weird(const char* name, const Packet* pkt, const char* addl, const char* source)
 	{
 	const char* weird_name = name;
@ -596,12 +597,12 @@ void NetSessions::Weird(const char* name, const Packet* pkt, const char* addl, c
 	reporter->Weird(weird_name, addl, source);
 	}
-void NetSessions::Weird(const char* name, const IP_Hdr* ip, const char* addl)
+void SessionManager::Weird(const char* name, const IP_Hdr* ip, const char* addl)
 	{
 	reporter->Weird(ip->SrcAddr(), ip->DstAddr(), name, addl);
 	}
-unsigned int NetSessions::ConnectionMemoryUsage()
+unsigned int SessionManager::ConnectionMemoryUsage()
 	{
 	unsigned int mem = 0;
@ -615,7 +616,7 @@ unsigned int NetSessions::ConnectionMemoryUsage()
 	return mem;
 	}
-unsigned int NetSessions::ConnectionMemoryUsageConnVals()
+unsigned int SessionManager::ConnectionMemoryUsageConnVals()
 	{
 	unsigned int mem = 0;
@ -629,7 +630,7 @@ unsigned int NetSessions::ConnectionMemoryUsageConnVals()
 	return mem;
 	}
-unsigned int NetSessions::MemoryAllocation()
+unsigned int SessionManager::MemoryAllocation()
 	{
 	if ( run_state::terminating )
 		// Connections have been flushed already.
@ -643,7 +644,7 @@ unsigned int NetSessions::MemoryAllocation()
 		;
 	}
-void NetSessions::InsertSession(detail::SessionKey key, Session* session)
+void SessionManager::InsertSession(detail::SessionKey key, Session* session)
 	{
 	key.CopyData();
 	session_map.insert_or_assign(std::move(key), session);
@ -676,7 +677,7 @@ void NetSessions::InsertSession(detail::SessionKey key, Session* session)
 		}
 	}
-detail::PacketFilter* NetSessions::GetPacketFilter(bool init)
+detail::PacketFilter* SessionManager::GetPacketFilter(bool init)
 	{
 	return packet_mgr->GetPacketFilter(init);
 	}
--- a/src/SessionManager.h
+++ b/src/SessionManager.h
@ -40,10 +40,10 @@ struct SessionStats {
 	uint64_t num_packets;
 };
-class NetSessions final {
+class SessionManager final {
 public:
-	NetSessions();
+	SessionManager();
-	~NetSessions();
+	~SessionManager();
 	void Done();	// call to drain events before destructing
@ -130,7 +130,7 @@ public:
 	// TODO: should this move somewhere else?
 	analyzer::tcp::TCPStateStats tcp_stats;	// keeps statistics on TCP states
-protected:
+private:
 	using SessionMap = std::map<detail::SessionKey, Session*>;
@ -172,6 +172,9 @@ protected:
 };
 // Manager for the currently active sessions.
-extern NetSessions* sessions;
+extern SessionManager* session_mgr;
 extern SessionManager*& sessions [[deprecated("Remove in v5.1. Use zeek::session_mgr.")]];
 using NetSessions [[deprecated("Remove in v5.1. Use zeek::SessionManager.")]] = SessionManager;
 } // namespace zeek
--- a/src/Stats.cc
+++ b/src/Stats.cc
@ -7,7 +7,7 @@
 #include "zeek/RunState.h"
 #include "zeek/NetVar.h"
 #include "zeek/ID.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/Scope.h"
 #include "zeek/DNS_Mgr.h"
 #include "zeek/Trigger.h"
@ -126,25 +126,25 @@ void ProfileLogger::Log()
 		run_state::network_time, (utime + stime) - (first_utime + first_stime),
 		utime - first_utime, stime - first_stime, rtime - first_rtime));
-	int conn_mem_use = expensive ? sessions->ConnectionMemoryUsage() : 0;
+	int conn_mem_use = expensive ? session_mgr->ConnectionMemoryUsage() : 0;
 	double avg_conn_mem_use = 0;
