Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
17835 commits 387 branches 195 tags 255 MiB
Commit graph

17835 commits

This branch
This branch
All branches
Author SHA1 Message Date
Johanna Amann
ae62209e78 Merge remote-tracking branch 'origin/topic/johanna/coc_contributing' 
* origin/topic/johanna/coc_contributing:
  Add code of conduct and contributing to repo.
 2025-03-06 17:24:32 +00:00
Tim Wojtulewicz
479c4be08b Set ip_proto when creating new tunnel encapsulations 2025-03-06 09:25:03 -07:00
Johanna Amann
6fcd02b3a4 Merge remote-tracking branch 'origin/topic/johanna/gh-4251-discussion' 
* origin/topic/johanna/gh-4251-discussion:
  Add two protocol mismatch testcases
  Remove violating t panalyzer from services field again
 2025-03-06 13:12:51 +00:00
Johanna Amann
c161b8dffe Add code of conduct and contributing to repo. 2025-03-06 13:11:17 +00:00
zeek-bot
901903f230 Update doc submodule [nomail] [skip ci] 2025-03-06 00:14:42 +00:00
Arne Welzel
86fd9c4e0d Merge remote-tracking branch 'origin/topic/awelzel/4216-no-more-parse-time-dns-resolutions' 
* origin/topic/awelzel/4216-no-more-parse-time-dns-resolutions:
  ZAM: bif-tracking updates for blocking_lookup_hostname()
  scan.l: Deprecate DNS resolutions of hostname literals
  input/zeek-setup: Track parse_only globally
  zeek.bif: Introduce blocking_lookup_hostname()
  btest/dns_mgr: Update run-dnsmasq, use --host-record
 2025-03-05 19:24:28 +01:00
Arne Welzel
3b7bbb2651 ZAM: bif-tracking updates for blocking_lookup_hostname() 2025-03-05 19:23:08 +01:00
Arne Welzel
715c309b03 scan.l: Deprecate DNS resolutions of hostname literals 
This also skips DNS lookups when running with zeek --parse-only.

Closes #4216 #4219
 2025-03-05 19:23:08 +01:00
Arne Welzel
e14f54b474 input/zeek-setup: Track parse_only globally 
For easier access in scan.l
 2025-03-05 19:23:08 +01:00
Arne Welzel
376913b509 zeek.bif: Introduce blocking_lookup_hostname() 
As a replacement for host literal DNS resolutions.
 2025-03-05 19:22:57 +01:00
Arne Welzel
7eec3859fa btest/dns_mgr: Update run-dnsmasq, use --host-record 
Using dnsmasq --address covers an entire domain, so dns.example.com
AAAA queries would also return IPv6 addresses for example.com

Instead, this was always meant to use host entries.
 2025-03-05 12:39:15 +01:00
zeek-bot
3595f50f16 Update doc submodule [nomail] [skip ci] 2025-03-05 00:17:11 +00:00
Christian Kreibich
c2a7da0044 Update zeekctl submodule to pull in testsuite fix for metrics port 2025-03-04 12:53:17 -08:00
Tim Wojtulewicz
8f0236448b Merge remote-tracking branch 'origin/topic/timw/reformat-cpp-code-in-bison-and-flex-files' 
* origin/topic/timw/reformat-cpp-code-in-bison-and-flex-files:
  Reformat embedded C++ code in bison/flex files
 2025-03-04 09:34:06 -07:00
Tim Wojtulewicz
61cd5779f2 Reformat embedded C++ code in bison/flex files 2025-03-04 09:33:30 -07:00
Tim Wojtulewicz
a2a30f2a2b Merge remote-tracking branch 'origin/topic/timw/iptunnel-coverity-findings' 
* origin/topic/timw/iptunnel-coverity-findings:
  Fix Coverity findings from recent IPTunnel dumping changes
 2025-03-04 08:53:04 -07:00
Johanna Amann
2daf692c95 Add two protocol mismatch testcases 
These traces contain different protocols being used by originator/responder.

Traces from GH-4251
 2025-03-04 15:38:20 +00:00
Johanna Amann
b8c135d7cb Remove violating analyzer from services field again 
This reverts some of the recent DPD changes; specifically violations
trigger removal from the services field, again, by default.

Discussion in GH-4521
 2025-03-04 15:10:49 +00:00
Johanna Amann
dfa011a3ee Merge remote-tracking branch 'origin/topic/johanna/gh-4237' 
* origin/topic/johanna/gh-4237:
  RDP: cookie is optional
 2025-03-04 13:41:18 +00:00
Johanna Amann
72ea7fc06c RDP: cookie is optional 
Fixes GH-4237
 2025-03-04 13:38:01 +00:00
Arne Welzel
5cb25fd2e8 testing/external: Fix commit-hash.zeek-testing-private 
update-changes mishap :-(
 2025-03-04 14:36:02 +01:00
Arne Welzel
548a12813a Merge branch 'master' of https://github.com/markoverholser/zeek 
* 'master' of https://github.com/markoverholser/zeek:
  Update zeek.bif documentation for to_count and to_int
 2025-03-04 12:07:22 +01:00
Arne Welzel
3bec357ace Merge remote-tracking branch 'origin/topic/timw/bifs-tocount-zam-baseline' 
* origin/topic/timw/bifs-tocount-zam-baseline:
  CI: Add release-build ZAM task for baseline checks during PRs
  Fix language/assert btest baselines for to_count/to_int changes
  Update the bifs.to_count baseline for ZAM
 2025-03-04 12:06:24 +01:00
Arne Welzel
a3a08fa0f3 Merge remote-tracking branch 'origin/topic/awelzel/2311-load-plugin-bare-mode' 
* origin/topic/awelzel/2311-load-plugin-bare-mode:
  scan.l: Fix @load-plugin scripts loading
  scan.l: Extract switch_to() from load_files()
  ScannedFile: Allow skipping canonicalization
 2025-03-04 09:43:53 +01:00
Arne Welzel
ab99f8e233 scan.l: Fix @load-plugin scripts loading 
For a plugin loaded via @load-plugin, create a YY_BUFFER_STATE holding
the required loads for the implicitly loaded files. In loaded scripts,
this generated file will show up with a path of the shared object file
of the plugin with the __preload__.zeek and __load__.zeek files loaded
by it.

Closes #2311
 2025-03-04 09:35:00 +01:00
Benjamin Bannier
60bd08ca1a Merge remote-tracking branch 'origin/topic/bbannier/bump-pre-commit-hooks' [skip CI] 2025-03-04 09:13:11 +01:00
Benjamin Bannier
5d44073b94 Bump pre-commit hooks 2025-03-04 08:14:26 +01:00
Tim Wojtulewicz
19d22ad53b Fix Coverity findings from recent IPTunnel dumping changes 2025-03-03 19:14:29 -07:00
Tim Wojtulewicz
a86a9e2cc0 CI: Add release-build ZAM task for baseline checks during PRs 2025-03-03 15:51:29 -07:00
Tim Wojtulewicz
daaf3142bf Merge remote-tracking branch 'origin/topic/bbannier/cmake-format-zeek-add-analyzer' 
* origin/topic/bbannier/cmake-format-zeek-add-analyzer:
  Always break lines when formatting `spicy_add_analyzer`
  Fix formatting of `zeek_add_plugin`
 2025-03-03 10:47:14 -07:00
Benjamin Bannier
e768cee88c Always break lines when formatting spicy_add_analyzer 2025-03-03 11:24:20 +01:00
Benjamin Bannier
7c456538b4 Fix formatting of zeek_add_plugin 2025-03-03 11:23:09 +01:00
Tim Wojtulewicz
6de81160b6 Fix language/assert btest baselines for to_count/to_int changes 2025-02-28 20:21:57 -07:00
Tim Wojtulewicz
eb015801bd Update the bifs.to_count baseline for ZAM 2025-02-28 20:21:57 -07:00
zeek-bot
d3d7c54686 Update doc submodule [nomail] [skip ci] 2025-03-01 00:13:44 +00:00
Arne Welzel
d079a2b9a8 scan.l: Extract switch_to() from load_files() 2025-02-28 17:56:17 +01:00
Arne Welzel
2a8040039a ScannedFile: Allow skipping canonicalization 2025-02-28 17:55:36 +01:00
zeek-bot
31b5f763cf Update doc submodule [nomail] [skip ci] 2025-02-27 00:13:27 +00:00
zeek-bot
2e4da3223a Update doc submodule [nomail] [skip ci] 2025-02-26 00:13:08 +00:00
Mark Overholser
3acbb55513 Update zeek.bif documentation for to_count and to_int 2025-02-25 15:18:12 -06:00
Tim Wojtulewicz
3c16b0720a Merge remote-tracking branch 'origin/topic/timw/few-btest-jobs-for-zam-ci-tasks' 
* origin/topic/timw/few-btest-jobs-for-zam-ci-tasks:
  CI: Use the right variable for the number of test jobs for zeekctl_debian11_task tasks
  CI: Use fewer btest jobs for ZAM tasks
 2025-02-25 07:30:00 -07:00
zeek-bot
6f2e91aec3 Update doc submodule [nomail] [skip ci] 2025-02-25 00:13:44 +00:00
Tim Wojtulewicz
66e3232dcc Merge remote-tracking branch 'markoverholser/master' 
* markoverholser/master:
  Fix incorrect syntax for static_cast in to_count that I introduced in a previous merge
  Update baselines after changes to to_count and to_int
  fix to_count in zeek.bif to resolve conflict from bbanier's adjustment to static casting of the return from strtoull
  Fix tests in to_count to reflect appropriate function; add tests for 0x-formatted hex values for to_count and to_int
  update BIFs to_int() and to_count() to accept optional 'base' argument; allows more more exotic conversions from hex, octal, binary
  Fixes #4076; update BIFs to_int() and to_count() to accept optional 'base' argument for more easy conversions of strings representing (for example) hexadecimal, octal, or binary numbers
 2025-02-24 11:38:11 -07:00
Tim Wojtulewicz
3dd1d37f9d CI: Use the right variable for the number of test jobs for zeekctl_debian11_task tasks 2025-02-24 11:18:13 -07:00
Tim Wojtulewicz
b5b0c5c996 CI: Use fewer btest jobs for ZAM tasks 
The ZAM tasks are being killed due to OOM issues on Cirrus while
running btests. Use fewer jobs try to avoid that.
 2025-02-24 11:17:10 -07:00
Mark Overholser
165e753439 Fix incorrect syntax for static_cast in to_count that I introduced in a previous merge 2025-02-24 11:02:13 -06:00
Arne Welzel
58babca824 geneve/functions.bif: Fix :zeek:see directive, take two 2025-02-24 15:06:58 +01:00
Arne Welzel
8da219c61a geneve/functions.bif: Fix :zeek:see directive 2025-02-24 15:05:06 +01:00
Mark Overholser
362f083351 Update baselines after changes to to_count and to_int 2025-02-23 16:34:20 -06:00
Mark Overholser
eeaeaaeb16 fix to_count in zeek.bif to resolve conflict from bbanier's adjustment to static casting of the return from strtoull 2025-02-23 16:23:31 -06:00