add basic catch-and-release functionality (without own logging so far).

testing/btest/scripts/base/frameworks/pacf/basic.bro

@@ -1,6 +1,6 @@
 # @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
-# @TEST-EXEC: btest-diff pacf.log
-# @TEST-EXEC: btest-diff .stdout
+# @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff pacf.log
+# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff .stdout
 
 @load base/frameworks/pacf
 

testing/btest/scripts/base/frameworks/pacf/catch-and-release.bro

@@ -0,0 +1,32 @@
+# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
+# @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff pacf.log
+# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff .stdout
+
+@load base/frameworks/pacf
+
+event bro_init()
+	{
+	local pacf_debug = Pacf::create_debug(T);
+	Pacf::activate(pacf_debug, 0);
+	}
+
+module Pacf;
+
+event connection_established(c: connection)
+	{
+	local id = c$id;
+	Pacf::drop_address_catch_release(id$orig_h);
+	# second one should be ignored because duplicate
+	Pacf::drop_address_catch_release(id$orig_h);
+
+	# mean call directly into framework - simulate new connection
+	delete current_blocks[id$orig_h];
+	check_conn(id$orig_h);
+	delete current_blocks[id$orig_h];
+	check_conn(id$orig_h);
+	delete current_blocks[id$orig_h];
+	check_conn(id$orig_h);
+	delete current_blocks[id$orig_h];
+	check_conn(id$orig_h);
+	}
+

testing/btest/scripts/base/frameworks/pacf/multiple.bro

@@ -1,5 +1,5 @@
 # @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
-# @TEST-EXEC: btest-diff pacf.log
+# @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff pacf.log
 
 @load base/frameworks/pacf