Merge remote-tracking branch 'origin/master' into topic/policy-scripts-new

2025-10-14 04:28:20 +00:00 · 2011-05-16 13:59:02 -05:00 · 2011-05-16 13:59:02 -05:00 · e608aae0ba
commit e608aae0ba
parent f70b5ece8c 1199085b27
11 changed files with 66 additions and 6 deletions
--- a/aux/broctl
+++ b/aux/broctl
@ -1 +1 @@
-Subproject commit c4eaf7c7471ab04ae8af0f2913cb8350d9ae0b3a
+Subproject commit d9bfa3e7c25aa0fdc27a1f8520f2bb474ecd44af
--- a/src/Analyzer.cc
+++ b/src/Analyzer.cc
@ -58,6 +58,9 @@ const Analyzer::Config Analyzer::analyzer_configs[] = {
 	{ AnalyzerTag::ICMP_Echo, "ICMP_ECHO",
 		ICMP_Echo_Analyzer::InstantiateAnalyzer,
 		ICMP_Echo_Analyzer::Available, 0, false },
+	{ AnalyzerTag::ICMP_Redir, "ICMP_REDIR",
+		ICMP_Redir_Analyzer::InstantiateAnalyzer,
+		ICMP_Redir_Analyzer::Available, 0, false },

 	{ AnalyzerTag::TCP, "TCP", TCP_Analyzer::InstantiateAnalyzer,
 		TCP_Analyzer::Available, 0, false },
--- a/src/AnalyzerTags.h
+++ b/src/AnalyzerTags.h
@ -22,7 +22,9 @@ namespace AnalyzerTag {
 		PIA_TCP, PIA_UDP,

 		// Transport-layer analyzers.
-		ICMP, ICMP_TimeExceeded, ICMP_Unreachable, ICMP_Echo, TCP, UDP,
+		ICMP,
+		ICMP_TimeExceeded, ICMP_Unreachable, ICMP_Echo, ICMP_Redir,
+		TCP, UDP,

 		// Application-layer analyzers (hand-written).
 		BitTorrent, BitTorrentTracker,
--- a/src/DPM.cc
+++ b/src/DPM.cc
@ -229,6 +229,14 @@ bool DPM::BuildInitialAnalyzerTree(TransportProto proto, Connection* conn,
 				}
 			break;

+		case ICMP_REDIRECT:
+			if ( ICMP_Redir_Analyzer::Available() )
+				{
+				root = new ICMP_Redir_Analyzer(conn);
+				DBG_DPD(conn, "activated ICMP Redir analyzer");
+				}
+			break;
+
 		case ICMP_UNREACH:
 			if ( ICMP_Unreachable_Analyzer::Available() )
 				{
--- a/src/ICMP.cc
+++ b/src/ICMP.cc
@ -321,6 +321,24 @@ void ICMP_Echo_Analyzer::NextICMP(double t, const struct icmp* icmpp, int len,
 	ConnectionEvent(f, vl);
 	}

+ICMP_Redir_Analyzer::ICMP_Redir_Analyzer(Connection* c)
+: ICMP_Analyzer(AnalyzerTag::ICMP_Redir, c)
+	{
+	}
+
+void ICMP_Redir_Analyzer::NextICMP(double t, const struct icmp* icmpp, int len,
+					 int caplen, const u_char*& data)
+	{
+	uint32 addr = ntohl(icmpp->icmp_hun.ih_void);
+
+	val_list* vl = new val_list;
+	vl->append(BuildConnVal());
+	vl->append(BuildICMPVal());
+	vl->append(new AddrVal(htonl(addr)));
+
+	ConnectionEvent(icmp_redirect, vl);
+	}
+

 void ICMP_Context_Analyzer::NextICMP(double t, const struct icmp* icmpp,
 				int len, int caplen, const u_char*& data)
--- a/src/ICMP.h
+++ b/src/ICMP.h
@ -74,6 +74,22 @@ protected:
 	                      int len, int caplen, const u_char*& data);
 };