-	if ( expensive && sessions->CurrentConnections() != 0 )
+	if ( expensive && session_mgr->CurrentConnections() != 0 )
-		avg_conn_mem_use = conn_mem_use / static_cast<double>(sessions->CurrentConnections());
+		avg_conn_mem_use = conn_mem_use / static_cast<double>(session_mgr->CurrentConnections());
 	file->Write(util::fmt("%.06f Conns: total=%" PRIu64 " current=%" PRIu64 "/%" PRIi32 " mem=%" PRIi32 "K avg=%.1f table=%" PRIu32 "K connvals=%" PRIu32 "K\n",
 		run_state::network_time,
 		Connection::TotalConnections(),
 		Connection::CurrentConnections(),
-		sessions->CurrentConnections(),
+		session_mgr->CurrentConnections(),
 		conn_mem_use,
 		avg_conn_mem_use,
-		expensive ? sessions->MemoryAllocation() / 1024 : 0,
+		expensive ? session_mgr->MemoryAllocation() / 1024 : 0,
-		expensive ? sessions->ConnectionMemoryUsageConnVals() / 1024 : 0
+		expensive ? session_mgr->ConnectionMemoryUsageConnVals() / 1024 : 0
 		));
 	SessionStats s;
-	sessions->GetStats(s);
+	session_mgr->GetStats(s);
 	file->Write(util::fmt("%.06f Conns: tcp=%zu/%zu udp=%zu/%zu icmp=%zu/%zu\n",
 		run_state::network_time,
@ -153,22 +153,22 @@ void ProfileLogger::Log()
 		s.num_ICMP_conns, s.max_ICMP_conns
 		));
-	sessions->tcp_stats.PrintStats(file,
+	session_mgr->tcp_stats.PrintStats(file,
 			util::fmt("%.06f TCP-States:", run_state::network_time));
 	// Alternatively, if you prefer more compact output...
 	/*
 	file->Write(util::fmt("%.8f TCP-States: I=%d S=%d SA=%d SR=%d E=%d EF=%d ER=%d F=%d P=%d\n",
 		       run_state::network_time,
-		       sessions->tcp_stats.StateInactive(),
+		       session_mgr->tcp_stats.StateInactive(),
-		       sessions->tcp_stats.StateRequest(),
+		       session_mgr->tcp_stats.StateRequest(),
-		       sessions->tcp_stats.StateSuccRequest(),
+		       session_mgr->tcp_stats.StateSuccRequest(),
-		       sessions->tcp_stats.StateRstRequest(),
+		       session_mgr->tcp_stats.StateRstRequest(),
-		       sessions->tcp_stats.StateEstablished(),
+		       session_mgr->tcp_stats.StateEstablished(),
-		       sessions->tcp_stats.StateHalfClose(),
+		       session_mgr->tcp_stats.StateHalfClose(),
-		       sessions->tcp_stats.StateHalfRst(),
+		       session_mgr->tcp_stats.StateHalfRst(),
-		       sessions->tcp_stats.StateClosed(),
+		       session_mgr->tcp_stats.StateClosed(),
-		       sessions->tcp_stats.StatePartial()
+		       session_mgr->tcp_stats.StatePartial()
 		       ));
 	*/
--- a/src/analyzer/protocol/ayiya/AYIYA.cc
+++ b/src/analyzer/protocol/ayiya/AYIYA.cc
@ -2,6 +2,7 @@
 #include "zeek/analyzer/protocol/ayiya/AYIYA.h"
 #include "zeek/SessionManager.h"
 #include "zeek/Func.h"
 #include "zeek/packet_analysis/protocol/iptunnel/IPTunnel.h"
@ -46,7 +47,7 @@ void AYIYA_Analyzer::DeliverPacket(int len, const u_char* data, bool orig, uint6
 	inner_packet_offset = -1;
 	IP_Hdr* inner = nullptr;
-	int result = sessions->ParseIPPacket(len, data, next_header, inner);
+	int result = session_mgr->ParseIPPacket(len, data, next_header, inner);
 	if ( result == 0 )
 		{
--- a/src/analyzer/protocol/ayiya/ayiya-analyzer.pac
+++ b/src/analyzer/protocol/ayiya/ayiya-analyzer.pac
@ -1,5 +1,4 @@
 %extern{
 #include "zeek/Sessions.h"
 #include "zeek/Conn.h"
 #include "zeek/analyzer/protocol/ayiya/AYIYA.h"
 %}
--- a/src/analyzer/protocol/conn-size/functions.bif
+++ b/src/analyzer/protocol/conn-size/functions.bif
@ -1,11 +1,11 @@
 %%{
 #include "zeek/analyzer/protocol/conn-size/ConnSize.h"
 #include "zeek/Reporter.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 static zeek::analyzer::Analyzer* GetConnsizeAnalyzer(zeek::Val* cid)
 	{
-	zeek::Connection* c = zeek::sessions->FindConnection(cid);
+	zeek::Connection* c = zeek::session_mgr->FindConnection(cid);
 	if ( ! c )
 		return nullptr;
--- a/src/analyzer/protocol/dns/DNS.cc
+++ b/src/analyzer/protocol/dns/DNS.cc
@ -11,7 +11,7 @@
 #include "zeek/ZeekString.h"
 #include "zeek/NetVar.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/Event.h"
 #include "zeek/RunState.h"
@ -2261,7 +2261,7 @@ void DNS_Analyzer::ExpireTimer(double t)
 	if ( t - Conn()->LastTime() >= zeek::detail::dns_session_timeout - 1.0 || run_state::terminating )
 		{
 		Event(connection_timeout);
-		sessions->Remove(Conn());
+		session_mgr->Remove(Conn());
 		}
 	else
 		ADD_ANALYZER_TIMER(&DNS_Analyzer::ExpireTimer,
--- a/src/analyzer/protocol/gtpv1/GTPv1.cc
+++ b/src/analyzer/protocol/gtpv1/GTPv1.cc
@ -3,6 +3,7 @@
 #include "zeek/analyzer/protocol/gtpv1/GTPv1.h"
 #include "zeek/packet_analysis/protocol/iptunnel/IPTunnel.h"
 #include "zeek/SessionManager.h"
 #include "zeek/analyzer/protocol/gtpv1/events.bif.h"
 namespace zeek::analyzer::gtpv1 {
@ -47,7 +48,7 @@ void GTPv1_Analyzer::DeliverPacket(int len, const u_char* data, bool orig, uint6
 	inner_packet_offset = -1;
 	IP_Hdr* inner = nullptr;
-	int result = sessions->ParseIPPacket(len, data, next_header, inner);
+	int result = session_mgr->ParseIPPacket(len, data, next_header, inner);
 	if ( result == 0 )
 		{
--- a/src/analyzer/protocol/gtpv1/gtpv1-analyzer.pac
+++ b/src/analyzer/protocol/gtpv1/gtpv1-analyzer.pac
@ -1,5 +1,4 @@
 %extern{
 #include "zeek/Sessions.h"
 #include "zeek/ZeekString.h"
 #include "zeek/analyzer/protocol/gtpv1/GTPv1.h"
 %}
--- a/src/analyzer/protocol/login/functions.bif
+++ b/src/analyzer/protocol/login/functions.bif
@ -2,7 +2,7 @@
 %%{
 #include "zeek/analyzer/protocol/login/Login.h"
 #include "zeek/Reporter.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 %%}
 ## Returns the state of the given login (Telnet or Rlogin) connection.
@ -26,7 +26,7 @@
 ## .. zeek:see:: set_login_state
 function get_login_state%(cid: conn_id%): count
 	%{
-	zeek::Connection* c = sessions->FindConnection(cid);
+	zeek::Connection* c = session_mgr->FindConnection(cid);
 	if ( ! c )
 		return zeek::val_mgr->False();
@ -50,7 +50,7 @@ function get_login_state%(cid: conn_id%): count
 ## .. zeek:see:: get_login_state
 function set_login_state%(cid: conn_id, new_state: count%): bool
 	%{
-	zeek::Connection* c = sessions->FindConnection(cid);
+	zeek::Connection* c = session_mgr->FindConnection(cid);
 	if ( ! c )
 		return zeek::val_mgr->False();
--- a/src/analyzer/protocol/ncp/NCP.cc
+++ b/src/analyzer/protocol/ncp/NCP.cc
@ -7,8 +7,6 @@
 #include <string>
 #include <map>
 #include "zeek/Sessions.h"
 #include "zeek/analyzer/protocol/ncp/events.bif.h"
 #include "zeek/analyzer/protocol/ncp/consts.bif.h"
--- a/src/analyzer/protocol/netbios/NetbiosSSN.cc
+++ b/src/analyzer/protocol/netbios/NetbiosSSN.cc
@ -7,7 +7,7 @@
 #include "zeek/ZeekString.h"
 #include "zeek/NetVar.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/Event.h"
 #include "zeek/RunState.h"
@ -531,7 +531,7 @@ void NetbiosSSN_Analyzer::ExpireTimer(double t)
 		     netbios_ssn_session_timeout - 1.0 )
 		{
 		Event(connection_timeout);
-		sessions->Remove(Conn());
+		session_mgr->Remove(Conn());
 		}
 	else
 		ADD_ANALYZER_TIMER(&NetbiosSSN_Analyzer::ExpireTimer,
--- a/src/analyzer/protocol/rpc/RPC.cc
+++ b/src/analyzer/protocol/rpc/RPC.cc
@ -9,7 +9,7 @@
 #include "zeek/NetVar.h"
 #include "zeek/analyzer/protocol/rpc/XDR.h"
 #include "zeek/Reporter.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/RunState.h"
 #include "zeek/analyzer/protocol/rpc/events.bif.h"
@ -766,7 +766,7 @@ void RPC_Analyzer::Done()
 void RPC_Analyzer::ExpireTimer(double /* t */)
 	{
 	Event(connection_timeout);
-	sessions->Remove(Conn());
+	session_mgr->Remove(Conn());
 	}
 } // namespace zeek::analyzer::rpc
--- a/src/analyzer/protocol/stepping-stone/SteppingStone.cc
+++ b/src/analyzer/protocol/stepping-stone/SteppingStone.cc
@ -9,7 +9,6 @@
 #include "zeek/RunState.h"
 #include "zeek/NetVar.h"
 #include "zeek/analyzer/protocol/tcp/TCP.h"
 #include "zeek/Sessions.h"
 #include "zeek/util.h"
 #include "zeek/analyzer/protocol/stepping-stone/events.bif.h"
--- a/src/analyzer/protocol/stepping-stone/SteppingStone.h
+++ b/src/analyzer/protocol/stepping-stone/SteppingStone.h
@ -8,8 +8,6 @@
 namespace zeek {
 class NetSessions;
 namespace analyzer::stepping_stone {
 class SteppingStoneEndpoint;
--- a/src/analyzer/protocol/syslog/Syslog.cc
+++ b/src/analyzer/protocol/syslog/Syslog.cc
@ -41,7 +41,7 @@ void Syslog_Analyzer::DeliverPacket(int len, const u_char* data, bool orig, uint
 //	if ( t - Conn()->LastTime() >= Syslog_session_timeout - 1.0 || terminating )
 //		{
 //		Event(connection_timeout);
-//		sessions->Remove(Conn());
+//		session_mgr->Remove(Conn());
 //		}
 //	else
 //		ADD_ANALYZER_TIMER(&Syslog_Analyzer::ExpireTimer,
--- a/src/analyzer/protocol/tcp/TCP.cc
+++ b/src/analyzer/protocol/tcp/TCP.cc
@ -13,7 +13,7 @@
 #include "zeek/File.h"
 #include "zeek/Event.h"
 #include "zeek/Reporter.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/DebugLogger.h"
 #include "zeek/analyzer/protocol/tcp/events.bif.h"
@ -1272,7 +1272,7 @@ void TCP_Analyzer::FlipRoles()
 	{
 	Analyzer::FlipRoles();
-	sessions->tcp_stats.FlipState(orig->state, resp->state);
+	session_mgr->tcp_stats.FlipState(orig->state, resp->state);
 	TCP_Endpoint* tmp_ep = resp;
 	resp = orig;
 	orig = tmp_ep;
@ -1480,7 +1480,7 @@ void TCP_Analyzer::AttemptTimer(double /* t */)
 		is_active = 0;
 		// All done with this connection.
-		sessions->Remove(Conn());
+		session_mgr->Remove(Conn());
 		}
 	}
@ -1500,7 +1500,7 @@ void TCP_Analyzer::PartialCloseTimer(double /* t */)
 			return;
 		Event(connection_partial_close);
-		sessions->Remove(Conn());
+		session_mgr->Remove(Conn());
 		}
 	}
@ -1530,7 +1530,7 @@ void TCP_Analyzer::ExpireTimer(double t)
 				// the session remove and Unref() us here.
 				Event(connection_timeout);
 				is_active = 0;
-				sessions->Remove(Conn());
+				session_mgr->Remove(Conn());
 				return;
 				}
 			}
@ -1545,7 +1545,7 @@ void TCP_Analyzer::ExpireTimer(double t)
 				// before setting up an attempt timer,
 				// so we need to clean it up here.
