DPD changes - small script fixes and renames.

This addresses review feedback of GH-4200. No functional changes.

scripts/base/frameworks/analyzer/dpd.zeek

@@ -125,7 +125,7 @@ event analyzer_violation_info(atype: AllAnalyzers::Tag, info: AnalyzerViolationI
 	# add "-service" to the list of services on removal due to violation, if analyzer was confirmed before
 	if ( track_removed_services_in_connection && disabled && Analyzer::name(atype) in c$service )
 		{
-		local rname = fmt("-%s", Analyzer::name(atype));
+		local rname = cat("-", Analyzer::name(atype));
 		if ( rname !in c$service )
 			add c$service[rname];
 		}

scripts/base/protocols/conn/main.zeek

@@ -27,13 +27,10 @@ export {
 		id:           conn_id         &log;
 		## The transport layer protocol of the connection.
 		proto:        transport_proto &log;
-		## The identification of the application protocol(s) being sent over
+		## A comma-separated list of confirmed protocol(s).
-		## the connection. Can list more than one protocol separated with
+		## With :zeek:see:DPD::track_removed_services_in_connection, the list
-		## colons. Protocols listed are in the order in which they are
+		## includes the same protocols prefixed with "-" to record that Zeek
-		## confirmed.
+		## dropped them due to parsing violations."
-		## This field can also contain a list of protocol analyzers that
-		## raise violations prefixed with a "-" if the option
-		## :zeek:see:`DPD::track_removed_services_in_connection` is set.
 		service:      string          &log &optional;
 		## How long the connection lasted.
 		##

scripts/test-all-policy.zeek

@@ -98,7 +98,7 @@
 @load misc/unknown-protocols.zeek
 @load protocols/conn/community-id-logging.zeek
 @load protocols/conn/disable-unknown-ip-proto-support.zeek
-@load protocols/conn/failed-services.zeek
+@load protocols/conn/service-violation-logging.zeek
 @load protocols/conn/ip-proto-name-logging.zeek
 @load protocols/conn/known-hosts.zeek
 @load protocols/conn/known-services.zeek

testing/btest/scripts/base/frameworks/analyzer/dpd-logging-configuration.zeek

@@ -2,6 +2,6 @@
 # @TEST-EXEC: zeek -r $TRACES/ftp/ftp-invalid-reply-code.pcap %INPUT
 # @TEST-EXEC: btest-diff conn.log
 
-@load policy/protocols/conn/failed-services
+@load policy/protocols/conn/service-violation-logging
 
 redef DPD::track_removed_services_in_connection = T;

testing/external/scripts/testing-setup.zeek

@@ -1,7 +1,7 @@
 # Sets some testing specific options.
 
 @load external-ca-list
-@load protocols/conn/failed-services
+@load protocols/conn/service-violation-logging
 
 @ifdef ( SMTP::never_calc_md5 )
 	# MDD5s can depend on libmagic output.