mirror of
https://github.com/zeek/zeek.git
synced 2025-10-12 03:28:19 +00:00
Add script wrapper functions for broker BIFs
Also renamed the "print" function to "send_print" and the "event" function to "send_event" because Bro shows a syntax error when a Bro script function is named "event" or "print".
This commit is contained in:
Daniel Thayer
parent
e9a87566ef
commit
f44bb4d9b8
17 changed files with 747 additions and 407 deletions
|
|
@ -3,7 +3,7 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path loaded_scripts
|
||||
#open 2016-04-22-23-21-01
|
||||
#open 2016-04-26-21-21-19
|
||||
#fields name
|
||||
#types string
|
||||
scripts/base/init-bare.bro
|
||||
|
|
@ -17,7 +17,10 @@ scripts/base/init-bare.bro
|
|||
build/scripts/base/bif/event.bif.bro
|
||||
scripts/base/frameworks/broker/__load__.bro
|
||||
scripts/base/frameworks/broker/main.bro
|
||||
build/scripts/base/bif/comm.bif.bro
|
||||
build/scripts/base/bif/messaging.bif.bro
|
||||
scripts/base/frameworks/broker/store.bro
|
||||
build/scripts/base/bif/store.bif.bro
|
||||
scripts/base/frameworks/logging/__load__.bro
|
||||
scripts/base/frameworks/logging/main.bro
|
||||
build/scripts/base/bif/logging.bif.bro
|
||||
|
|
@ -51,10 +54,7 @@ scripts/base/init-bare.bro
|
|||
build/scripts/base/bif/bloom-filter.bif.bro
|
||||
build/scripts/base/bif/cardinality-counter.bif.bro
|
||||
build/scripts/base/bif/top-k.bif.bro
|
||||
build/scripts/base/bif/comm.bif.bro
|
||||
build/scripts/base/bif/data.bif.bro
|
||||
build/scripts/base/bif/messaging.bif.bro
|
||||
build/scripts/base/bif/store.bif.bro
|
||||
build/scripts/base/bif/plugins/__load__.bro
|
||||
build/scripts/base/bif/plugins/Bro_ARP.events.bif.bro
|
||||
build/scripts/base/bif/plugins/Bro_AYIYA.events.bif.bro
|
||||
|
|
@ -131,4 +131,4 @@ scripts/base/init-bare.bro
|
|||
build/scripts/base/bif/plugins/Bro_SQLiteWriter.sqlite.bif.bro
|
||||
scripts/policy/misc/loaded-scripts.bro
|
||||
scripts/base/utils/paths.bro
|
||||
#close 2016-04-22-23-21-01
|
||||
#close 2016-04-26-21-21-19
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path loaded_scripts
|
||||
#open 2016-04-22-23-21-18
|
||||
#open 2016-04-26-21-21-31
|
||||
#fields name
|
||||
#types string
|
||||
scripts/base/init-bare.bro
|
||||
|
|
@ -17,7 +17,10 @@ scripts/base/init-bare.bro
|
|||
build/scripts/base/bif/event.bif.bro
|
||||
scripts/base/frameworks/broker/__load__.bro
|
||||
scripts/base/frameworks/broker/main.bro
|
||||
build/scripts/base/bif/comm.bif.bro
|
||||
build/scripts/base/bif/messaging.bif.bro
|
||||
scripts/base/frameworks/broker/store.bro
|
||||
build/scripts/base/bif/store.bif.bro
|
||||
scripts/base/frameworks/logging/__load__.bro
|
||||
scripts/base/frameworks/logging/main.bro
|
||||
build/scripts/base/bif/logging.bif.bro
|
||||
|
|
@ -51,10 +54,7 @@ scripts/base/init-bare.bro
|
|||
build/scripts/base/bif/bloom-filter.bif.bro
|
||||
build/scripts/base/bif/cardinality-counter.bif.bro
|
||||
build/scripts/base/bif/top-k.bif.bro
|
||||
build/scripts/base/bif/comm.bif.bro
|
||||
build/scripts/base/bif/data.bif.bro
|
||||
build/scripts/base/bif/messaging.bif.bro
|
||||
build/scripts/base/bif/store.bif.bro
|
||||
build/scripts/base/bif/plugins/__load__.bro
|
||||
build/scripts/base/bif/plugins/Bro_ARP.events.bif.bro
|
||||
build/scripts/base/bif/plugins/Bro_AYIYA.events.bif.bro
|
||||
|
|
@ -302,4 +302,4 @@ scripts/base/init-default.bro
|
|||
scripts/base/misc/find-checksum-offloading.bro
|
||||
scripts/base/misc/find-filtered-trace.bro
|
||||
scripts/policy/misc/loaded-scripts.bro
|
||||
#close 2016-04-22-23-21-18
|
||||
#close 2016-04-26-21-21-31
|
||||
|
|
|
|||
|
|
@ -230,7 +230,7 @@
|
|||
0.000000 MetaHookPost CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1461367323.154279, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_default_filter, <frame>, (Communication::LOG)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_default_filter, <frame>, (Conn::LOG)) -> <no result>