 				Event(connection_timeout);
-				sessions->Remove(Conn());
+				session_mgr->Remove(Conn());
 				return;
 				}
 			}
@ -1566,12 +1566,12 @@ void TCP_Analyzer::ResetTimer(double /* t */)
 	if ( ! BothClosed() )
 		ConnectionReset();
-	sessions->Remove(Conn());
+	session_mgr->Remove(Conn());
 	}
 void TCP_Analyzer::DeleteTimer(double /* t */)
 	{
-	sessions->Remove(Conn());
+	session_mgr->Remove(Conn());
 	}
 void TCP_Analyzer::ConnDeleteTimer(double t)
@ -1689,7 +1689,7 @@ void TCP_Analyzer::ConnectionClosed(TCP_Endpoint* endpoint, TCP_Endpoint* peer,
 		// Note, even if tcp_close_delay is zero, we can't
 		// simply do:
 		//
-		//	sessions->Remove(this);
+		//	session_mgr->Remove(this);
 		//
 		// here, because that would cause the object to be
 		// deleted out from under us.
--- a/src/analyzer/protocol/tcp/TCP_Endpoint.cc
+++ b/src/analyzer/protocol/tcp/TCP_Endpoint.cc
@ -9,7 +9,7 @@
 #include "zeek/analyzer/protocol/tcp/TCP.h"
 #include "zeek/analyzer/protocol/tcp/TCP_Reassembler.h"
 #include "zeek/Reporter.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/Event.h"
 #include "zeek/File.h"
 #include "zeek/Val.h"
@ -66,7 +66,7 @@ void TCP_Endpoint::SetPeer(TCP_Endpoint* p)
 	peer = p;
 	if ( IsOrig() )
 		// Only one Endpoint adds the initial state to the counter.
-		sessions->tcp_stats.StateEntered(state, peer->state);
+		session_mgr->tcp_stats.StateEntered(state, peer->state);
 	}
 bool TCP_Endpoint::HadGap() const
@ -145,10 +145,10 @@ void TCP_Endpoint::SetState(EndpointState new_state)
 		prev_state = state;
 		state = new_state;
 		if ( IsOrig() )
-			sessions->tcp_stats.ChangeState(prev_state, state,
+			session_mgr->tcp_stats.ChangeState(prev_state, state,
 			                                   peer->state, peer->state);
 		else
-			sessions->tcp_stats.ChangeState(peer->state, peer->state,
+			session_mgr->tcp_stats.ChangeState(peer->state, peer->state,
 			                                   prev_state, state);
 		}
 	}
--- a/src/analyzer/protocol/tcp/functions.bif
+++ b/src/analyzer/protocol/tcp/functions.bif
@ -1,7 +1,7 @@
 %%{
 #include "zeek/File.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/Reporter.h"
 #include "zeek/analyzer/protocol/tcp/TCP.h"
 %%}
@ -18,7 +18,7 @@
 ## .. zeek:see:: get_resp_seq
 function get_orig_seq%(cid: conn_id%): count
 	%{
-	zeek::Connection* c = zeek::sessions->FindConnection(cid);
+	zeek::Connection* c = zeek::session_mgr->FindConnection(cid);
 	if ( ! c )
 		return zeek::val_mgr->Count(0);
@ -47,7 +47,7 @@ function get_orig_seq%(cid: conn_id%): count
 ## .. zeek:see:: get_orig_seq
 function get_resp_seq%(cid: conn_id%): count
 	%{
-	zeek::Connection* c = zeek::sessions->FindConnection(cid);
+	zeek::Connection* c = zeek::session_mgr->FindConnection(cid);
 	if ( ! c )
 		return zeek::val_mgr->Count(0);
@ -97,7 +97,7 @@ function get_resp_seq%(cid: conn_id%): count
 ## .. zeek:see:: get_contents_file set_record_packets contents_file_write_failure
 function set_contents_file%(cid: conn_id, direction: count, f: file%): bool
 	%{
