Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'origin/topic/christian/mmdb-configurability'

Browse source 
* origin/topic/christian/mmdb-configurability:
  Modernize various C++/Zeek-isms in the MMDB code.
  Fix MMDB code to re-open explicitly opened DBs correctly
  Add btest to verify behavior of re-opened MMDBs opened directly via BIFs
  Simplify MMDB code by moving more lookup functionality into MMDB class
  Move MMDB logic out of mmdb.bif and into MMDB.cc/h.
  Fix mmdb.temporary-error testcase when MMDBs are installed on system
  Adapt MMDB BiF code to new script-layer variables
  Update btest baselines to reflect introduction of mmdb.bif
  Move MaxMind/GeoIP BiF functionality into separate file
  Provide script-level configurability of MaxMind DB placement on disk
  Sort toplevel .bif list in CMakeLists
This commit is contained in:
Arne Welzel 2024-01-12 09:27:58 +01:00
commit ffffd88bef
17 changed files with 695 additions and 536 deletions
Download patch file Download diff file Expand all files Collapse all files

20
scripts/base/init-bare.zeek
View file

@ -1107,6 +1107,25 @@ type geo_autonomous_system: record {
## The directory containing MaxMind DB (.mmdb) files to use for GeoIP support.
const mmdb_dir: string = "" &redef;
## Default name of the MaxMind City database file:
const mmdb_city_db: string = "GeoLite2-City.mmdb" &redef;
## Default name of the MaxMind Country database file:
const mmdb_country_db: string = "GeoLite2-Country.mmdb" &redef;
## Default name of the MaxMind ASN database file:
const mmdb_asn_db: string = "GeoLite2-ASN.mmdb" &redef;
## Fallback locations for MaxMind databases. Zeek attempts these when
## :zeek:see:`mmdb_dir` is not set, or it cannot read a DB file from it. For
## geolocation lookups, Zeek will first attempt to locate the city database in
## each of the fallback locations, and should this fail, attempt to locate the
## country one.
const mmdb_dir_fallbacks: vector of string = vector(
"/usr/share/GeoIP",
"/var/lib/GeoIP",
"/usr/local/share/GeoIP",
"/usr/local/var/GeoIP",
) &redef;
## Sets the interval for MaxMind DB file staleness checks. When Zeek detects a
## change in inode or modification time, the database is re-opened. Setting
## a negative interval disables staleness checks.
@ -2094,6 +2113,7 @@ type gtp_delete_pdp_ctx_response_elements: record {
@load base/bif/supervisor.bif
@load base/bif/packet_analysis.bif
@load base/bif/CPP-load.bif
@load base/bif/mmdb.bif
## Internal function.
function add_interface(iold: string, inew: string): string