|
||||
|
|
@ -351,7 +351,7 @@
|
|||
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1461367323.154279, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(NetControl::check_plugins, <frame>, ()) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(NetControl::init, <null>, ()) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Notice::want_pp, <frame>, ()) -> <no result>
|
||||
|
|
@ -566,6 +566,7 @@
|
|||
0.000000 MetaHookPost LoadFile(base<...>/bro.bif) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/broker) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/cluster) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/comm.bif) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/communication) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/conn) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/conn-ids) -> -1
|
||||
|
|
@ -596,6 +597,7 @@
|
|||
0.000000 MetaHookPost LoadFile(base<...>/logging) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/logging.bif) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/main) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/messaging.bif) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/modbus) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/mysql) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/netcontrol) -> -1
|
||||
|
|
@ -623,6 +625,7 @@
|
|||
0.000000 MetaHookPost LoadFile(base<...>/software) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/ssh) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/ssl) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/store.bif) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/strings) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/strings.bif) -> -1
|
||||
0.000000 MetaHookPost LoadFile(base<...>/sumstats) -> -1
|
||||
|
|
@ -870,7 +873,7 @@
|
|||
0.000000 MetaHookPre CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
|
||||
0.000000 MetaHookPre CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
|
||||
0.000000 MetaHookPre CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
|
||||
0.000000 MetaHookPre CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1461367323.154279, node=bro, filter=ip or not ip, init=T, success=T]))
|
||||
0.000000 MetaHookPre CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T]))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_default_filter, <frame>, (Communication::LOG))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_default_filter, <frame>, (Conn::LOG))
|
||||
|
|
@ -991,7 +994,7 @@
|
|||
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
|
||||
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
|
||||
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
|
||||
0.000000 MetaHookPre CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1461367323.154279, node=bro, filter=ip or not ip, init=T, success=T]))
|
||||
0.000000 MetaHookPre CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T]))
|
||||
0.000000 MetaHookPre CallFunction(NetControl::check_plugins, <frame>, ())
|
||||
0.000000 MetaHookPre CallFunction(NetControl::init, <null>, ())
|
||||
0.000000 MetaHookPre CallFunction(Notice::want_pp, <frame>, ())
|
||||
|
|
@ -1206,6 +1209,7 @@
|
|||
0.000000 MetaHookPre LoadFile(base<...>/bro.bif)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/broker)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/cluster)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/comm.bif)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/communication)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/conn)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/conn-ids)
|
||||
|
|
@ -1236,6 +1240,7 @@
|
|||
0.000000 MetaHookPre LoadFile(base<...>/logging)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/logging.bif)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/main)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/messaging.bif)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/modbus)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/mysql)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/netcontrol)