-	zeek::Connection* c = zeek::sessions->FindConnection(cid);
+	zeek::Connection* c = zeek::session_mgr->FindConnection(cid);
 	if ( ! c )
 		return zeek::val_mgr->False();
@ -120,7 +120,7 @@ function set_contents_file%(cid: conn_id, direction: count, f: file%): bool
 ## .. zeek:see:: set_contents_file set_record_packets contents_file_write_failure
 function get_contents_file%(cid: conn_id, direction: count%): file
 	%{
-	zeek::Connection* c = zeek::sessions->FindConnection(cid);
+	zeek::Connection* c = zeek::session_mgr->FindConnection(cid);
 	if ( c )
 		{
--- a/src/analyzer/protocol/teredo/Teredo.cc
+++ b/src/analyzer/protocol/teredo/Teredo.cc
@ -4,7 +4,7 @@
 #include "zeek/Conn.h"
 #include "zeek/IP.h"
 #include "zeek/Reporter.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/ZeekString.h"
 #include "zeek/RunState.h"
 #include "zeek/packet_analysis/protocol/iptunnel/IPTunnel.h"
@ -165,7 +165,7 @@ void Teredo_Analyzer::DeliverPacket(int len, const u_char* data, bool orig,
 		}
 	IP_Hdr* inner = nullptr;
-	int rslt = sessions->ParseIPPacket(len, te.InnerIP(), IPPROTO_IPV6, inner);
+	int rslt = session_mgr->ParseIPPacket(len, te.InnerIP(), IPPROTO_IPV6, inner);
 	if ( rslt > 0 )
 		{
--- a/src/analyzer/protocol/vxlan/VXLAN.cc
+++ b/src/analyzer/protocol/vxlan/VXLAN.cc
@ -10,7 +10,6 @@ extern "C" {
 #include "zeek/Conn.h"
 #include "zeek/IP.h"
 #include "zeek/RunState.h"
 #include "zeek/Sessions.h"
 #include "zeek/Reporter.h"
 #include "zeek/packet_analysis/Manager.h"
 #include "zeek/packet_analysis/protocol/iptunnel/IPTunnel.h"
--- a/src/fuzzers/fuzzer-setup.h
+++ b/src/fuzzers/fuzzer-setup.h
@ -6,7 +6,7 @@
 #include "zeek/zeek-setup.h"
 #include "zeek/Event.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/broker/Manager.h"
 #include "zeek/file_analysis/Manager.h"
@ -55,9 +55,9 @@ void fuzzer_cleanup_one_input()
 	timer_mgr->Expire();
 	zeek::event_mgr.Drain();
-	sessions->Drain();
+	zeek::session_mgr->Drain();
 	zeek::event_mgr.Drain();
-	sessions->Clear();
+	zeek::session_mgr->Clear();
 	run_state::terminating = false;
 	}
--- a/src/fuzzers/pop3-fuzzer.cc
+++ b/src/fuzzers/pop3-fuzzer.cc
@ -2,7 +2,7 @@
 #include "zeek/RunState.h"
 #include "zeek/Conn.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/analyzer/Analyzer.h"
 #include "zeek/analyzer/Manager.h"
 #include "zeek/analyzer/protocol/pia/PIA.h"
@ -27,10 +27,10 @@ static zeek::Connection* add_connection()
 	conn_id.is_one_way = false;
 	conn_id.proto = TRANSPORT_TCP;
 	zeek::detail::ConnIDKey key = zeek::detail::BuildConnIDKey(conn_id);
-	zeek::Connection* conn = new zeek::Connection(zeek::sessions, key, network_time_start,
+	zeek::Connection* conn = new zeek::Connection(key, network_time_start,
 	                                              &conn_id, 1, &p);
 	conn->SetTransport(TRANSPORT_TCP);
-	zeek::sessions->Insert(conn);
+	zeek::session_mgr->Insert(conn);
 	return conn;
 	}
--- a/src/iosource/Packet.cc
+++ b/src/iosource/Packet.cc
@ -14,7 +14,6 @@ extern "C" {
 #endif
 }
 #include "zeek/Sessions.h"
 #include "zeek/Desc.h"
 #include "zeek/IP.h"
 #include "zeek/iosource/Manager.h"
--- a/src/iosource/PktSrc.cc
+++ b/src/iosource/PktSrc.cc
@ -8,7 +8,7 @@
 #include "zeek/util.h"
 #include "zeek/Hash.h"
 #include "zeek/RunState.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/broker/Manager.h"
 #include "zeek/iosource/Manager.h"
 #include "zeek/packet_analysis/Manager.h"
@ -125,7 +125,7 @@ void PktSrc::Info(const std::string& msg)
 void PktSrc::Weird(const std::string& msg, const Packet* p)
 	{
-	sessions->Weird(msg.c_str(), p);
+	session_mgr->Weird(msg.c_str(), p);
 	}
 void PktSrc::InternalError(const std::string& msg)
--- a/src/packet_analysis/Analyzer.cc
+++ b/src/packet_analysis/Analyzer.cc
@ -5,7 +5,7 @@
 #include "zeek/Dict.h"
 #include "zeek/DebugLogger.h"
 #include "zeek/RunState.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/util.h"
 namespace zeek::packet_analysis {
@ -121,7 +121,7 @@ void Analyzer::RegisterProtocol(uint32_t identifier, AnalyzerPtr child)
 void Analyzer::Weird(const char* name, Packet* packet, const char* addl) const
 	{
-	sessions->Weird(name, packet, addl, GetAnalyzerName());
+	session_mgr->Weird(name, packet, addl, GetAnalyzerName());
 	}
 } // namespace zeek::packet_analysis
--- a/src/packet_analysis/Manager.cc
+++ b/src/packet_analysis/Manager.cc
@ -6,7 +6,6 @@
 #include "zeek/packet_analysis/Dispatcher.h"
 #include "zeek/zeek-bif.h"
 #include "zeek/Stats.h"
 #include "zeek/Sessions.h"
 #include "zeek/RunState.h"
 #include "zeek/iosource/PktDumper.h"
--- a/src/packet_analysis/protocol/gre/GRE.cc
+++ b/src/packet_analysis/protocol/gre/GRE.cc
@ -4,7 +4,7 @@
 #include <pcap.h> // For DLT_ constants
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/RunState.h"
 #include "zeek/IP.h"
 #include "zeek/Reporter.h"
--- a/src/packet_analysis/protocol/ip/IP.cc
+++ b/src/packet_analysis/protocol/ip/IP.cc
@ -5,7 +5,7 @@
 #include "zeek/IP.h"
 #include "zeek/Discard.h"
 #include "zeek/PacketFilter.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/RunState.h"
 #include "zeek/Frag.h"
 #include "zeek/Event.h"
@ -241,7 +241,7 @@ bool IPAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
 	case IPPROTO_ICMPV6:
 		DBG_LOG(DBG_PACKET_ANALYSIS, "Analysis in %s succeeded, next layer identifier is %#x.",
 		        GetAnalyzerName(), proto);
-		sessions->ProcessTransportLayer(run_state::processing_start_time, packet, len);
+		session_mgr->ProcessTransportLayer(run_state::processing_start_time, packet, len);
 		break;
 	case IPPROTO_NONE:
 		// If the packet is encapsulated in Teredo, then it was a bubble and
--- a/src/packet_analysis/protocol/iptunnel/IPTunnel.cc
+++ b/src/packet_analysis/protocol/iptunnel/IPTunnel.cc
@ -4,7 +4,7 @@
 #include <pcap.h> // For DLT_ constants
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "zeek/RunState.h"
 #include "zeek/IP.h"
 #include "zeek/TunnelEncapsulation.h"
@ -50,7 +50,7 @@ bool IPTunnelAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* pa
 	if ( gre_version != 0 )
 		{
 		// Check for a valid inner packet first.
