Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-04 15:48:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Copy docs into Zeek repo directly

Browse source 
This is based on commit 2731def9159247e6da8a3191783c89683363689c from the
zeek-docs repo.
This commit is contained in:
Tim Wojtulewicz 2025-09-15 15:52:18 -07:00
parent 83f1e74643
commit ded98cd373
1074 changed files with 169319 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
doc/scripts/base/frameworks/netcontrol/plugins/__load__.zeek.rst Normal file
View file

@ -0,0 +1,14 @@
:tocdepth: 3
base/frameworks/netcontrol/plugins/__load__.zeek
================================================
:Imports: :doc:`base/frameworks/netcontrol/plugins/acld.zeek </scripts/base/frameworks/netcontrol/plugins/acld.zeek>`, :doc:`base/frameworks/netcontrol/plugins/broker.zeek </scripts/base/frameworks/netcontrol/plugins/broker.zeek>`, :doc:`base/frameworks/netcontrol/plugins/debug.zeek </scripts/base/frameworks/netcontrol/plugins/debug.zeek>`, :doc:`base/frameworks/netcontrol/plugins/openflow.zeek </scripts/base/frameworks/netcontrol/plugins/openflow.zeek>`, :doc:`base/frameworks/netcontrol/plugins/packetfilter.zeek </scripts/base/frameworks/netcontrol/plugins/packetfilter.zeek>`
Summary
~~~~~~~
Detailed Interface
~~~~~~~~~~~~~~~~~~

197
doc/scripts/base/frameworks/netcontrol/plugins/acld.zeek.rst Normal file
View file