|
||||
|
|
@ -1263,6 +1268,7 @@
|
|||
0.000000 MetaHookPre LoadFile(base<...>/software)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/ssh)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/ssl)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/store.bif)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/strings)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/strings.bif)
|
||||
0.000000 MetaHookPre LoadFile(base<...>/sumstats)
|
||||
|
|
@ -1509,7 +1515,7 @@
|
|||
0.000000 | HookCallFunction Log::__create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
|
||||
0.000000 | HookCallFunction Log::__create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
|
||||
0.000000 | HookCallFunction Log::__create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
|
||||
0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1461367323.154279, node=bro, filter=ip or not ip, init=T, success=T])
|
||||
0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T])
|
||||
0.000000 | HookCallFunction Log::add_default_filter(Cluster::LOG)
|
||||
0.000000 | HookCallFunction Log::add_default_filter(Communication::LOG)
|
||||
0.000000 | HookCallFunction Log::add_default_filter(Conn::LOG)
|
||||
|
|
@ -1630,7 +1636,7 @@
|
|||
0.000000 | HookCallFunction Log::create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
|
||||
0.000000 | HookCallFunction Log::create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
|
||||
0.000000 | HookCallFunction Log::create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
|
||||
0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1461367323.154279, node=bro, filter=ip or not ip, init=T, success=T])
|
||||
0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T])
|
||||
0.000000 | HookCallFunction NetControl::check_plugins()
|
||||
0.000000 | HookCallFunction NetControl::init()
|
||||
0.000000 | HookCallFunction Notice::want_pp()
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ event event_handler(msg: string, n: count)
|
|||
|
||||
event auto_event_handler(msg, n);
|
||||
local args = Broker::event_args(event_handler, "pong", n);
|
||||
Broker::event("bro/event/my_topic", args);
|
||||
Broker::send_event("bro/event/my_topic", args);
|
||||
}
|
||||
|
||||
@TEST-END-FILE
|
||||
|
|
@ -68,7 +68,7 @@ event Broker::outgoing_connection_established(peer_address: string,
|
|||
{
|
||||
print "Broker::outgoing_connection_established", peer_address, peer_port;
|
||||
local args = Broker::event_args(event_handler, "ping", event_count);
|
||||
Broker::event("bro/event/hi", args);
|
||||
Broker::send_event("bro/event/hi", args);
|
||||
++event_count;
|
||||
}
|
||||
|
||||
|
|
@ -82,7 +82,7 @@ event event_handler(msg: string, n: count)
|
|||
{
|
||||
print "got event msg", msg, n;
|
||||
local args = Broker::event_args(event_handler, "ping", event_count);
|
||||
Broker::event("bro/event/hi", args);
|
||||
Broker::send_event("bro/event/hi", args);
|
||||
++event_count;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ event Broker::print_handler(msg: string)
|
|||
return;
|
||||
}
|
||||
|
||||
Broker::print("bro/print/my_topic", fmt("pong %d", messages_sent));
|
||||
Broker::send_print("bro/print/my_topic", fmt("pong %d", messages_sent));
|
||||
++messages_sent;
|
||||
}
|
||||
|
||||
|
|
@ -62,7 +62,7 @@ event Broker::outgoing_connection_established(peer_address: string,
|
|||
peer_name: string)
|
||||
{
|
||||
print "Broker::outgoing_connection_established", peer_address, peer_port;
|
||||
Broker::print("bro/print/hi", fmt("ping %d", messages_sent));
|
||||
Broker::send_print("bro/print/hi", fmt("ping %d", messages_sent));
|
||||
++messages_sent;
|
||||
}
|
||||
|
||||
|
|
@ -76,7 +76,7 @@ event Broker::print_handler(msg: string)
|
|||
{
|
||||
++messages_recv;
|
||||