-		int result = sessions->ParseIPPacket(len, data, proto, inner);
+		int result = session_mgr->ParseIPPacket(len, data, proto, inner);
 		if ( result == -2 )
 			Weird("invalid_inner_IP_version", packet);
 		else if ( result < 0 )
--- a/src/stats.bif
+++ b/src/stats.bif
@ -88,14 +88,14 @@ function get_conn_stats%(%): ConnStats
 	r->Assign(n++, Connection::TotalConnections());
 	r->Assign(n++, Connection::CurrentConnections());
-	r->Assign(n++, sessions->CurrentConnections());
+	r->Assign(n++, session_mgr->CurrentConnections());
 	SessionStats s;
-	if ( sessions )
+	if ( session_mgr )
-		sessions->GetStats(s);
+		session_mgr->GetStats(s);
 #define ADD_STAT(x) \
-	r->Assign(n++, static_cast<uint64_t>(sessions ? x : 0));
+	r->Assign(n++, static_cast<uint64_t>(session_mgr ? x : 0));
 	ADD_STAT(s.num_packets);
 	ADD_STAT(s.num_fragments);
--- a/src/zeek.bif
+++ b/src/zeek.bif
@ -3052,7 +3052,7 @@ function decode_base64%(s: string, a: string &default=""%): string
 ## .. zeek:see:: decode_base64
 function decode_base64_conn%(cid: conn_id, s: string, a: string &default=""%): string
 	%{
-	Connection* conn = sessions->FindConnection(cid);
+	Connection* conn = session_mgr->FindConnection(cid);
 	if ( ! conn )
 		{
 		zeek::emit_builtin_error("connection ID not a known connection", cid);
@ -3353,7 +3353,7 @@ static zeek::EnumValPtr map_conn_type(TransportProto tp)
 ##              get_orig_seq get_resp_seq
 function get_conn_transport_proto%(cid: conn_id%): transport_proto
 	%{
-	Connection* c = sessions->FindConnection(cid);
+	Connection* c = session_mgr->FindConnection(cid);
 	if ( ! c )
 		{
 		zeek::emit_builtin_error("unknown connection id in get_conn_transport_proto()", cid);
@ -3385,7 +3385,7 @@ function get_port_transport_proto%(p: port%): transport_proto
 ## .. zeek:see:: lookup_connection
 function connection_exists%(c: conn_id%): bool
 	%{
-	if ( sessions->FindConnection(c) )
+	if ( session_mgr->FindConnection(c) )
 		return zeek::val_mgr->True();
 	else
 		return zeek::val_mgr->False();
@ -3402,7 +3402,7 @@ function connection_exists%(c: conn_id%): bool
 ## .. zeek:see:: connection_exists
 function lookup_connection%(cid: conn_id%): connection
 	%{
-	Connection* conn = sessions->FindConnection(cid);
+	Connection* conn = session_mgr->FindConnection(cid);
 	if ( conn )
 		return conn->ConnVal();
@ -4388,7 +4388,7 @@ function file_mode%(mode: count%): string
 ## .. zeek:see:: Analyzer::schedule_analyzer Analyzer::name
 function disable_analyzer%(cid: conn_id, aid: count, err_if_no_conn: bool &default=T, prevent: bool &default=F%) : bool
 	%{
-	Connection* c = sessions->FindConnection(cid);
+	Connection* c = session_mgr->FindConnection(cid);
 	if ( ! c )
 		{
 		zeek::reporter->Error("cannot find connection");
@ -4426,7 +4426,7 @@ function disable_analyzer%(cid: conn_id, aid: count, err_if_no_conn: bool &defau
 ##     :zeek:id:`connection_finished`.
 function skip_further_processing%(cid: conn_id%): bool
 	%{
-	Connection* c = sessions->FindConnection(cid);
+	Connection* c = session_mgr->FindConnection(cid);
 	if ( ! c )
 		return zeek::val_mgr->False();
@ -4456,7 +4456,7 @@ function skip_further_processing%(cid: conn_id%): bool
 ## .. zeek:see:: get_contents_file set_contents_file
 function set_record_packets%(cid: conn_id, do_record: bool%): bool
 	%{
-	Connection* c = sessions->FindConnection(cid);
+	Connection* c = session_mgr->FindConnection(cid);
 	if ( ! c )
 		return zeek::val_mgr->False();
@ -4474,7 +4474,7 @@ function set_record_packets%(cid: conn_id, do_record: bool%): bool
 ## Returns: The previous timeout interval.
 function set_inactivity_timeout%(cid: conn_id, t: interval%): interval
 	%{
-	Connection* c = sessions->FindConnection(cid);
+	Connection* c = session_mgr->FindConnection(cid);
 	if ( ! c )
 		return zeek::make_intrusive<zeek::IntervalVal>(0.0);
--- a/testing/btest/plugins/packet-protocol-plugin/src/LLCDemo.cc
+++ b/testing/btest/plugins/packet-protocol-plugin/src/LLCDemo.cc
@ -1,7 +1,7 @@
 #include "LLCDemo.h"
 #include "zeek/Event.h"
 #include "zeek/Val.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "events.bif.h"
 using namespace zeek::packet_analysis::PacketDemo;
--- a/testing/btest/plugins/packet-protocol-plugin/src/RawLayer.cc
+++ b/testing/btest/plugins/packet-protocol-plugin/src/RawLayer.cc
@ -1,7 +1,7 @@
 #include "RawLayer.h"
 #include "zeek/Event.h"
 #include "zeek/Val.h"
-#include "zeek/Sessions.h"
+#include "zeek/SessionManager.h"
 #include "events.bif.h"