@ -0,0 +1,197 @@
:tocdepth: 3
base/frameworks/netcontrol/plugins/acld.zeek
============================================
.. zeek:namespace:: NetControl
Acld plugin for the netcontrol framework.
:Namespace: NetControl
:Imports: :doc:`base/frameworks/broker </scripts/base/frameworks/broker/index>`, :doc:`base/frameworks/netcontrol/main.zeek </scripts/base/frameworks/netcontrol/main.zeek>`, :doc:`base/frameworks/netcontrol/plugin.zeek </scripts/base/frameworks/netcontrol/plugin.zeek>`
Summary
~~~~~~~
Types
#####
======================================================== =
:zeek:type:`NetControl::AclRule`: :zeek:type:`record`
:zeek:type:`NetControl::AcldConfig`: :zeek:type:`record`
======================================================== =
Redefinitions
#############
========================================================= =========================================================================
:zeek:type:`NetControl::PluginState`: :zeek:type:`record`
:New Fields: :zeek:type:`NetControl::PluginState`
acld_config: :zeek:type:`NetControl::AcldConfig` :zeek:attr:`&optional`
acld_id: :zeek:type:`count` :zeek:attr:`&optional`
The ID of this acld instance - for the mapping to PluginStates.
========================================================= =========================================================================
Events
######
============================================================ =======================================
:zeek:id:`NetControl::acld_add_rule`: :zeek:type:`event` Events that are sent from us to Broker.
:zeek:id:`NetControl::acld_remove_rule`: :zeek:type:`event`
:zeek:id:`NetControl::acld_rule_added`: :zeek:type:`event` Events that are sent from Broker to us.
:zeek:id:`NetControl::acld_rule_error`: :zeek:type:`event`
:zeek:id:`NetControl::acld_rule_exists`: :zeek:type:`event`
:zeek:id:`NetControl::acld_rule_removed`: :zeek:type:`event`
============================================================ =======================================
Hooks
#####
========================================================== ==============================================================
:zeek:id:`NetControl::acld_rule_policy`: :zeek:type:`hook` Hook that is called after a rule is converted to an acld rule.
========================================================== ==============================================================
Functions
#########
========================================================= =============================
:zeek:id:`NetControl::create_acld`: :zeek:type:`function` Instantiates the acld plugin.
========================================================= =============================
Detailed Interface
~~~~~~~~~~~~~~~~~~
Types
#####
.. zeek:type:: NetControl::AclRule
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 10 15
:Type: :zeek:type:`record`
.. zeek:field:: command :zeek:type:`string`
.. zeek:field:: cookie :zeek:type:`count`
.. zeek:field:: arg :zeek:type:`string`
.. zeek:field:: comment :zeek:type:`string` :zeek:attr:`&optional`
.. zeek:type:: NetControl::AcldConfig
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 17 37
:Type: :zeek:type:`record`
.. zeek:field:: acld_topic :zeek:type:`string`
The acld topic to send events to.
.. zeek:field:: acld_host :zeek:type:`addr`
Broker host to connect to.
.. zeek:field:: acld_port :zeek:type:`port`
Broker port to connect to.
.. zeek:field:: monitor :zeek:type:`bool` :zeek:attr:`&default` = ``F`` :zeek:attr:`&optional`
Do we accept rules for the monitor path? Default false.
.. zeek:field:: forward :zeek:type:`bool` :zeek:attr:`&default` = ``T`` :zeek:attr:`&optional`
Do we accept rules for the forward path? Default true.
.. zeek:field:: check_pred :zeek:type:`function` (p: :zeek:type:`NetControl::PluginState`, r: :zeek:type:`NetControl::Rule`) : :zeek:type:`bool` :zeek:attr:`&optional`
Predicate that is called on rule insertion or removal.
:param p: Current plugin state.
:param r: The rule to be inserted or removed.
:returns: T if the rule can be handled by the current backend, F otherwise.
Events
######
.. zeek:id:: NetControl::acld_add_rule
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 61 61
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, ar: :zeek:type:`NetControl::AclRule`)
Events that are sent from us to Broker.
.. zeek:id:: NetControl::acld_remove_rule
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 62 62
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, ar: :zeek:type:`NetControl::AclRule`)
.. zeek:id:: NetControl::acld_rule_added
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 90 101
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, msg: :zeek:type:`string`)
Events that are sent from Broker to us.
.. zeek:id:: NetControl::acld_rule_error
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 129 140
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, msg: :zeek:type:`string`)
.. zeek:id:: NetControl::acld_rule_exists
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 103 114
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, msg: :zeek:type:`string`)
.. zeek:id:: NetControl::acld_rule_removed
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 116 127
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, msg: :zeek:type:`string`)
Hooks
#####
.. zeek:id:: NetControl::acld_rule_policy
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 58 58
:Type: :zeek:type:`hook` (p: :zeek:type:`NetControl::PluginState`, r: :zeek:type:`NetControl::Rule`, ar: :zeek:type:`NetControl::AclRule`) : :zeek:type:`bool`
Hook that is called after a rule is converted to an acld rule.
The hook may modify the rule before it is sent to acld.
Setting the acld command to F will cause the rule to be rejected
by the plugin.
:param p: Current plugin state.
:param r: The rule to be inserted or removed.
:param ar: The acld rule to be inserted or removed.
Functions
#########
.. zeek:id:: NetControl::create_acld
:source-code: base/frameworks/netcontrol/plugins/acld.zeek 298 317
:Type: :zeek:type:`function` (config: :zeek:type:`NetControl::AcldConfig`) : :zeek:type:`NetControl::PluginState`
Instantiates the acld plugin.

159
doc/scripts/base/frameworks/netcontrol/plugins/broker.zeek.rst Normal file
View file

@ -0,0 +1,159 @@
:tocdepth: 3
base/frameworks/netcontrol/plugins/broker.zeek
==============================================
.. zeek:namespace:: NetControl
Broker plugin for the NetControl framework. Sends the raw data structures
used in NetControl on to Broker to allow for easy handling, e.g., of
command-line scripts.
:Namespace: NetControl
:Imports: :doc:`base/frameworks/broker </scripts/base/frameworks/broker/index>`, :doc:`base/frameworks/netcontrol/main.zeek </scripts/base/frameworks/netcontrol/main.zeek>`, :doc:`base/frameworks/netcontrol/plugin.zeek </scripts/base/frameworks/netcontrol/plugin.zeek>`
Summary
~~~~~~~
Types
#####
========================================================== ================================================================================================
:zeek:type:`NetControl::BrokerConfig`: :zeek:type:`record` This record specifies the configuration that is passed to :zeek:see:`NetControl::create_broker`.
========================================================== ================================================================================================
Redefinitions
#############
========================================================= =============================================================================
:zeek:type:`NetControl::PluginState`: :zeek:type:`record`
:New Fields: :zeek:type:`NetControl::PluginState`
broker_config: :zeek:type:`NetControl::BrokerConfig` :zeek:attr:`&optional`
OpenFlow controller for NetControl Broker plugin.
broker_id: :zeek:type:`count` :zeek:attr:`&optional`
The ID of this broker instance - for the mapping to PluginStates.
========================================================= =============================================================================
Events
######
============================================================== =
:zeek:id:`NetControl::broker_add_rule`: :zeek:type:`event`
:zeek:id:`NetControl::broker_remove_rule`: :zeek:type:`event`
:zeek:id:`NetControl::broker_rule_added`: :zeek:type:`event`
:zeek:id:`NetControl::broker_rule_error`: :zeek:type:`event`
:zeek:id:`NetControl::broker_rule_exists`: :zeek:type:`event`
:zeek:id:`NetControl::broker_rule_removed`: :zeek:type:`event`
:zeek:id:`NetControl::broker_rule_timeout`: :zeek:type:`event`
============================================================== =
Functions
#########
=========================================================== ===============================
:zeek:id:`NetControl::create_broker`: :zeek:type:`function` Instantiates the broker plugin.
=========================================================== ===============================
Detailed Interface
~~~~~~~~~~~~~~~~~~
Types
#####
.. zeek:type:: NetControl::BrokerConfig
:source-code: base/frameworks/netcontrol/plugins/broker.zeek 13 34
:Type: :zeek:type:`record`
.. zeek:field:: topic :zeek:type:`string` :zeek:attr:`&optional`
The broker topic to send events to.
.. zeek:field:: host :zeek:type:`addr` :zeek:attr:`&optional`
Broker host to connect to.
.. zeek:field:: bport :zeek:type:`port` :zeek:attr:`&optional`
Broker port to connect to.
.. zeek:field:: monitor :zeek:type:`bool` :zeek:attr:`&default` = ``T`` :zeek:attr:`&optional`
Do we accept rules for the monitor path? Default true.
.. zeek:field:: forward :zeek:type:`bool` :zeek:attr:`&default` = ``T`` :zeek:attr:`&optional`
Do we accept rules for the forward path? Default true.
.. zeek:field:: check_pred :zeek:type:`function` (p: :zeek:type:`NetControl::PluginState`, r: :zeek:type:`NetControl::Rule`) : :zeek:type:`bool` :zeek:attr:`&optional`
Predicate that is called on rule insertion or removal.
:param p: Current plugin state.
:param r: The rule to be inserted or removed.
:returns: T if the rule can be handled by the current backend, F otherwise.
This record specifies the configuration that is passed to :zeek:see:`NetControl::create_broker`.
Events
######
.. zeek:id:: NetControl::broker_add_rule
:source-code: base/frameworks/netcontrol/plugins/broker.zeek 46 46
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`)
.. zeek:id:: NetControl::broker_remove_rule
:source-code: base/frameworks/netcontrol/plugins/broker.zeek 47 47
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, reason: :zeek:type:`string`)
.. zeek:id:: NetControl::broker_rule_added
:source-code: base/frameworks/netcontrol/plugins/broker.zeek 61 72
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, msg: :zeek:type:`string`)
.. zeek:id:: NetControl::broker_rule_error
:source-code: base/frameworks/netcontrol/plugins/broker.zeek 100 111
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, msg: :zeek:type:`string`)
.. zeek:id:: NetControl::broker_rule_exists
:source-code: base/frameworks/netcontrol/plugins/broker.zeek 74 85
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, msg: :zeek:type:`string`)
.. zeek:id:: NetControl::broker_rule_removed
:source-code: base/frameworks/netcontrol/plugins/broker.zeek 87 98
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, msg: :zeek:type:`string`)
.. zeek:id:: NetControl::broker_rule_timeout
:source-code: base/frameworks/netcontrol/plugins/broker.zeek 113 124
:Type: :zeek:type:`event` (id: :zeek:type:`count`, r: :zeek:type:`NetControl::Rule`, i: :zeek:type:`NetControl::FlowInfo`)
Functions
#########
.. zeek:id:: NetControl::create_broker
:source-code: base/frameworks/netcontrol/plugins/broker.zeek 198 220
:Type: :zeek:type:`function` (config: :zeek:type:`NetControl::BrokerConfig`, can_expire: :zeek:type:`bool`) : :zeek:type:`NetControl::PluginState`
Instantiates the broker plugin.

65
doc/scripts/base/frameworks/netcontrol/plugins/debug.zeek.rst Normal file
View file

@ -0,0 +1,65 @@
:tocdepth: 3
base/frameworks/netcontrol/plugins/debug.zeek
=============================================
.. zeek:namespace:: NetControl
Debugging plugin for the NetControl framework, providing insight into
executed operations.
:Namespace: NetControl
:Imports: :doc:`base/frameworks/netcontrol/main.zeek </scripts/base/frameworks/netcontrol/main.zeek>`, :doc:`base/frameworks/netcontrol/plugin.zeek </scripts/base/frameworks/netcontrol/plugin.zeek>`
Summary
~~~~~~~
Functions
#########
================================================================= =========================================================
:zeek:id:`NetControl::create_debug`: :zeek:type:`function` Instantiates a debug plugin for the NetControl framework.
:zeek:id:`NetControl::create_debug_error`: :zeek:type:`function` Instantiates a debug plugin for the NetControl framework.
:zeek:id:`NetControl::create_debug_exists`: :zeek:type:`function` Instantiates a debug plugin for the NetControl framework.
================================================================= =========================================================
Detailed Interface
~~~~~~~~~~~~~~~~~~
Functions
#########
.. zeek:id:: NetControl::create_debug
:source-code: base/frameworks/netcontrol/plugins/debug.zeek 118 131
:Type: :zeek:type:`function` (do_something: :zeek:type:`bool`, name: :zeek:type:`string` :zeek:attr:`&default` = ``""`` :zeek:attr:`&optional`) : :zeek:type:`NetControl::PluginState`
Instantiates a debug plugin for the NetControl framework. The debug
plugin simply logs the operations it receives.
:param do_something: If true, the plugin will claim it supports all operations; if
false, it will indicate it doesn't support any.
:param name: Optional name that for the plugin.
.. zeek:id:: NetControl::create_debug_error
:source-code: base/frameworks/netcontrol/plugins/debug.zeek 133 140
:Type: :zeek:type:`function` (name: :zeek:type:`string`) : :zeek:type:`NetControl::PluginState`
Instantiates a debug plugin for the NetControl framework. This variation
of the plugin will return "error" to any rule operations.
:param name: Name of this plugin.
.. zeek:id:: NetControl::create_debug_exists
:source-code: base/frameworks/netcontrol/plugins/debug.zeek 142 149
:Type: :zeek:type:`function` (name: :zeek:type:`string`) : :zeek:type:`NetControl::PluginState`
Instantiates a debug plugin for the NetControl framework. This variation
of the plugin will return "exists" to any rule operations.
:param name: Name of this plugin.

36
doc/scripts/base/frameworks/netcontrol/plugins/index.rst Normal file
View file

@ -0,0 +1,36 @@
:orphan:
Package: base/frameworks/netcontrol/plugins
===========================================
Plugins for the NetControl framework.
:doc:`/scripts/base/frameworks/netcontrol/plugins/__load__.zeek`
:doc:`/scripts/base/frameworks/netcontrol/plugins/debug.zeek`
Debugging plugin for the NetControl framework, providing insight into
executed operations.
:doc:`/scripts/base/frameworks/netcontrol/plugins/openflow.zeek`
OpenFlow plugin for the NetControl framework.
:doc:`/scripts/base/frameworks/netcontrol/plugins/packetfilter.zeek`
NetControl plugin for the process-level PacketFilter that comes with
Zeek. Since the PacketFilter in Zeek is quite limited in scope
and can only add/remove filters for addresses, this is quite
limited in scope at the moment.
:doc:`/scripts/base/frameworks/netcontrol/plugins/broker.zeek`
Broker plugin for the NetControl framework. Sends the raw data structures
used in NetControl on to Broker to allow for easy handling, e.g., of
command-line scripts.
:doc:`/scripts/base/frameworks/netcontrol/plugins/acld.zeek`
Acld plugin for the netcontrol framework.

195
doc/scripts/base/frameworks/netcontrol/plugins/openflow.zeek.rst Normal file
View file

@ -0,0 +1,195 @@
:tocdepth: 3
base/frameworks/netcontrol/plugins/openflow.zeek
================================================
.. zeek:namespace:: NetControl
OpenFlow plugin for the NetControl framework.
:Namespace: NetControl
:Imports: :doc:`base/frameworks/netcontrol/main.zeek </scripts/base/frameworks/netcontrol/main.zeek>`, :doc:`base/frameworks/netcontrol/plugin.zeek </scripts/base/frameworks/netcontrol/plugin.zeek>`, :doc:`base/frameworks/openflow </scripts/base/frameworks/openflow/index>`
Summary
~~~~~~~
Redefinable Options
###################
========================================================================================== ===============================================================================
:zeek:id:`NetControl::openflow_flow_timeout`: :zeek:type:`interval` :zeek:attr:`&redef` The time interval after we consider a flow timed out.
:zeek:id:`NetControl::openflow_message_timeout`: :zeek:type:`interval` :zeek:attr:`&redef` The time interval after which an openflow message is considered to be timed out
and we delete it from our internal tracking.
========================================================================================== ===============================================================================
Types
#####
====================================================== ==================================================================================================
:zeek:type:`NetControl::OfConfig`: :zeek:type:`record` This record specifies the configuration that is passed to :zeek:see:`NetControl::create_openflow`.
:zeek:type:`NetControl::OfTable`: :zeek:type:`record`
====================================================== ==================================================================================================
Redefinitions
#############
========================================================= =========================================================================
:zeek:type:`NetControl::PluginState`: :zeek:type:`record`
:New Fields: :zeek:type:`NetControl::PluginState`
of_controller: :zeek:type:`OpenFlow::Controller` :zeek:attr:`&optional`
OpenFlow controller for NetControl OpenFlow plugin.
of_config: :zeek:type:`NetControl::OfConfig` :zeek:attr:`&optional`
OpenFlow configuration record that is passed on initialization.
========================================================= =========================================================================
Functions
#########
============================================================= =============================================================
:zeek:id:`NetControl::create_openflow`: :zeek:type:`function` Instantiates an openflow plugin for the NetControl framework.
============================================================= =============================================================
Detailed Interface
~~~~~~~~~~~~~~~~~~
Redefinable Options
###################
.. zeek:id:: NetControl::openflow_flow_timeout
:source-code: base/frameworks/netcontrol/plugins/openflow.zeek 76 76
:Type: :zeek:type:`interval`
:Attributes: :zeek:attr:`&redef`
:Default: ``1.0 day``
The time interval after we consider a flow timed out. This should be fairly high (or
even disabled) if you expect a lot of long flows. However, one also will have state
buildup for quite a while if keeping this around...
.. zeek:id:: NetControl::openflow_message_timeout
:source-code: base/frameworks/netcontrol/plugins/openflow.zeek 71 71
:Type: :zeek:type:`interval`
:Attributes: :zeek:attr:`&redef`
:Default: ``20.0 secs``
The time interval after which an openflow message is considered to be timed out
and we delete it from our internal tracking.
Types
#####
.. zeek:type:: NetControl::OfConfig
:source-code: base/frameworks/netcontrol/plugins/openflow.zeek 11 51
:Type: :zeek:type:`record`
.. zeek:field:: monitor :zeek:type:`bool` :zeek:attr:`&default` = ``T`` :zeek:attr:`&optional`
Accept rules that target the monitor path.
.. zeek:field:: forward :zeek:type:`bool` :zeek:attr:`&default` = ``T`` :zeek:attr:`&optional`
Accept rules that target the forward path.
.. zeek:field:: idle_timeout :zeek:type:`count` :zeek:attr:`&default` = ``0`` :zeek:attr:`&optional`
Default OpenFlow idle timeout.
.. zeek:field:: table_id :zeek:type:`count` :zeek:attr:`&optional`
Default OpenFlow table ID.
.. zeek:field:: priority_offset :zeek:type:`int` :zeek:attr:`&default` = ``0`` :zeek:attr:`&optional`
Add this to all rule priorities. Can be useful if you want the openflow priorities be offset from the netcontrol priorities without having to write a filter function.
.. zeek:field:: check_pred :zeek:type:`function` (p: :zeek:type:`NetControl::PluginState`, r: :zeek:type:`NetControl::Rule`) : :zeek:type:`bool` :zeek:attr:`&optional`
Predicate that is called on rule insertion or removal.
:param p: Current plugin state.
:param r: The rule to be inserted or removed.
:returns: T if the rule can be handled by the current backend, F otherwise.
.. zeek:field:: match_pred :zeek:type:`function` (p: :zeek:type:`NetControl::PluginState`, e: :zeek:type:`NetControl::Entity`, m: :zeek:type:`vector` of :zeek:type:`OpenFlow::ofp_match`) : :zeek:type:`vector` of :zeek:type:`OpenFlow::ofp_match` :zeek:attr:`&optional`
This predicate is called each time an OpenFlow match record is created.
The predicate can modify the match structure before it is sent on to the
device.
:param p: Current plugin state.
:param r: The rule to be inserted or removed.
:param m: The openflow match structures that were generated for this rules.
:returns: The modified OpenFlow match structures that will be used in place of the structures passed in m.
.. zeek:field:: flow_mod_pred :zeek:type:`function` (p: :zeek:type:`NetControl::PluginState`, r: :zeek:type:`NetControl::Rule`, m: :zeek:type:`OpenFlow::ofp_flow_mod`) : :zeek:type:`OpenFlow::ofp_flow_mod` :zeek:attr:`&optional`
This predicate is called before a FlowMod message is sent to the OpenFlow
device. It can modify the FlowMod message before it is passed on.
:param p: Current plugin state.
:param r: The rule to be inserted or removed.
:param m: The OpenFlow FlowMod message.
:returns: The modified FlowMod message that is used in lieu of m.
This record specifies the configuration that is passed to :zeek:see:`NetControl::create_openflow`.
.. zeek:type:: NetControl::OfTable
:source-code: base/frameworks/netcontrol/plugins/openflow.zeek 60 67
:Type: :zeek:type:`record`
.. zeek:field:: p :zeek:type:`NetControl::PluginState`
.. zeek:field:: r :zeek:type:`NetControl::Rule`
.. zeek:field:: c :zeek:type:`count` :zeek:attr:`&default` = ``0`` :zeek:attr:`&optional`
.. zeek:field:: packet_count :zeek:type:`count` :zeek:attr:`&default` = ``0`` :zeek:attr:`&optional`
.. zeek:field:: byte_count :zeek:type:`count` :zeek:attr:`&default` = ``0`` :zeek:attr:`&optional`
.. zeek:field:: duration_sec :zeek:type:`double` :zeek:attr:`&default` = ``0.0`` :zeek:attr:`&optional`
Functions
#########
.. zeek:id:: NetControl::create_openflow
:source-code: base/frameworks/netcontrol/plugins/openflow.zeek 448 453
:Type: :zeek:type:`function` (controller: :zeek:type:`OpenFlow::Controller`, config: :zeek:type:`NetControl::OfConfig` :zeek:attr:`&default` = ``[]`` :zeek:attr:`&optional`) : :zeek:type:`NetControl::PluginState`
Instantiates an openflow plugin for the NetControl framework.

35
doc/scripts/base/frameworks/netcontrol/plugins/packetfilter.zeek.rst Normal file
View file

@ -0,0 +1,35 @@
:tocdepth: 3
base/frameworks/netcontrol/plugins/packetfilter.zeek
====================================================
.. zeek:namespace:: NetControl
NetControl plugin for the process-level PacketFilter that comes with
Zeek. Since the PacketFilter in Zeek is quite limited in scope
and can only add/remove filters for addresses, this is quite
limited in scope at the moment.
:Namespace: NetControl
:Imports: :doc:`base/frameworks/netcontrol/plugin.zeek </scripts/base/frameworks/netcontrol/plugin.zeek>`
Summary
~~~~~~~
Functions
#########
================================================================= =====================================
:zeek:id:`NetControl::create_packetfilter`: :zeek:type:`function` Instantiates the packetfilter plugin.
================================================================= =====================================
Detailed Interface
~~~~~~~~~~~~~~~~~~
Functions
#########
.. zeek:id:: NetControl::create_packetfilter
:source-code: base/frameworks/netcontrol/plugins/packetfilter.zeek 107 112
:Type: :zeek:type:`function` () : :zeek:type:`NetControl::PluginState`
Instantiates the packetfilter plugin.