print "got print msg", msg;
|
||||
Broker::print("bro/print/hi", fmt("ping %d", messages_sent));
|
||||
Broker::send_print("bro/print/hi", fmt("ping %d", messages_sent));
|
||||
++messages_sent;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -105,14 +105,14 @@ event NetControl::acld_add_rule(id: count, r: NetControl::Rule, ar: NetControl::
|
|||
{
|
||||
print "add_rule", id, r$entity, r$ty, ar;
|
||||
|
||||
Broker::event("bro/event/netcontroltest", Broker::event_args(NetControl::acld_rule_added, id, r, ar$command));
|
||||
Broker::send_event("bro/event/netcontroltest", Broker::event_args(NetControl::acld_rule_added, id, r, ar$command));
|
||||
}
|
||||
|
||||
event NetControl::acld_remove_rule(id: count, r: NetControl::Rule, ar: NetControl::AclRule)
|
||||
{
|
||||
print "remove_rule", id, r$entity, r$ty, ar;
|
||||
|
||||
Broker::event("bro/event/netcontroltest", Broker::event_args(NetControl::acld_rule_removed, id, r, ar$command));
|
||||
Broker::send_event("bro/event/netcontroltest", Broker::event_args(NetControl::acld_rule_removed, id, r, ar$command));
|
||||
|
||||
if ( r$cid == 4 )
|
||||
terminate();
|
||||
|
|
|
|||
|
|
@ -98,14 +98,14 @@ event NetControl::acld_add_rule(id: count, r: NetControl::Rule, ar: NetControl::
|
|||
{
|
||||
print "add_rule", id, r$entity, r$ty, ar;
|
||||
|
||||
Broker::event("bro/event/netcontroltest", Broker::event_args(NetControl::acld_rule_added, id, r, ar$command));
|
||||
Broker::send_event("bro/event/netcontroltest", Broker::event_args(NetControl::acld_rule_added, id, r, ar$command));
|
||||
}
|
||||
|
||||
event NetControl::acld_remove_rule(id: count, r: NetControl::Rule, ar: NetControl::AclRule)
|
||||
{
|
||||
print "remove_rule", id, r$entity, r$ty, ar;
|
||||
|
||||
Broker::event("bro/event/netcontroltest", Broker::event_args(NetControl::acld_rule_removed, id, r, ar$command));
|
||||
Broker::send_event("bro/event/netcontroltest", Broker::event_args(NetControl::acld_rule_removed, id, r, ar$command));
|
||||
|
||||
if ( r$cid == 4 )
|
||||
terminate();
|
||||
|
|
|
|||
|
|
@ -89,15 +89,15 @@ event NetControl::broker_add_rule(id: count, r: NetControl::Rule)
|
|||
{
|
||||
print "add_rule", id, r$entity, r$ty;
|
||||
|
||||
Broker::event("bro/event/netcontroltest", Broker::event_args(NetControl::broker_rule_added, id, r, ""));
|
||||
Broker::send_event("bro/event/netcontroltest", Broker::event_args(NetControl::broker_rule_added, id, r, ""));
|
||||
}
|
||||
|
||||
event NetControl::broker_remove_rule(id: count, r: NetControl::Rule)
|
||||
{
|
||||
print "remove_rule", id, r$entity, r$ty;
|
||||
|
||||
Broker::event("bro/event/netcontroltest", Broker::event_args(NetControl::broker_rule_timeout, id, r, NetControl::FlowInfo()));
|
||||
Broker::event("bro/event/netcontroltest", Broker::event_args(NetControl::broker_rule_removed, id, r, ""));
|
||||
Broker::send_event("bro/event/netcontroltest", Broker::event_args(NetControl::broker_rule_timeout, id, r, NetControl::FlowInfo()));
|
||||
Broker::send_event("bro/event/netcontroltest", Broker::event_args(NetControl::broker_rule_removed, id, r, ""));
|
||||
|
||||
if ( r$cid == 3 )
|
||||
terminate();
|
||||
|
|
|
|||
|
|
@ -104,8 +104,8 @@ function got_message()
|
|||
event OpenFlow::broker_flow_mod(name: string, dpid: count, match: OpenFlow::ofp_match, flow_mod: OpenFlow::ofp_flow_mod)
|
||||
{
|
||||
print "got flow_mod", dpid, match, flow_mod;
|
||||
Broker::event("bro/event/openflow", Broker::event_args(OpenFlow::flow_mod_success, name, match, flow_mod, ""));
|
||||
Broker::event("bro/event/openflow", Broker::event_args(OpenFlow::flow_mod_failure, name, match, flow_mod, ""));
|
||||
Broker::send_event("bro/event/openflow", Broker::event_args(OpenFlow::flow_mod_success, name, match, flow_mod, ""));
|
||||
Broker::send_event("bro/event/openflow", Broker::event_args(OpenFlow::flow_mod_failure, name, match, flow_mod, ""));
|
||||
got_message();
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue