Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 02:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Make Flow a separate, more flexible type in PACF.

Browse source 
This allows the use of wildcards, etc. in rules and removes the need
for a few entity types that were separate so far.
This commit is contained in:
Johanna Amann 2015-05-12 13:37:16 -07:00
parent a51ee45e05
commit ed65fdb6ba
6 changed files with 101 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

6
testing/btest/Baseline/scripts.base.frameworks.pacf.openflow/pacf.log
View file

@ -3,10 +3,10 @@
#empty_field (empty)
#unset_field -
#path pacf
#open 2015-04-14-22-20-31
#open 2015-05-12-20-36-53
#fields ts category cmd state action target entity_type entity msg location plugin
#types time enum string enum string enum string string string string string
0.000000 Pacf::MESSAGE - - - - - - activated plugin with priority 0 - Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 Pacf::RULE ADD Pacf::REQUESTED Pacf::DROP Pacf::MONITOR Pacf::FLOW 10.10.1.4/1470->74.53.140.153/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 Pacf::RULE ADD Pacf::REQUESTED Pacf::DROP Pacf::MONITOR Pacf::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 Pacf::RULE ADD Pacf::REQUESTED Pacf::DROP Pacf::FORWARD Pacf::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
#close 2015-04-14-22-20-31
#close 2015-05-12-20-36-53