+class ICMP_Redir_Analyzer : public ICMP_Analyzer {
+public:
+	ICMP_Redir_Analyzer(Connection* conn);
+
+	static Analyzer* InstantiateAnalyzer(Connection* conn)
+		{ return new ICMP_Redir_Analyzer(conn); }
+
+	static bool Available()	{ return icmp_redirect; }
+
+protected:
+	ICMP_Redir_Analyzer()	{ }
+
+	virtual void NextICMP(double t, const struct icmp* icmpp,
+	                      int len, int caplen, const u_char*& data);
+};
+
 class ICMP_Context_Analyzer : public ICMP_Analyzer {
 public:
 	ICMP_Context_Analyzer(AnalyzerTag::Tag tag, Connection* conn)
--- a/src/Type.cc
+++ b/src/Type.cc
@ -848,8 +848,8 @@ void TypeDecl::DescribeReST(ODesc* d) const
 	}

 CommentedTypeDecl::CommentedTypeDecl(BroType* t, const char* i,
-			attr_list* attrs, std::list<std::string>* cmnt_list)
-	: TypeDecl(t, i, attrs)
+			attr_list* attrs, bool in_record, std::list<std::string>* cmnt_list)
+	: TypeDecl(t, i, attrs, in_record)
 	{
 	comments = cmnt_list;
 	}
@ -1157,6 +1157,7 @@ void RecordType::DescribeFieldsReST(ODesc* d, bool func_args) const
 	for ( int i = 0; i < num_fields; ++i )
 		{
 		if ( i > 0 )
+			{
 			if ( func_args )
 				d->Add(", ");
 			else
@ -1164,6 +1165,7 @@ void RecordType::DescribeFieldsReST(ODesc* d, bool func_args) const
 				d->NL();
 				d->NL();
 				}
+			}

 		FieldDecl(i)->DescribeReST(d);
 		}
--- a/src/Type.h
+++ b/src/Type.h
@ -420,7 +420,7 @@ public:
 class CommentedTypeDecl : public TypeDecl {
 public:
 	CommentedTypeDecl(BroType* t, const char* i, attr_list* attrs = 0,
-			std::list<std::string>* cmnt_list = 0);
+			bool in_record = false, std::list<std::string>* cmnt_list = 0);
 	virtual ~CommentedTypeDecl();

 	void DescribeReST(ODesc* d) const;
--- a/src/event.bif
+++ b/src/event.bif
@ -49,6 +49,7 @@ event icmp_echo_request%(c: connection, icmp: icmp_conn, id: count, seq: count,
 event icmp_echo_reply%(c: connection, icmp: icmp_conn, id: count, seq: count, payload: string%);
 event icmp_unreachable%(c: connection, icmp: icmp_conn, code: count, context: icmp_context%);
 event icmp_time_exceeded%(c: connection, icmp: icmp_conn, code: count, context: icmp_context%);
+event icmp_redirect%(c: connection, icmp: icmp_conn, a: addr%);
 event net_stats_update%(t: time, ns: net_stats%);
 event conn_stats%(c: connection, os: endpoint_stats, rs: endpoint_stats%);
 event conn_weird%(name: string, c: connection%);
--- a/src/parse.y
+++ b/src/parse.y
@ -936,6 +936,7 @@ type_decl:

 			if ( generate_documentation )
 				{
+				// TypeDecl ctor deletes the attr list, so make a copy
 				attr_list* a = $5;
 				attr_list* a_copy = 0;

@ -947,7 +948,7 @@ type_decl:
 					}

 				last_fake_type_decl = new CommentedTypeDecl(
-					$4, $2, a_copy, concat_opt_docs($1, $7));
+					$4, $2, a_copy, (in_record > 0), concat_opt_docs($1, $7));
 				}

 			$$ = new TypeDecl($4, $2, $5, (in_record > 0));
--- a/testing/btest/doc/record-attr-check.bro
+++ b/testing/btest/doc/record-attr-check.bro
@ -0,0 +1,9 @@
+# @TEST-EXEC: bro --doc-scripts %INPUT
+
+type Tag: enum {
+    SOMETHING
+};
+
+type R: record {
+    field1: set[Tag] &default=set();
+};