Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 02:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
4693 commits 388 branches 195 tags 270 MiB
Commit graph

4693 commits

This branch
This branch
All branches
Author SHA1 Message Date
Robin Sommer
315aa9d2f5 Updating submodule(s). 
[nomail]
 2013-08-22 16:33:11 -07:00
Robin Sommer
399899c49b Pass over the Using Bro section. 
I edited the text little bit, reorganized the structure somewhat and
extended some parts. I've also simplified the tests a bit, using some
of the BTest tweaks commited in parallel.
 2013-08-22 16:04:45 -07:00
Jon Siwek
814d827c44 Use macros to create file analyzer plugin classes. 2013-08-22 17:03:50 -05:00
Jon Siwek
89ae4ffd05 Add options to limit extracted file sizes w/ 100MB default. 2013-08-22 16:37:58 -05:00
Robin Sommer
29ce98a1d8 Updating submodule(s). 
[nomail]
 2013-08-22 10:37:29 -07:00
Robin Sommer
1e9227a9e9 Applying doc updates from BIT-1063. (Anthony Verez) 
notice.rst wasn't up-to-date in this branch, so I first copied it over
from master.
 2013-08-22 08:57:45 -07:00
Robin Sommer
40d849a2c5 Updating CHANGES and VERSION. 2013-08-22 08:47:06 -07:00
Robin Sommer
a18e0f1e15 Merge remote-tracking branch 'origin/topic/jsiwek/misc' 
* origin/topic/jsiwek/misc:
  Unlock mutex in raw input reader error cases - BIT-1060
  Fix a deadlock w/ SQLite.
  Fix a unit test.
  Make mem leak tests able to time out.
  Fix a compiler warning regarding strncat misuse.
  Add a diff canonifier to a test in need of it.
  Input framework unit test adjustments.
  Raw input reader command execution "fixes".
 2013-08-22 08:44:03 -07:00
Seth Hall
b3a5c5f412 Tiny fix to correct a reporter message. 2013-08-21 19:11:34 -04:00
Seth Hall
23027d3b3f Merge remote-tracking branch 'origin/topic/seth/sumstats-updates' 
* origin/topic/seth/sumstats-updates:
  Fixing a problem with resetting sumstats on managers in the wrong location.
  Changing how threshold reseting happens (actually do it on managers!)
  Fix some reporter.log errors by adding a few extra key membership checks.
 2013-08-21 18:58:09 -04:00
Robin Sommer
af6988f2a2 Merge remote-tracking branch 'origin/topic/jsiwek/when-leak' 
BIT-1058 #merged

* origin/topic/jsiwek/when-leak:
  Fix memory leak w/ when statements - BIT-1058
 2013-08-21 13:15:35 -07:00
Jon Siwek
8432f05bdb Fix memory leak w/ when statements - BIT-1058 
Specifically if the condition of a when statement uses an index
expression (e.g. table lookup).
 2013-08-21 14:28:52 -05:00
Seth Hall
2091bbbf6f Fixing a problem with resetting sumstats on managers in the wrong location. 2013-08-21 14:47:05 -04:00
Seth Hall
22b1e78ec1 Changing how threshold reseting happens (actually do it on managers!) 2013-08-21 14:08:14 -04:00
Seth Hall
1430c28ba3 Merge remote-tracking branch 'origin/master' into topic/seth/sumstats-updates 2013-08-21 12:45:50 -04:00
Seth Hall
71d0e8cc2c Merge remote-tracking branch 'origin/topic/vladg/sumstats-tweaks' into topic/seth/sumstats-updates 2013-08-21 12:45:36 -04:00
Vlad Grigorescu
73a5106bd9 Fix some reporter.log errors by adding a few extra key membership checks. 2013-08-21 07:29:22 -04:00
Robin Sommer
57af99064a Breaking lines in using/*. 2013-08-20 15:56:09 -07:00
Robin Sommer
bc819750b9 Updating submodule(s). 
[nomail]
 2013-08-20 13:59:28 -07:00
Robin Sommer
b42249c3d6 Switching to relative submodule paths 2013-08-20 13:59:04 -07:00
Jon Siwek
f3950da009 Unlock mutex in raw input reader error cases - BIT-1060 2013-08-20 09:54:31 -05:00
Jon Siwek
29910e7e7a Merge branch 'master' into topic/jsiwek/misc 2013-08-20 09:22:13 -05:00
Robin Sommer
867e4b52d8 More doc reorg, and a light pass over the first 3 sections. 2013-08-19 22:08:30 -07:00
Robin Sommer
671be75308 Updating submodule(s). 
[nomail]
 2013-08-19 22:07:15 -07:00
Jon Siwek
71704ab002 Merge branch 'master' into topic/jsiwek/misc 2013-08-19 14:40:09 -05:00
Robin Sommer
746c3d5bb6 Changing submodule URLs from bro-ids.org to bro.org. 2013-08-19 12:18:36 -07:00
Jon Siwek
dc370fdd8d Fix a deadlock w/ SQLite. 
sqlite3_shutdown() was called a bit too early, when SQLite-using
threads may still have yet to fully shutdown.
 2013-08-19 14:18:18 -05:00
Robin Sommer
ab8d13889e Merge remote-tracking branch 'origin/topic/matthias/bloom-filter' 
* origin/topic/matthias/bloom-filter:
  Use Bro-style platform-independent integer types.
  Change bloom filter's dependence on size_t.
  Remove debugging code.
  Update baseline with now correct FP tests.
  Add debugging code to find FP inconsistency.

Conflicts:
	src/3rdparty
 2013-08-19 11:26:29 -07:00
Robin Sommer
95f74313d0 Merge branch 'master' of https://github.com/anthonykasza/bro 
* 'master' of https://github.com/anthonykasza/bro:
  levenshtein distance function unit test
  levenshtein distance

Conflicts:
	src/3rdparty
 2013-08-19 11:20:50 -07:00
Robin Sommer
be1f582508 Merge remote-tracking branch 'origin/topic/bernhard/3rdparty' 
Note this is another submodule change, you'll need to init the new
module:

    git submodule update --recursive --init

BIT-1059 #merged

* origin/topic/bernhard/3rdparty:
  add external 3rdparty submodule
  step 1 - delete 3rdparty
 2013-08-19 09:32:47 -07:00
Jon Siwek
ee8111441a Merge branch 'master' into topic/jsiwek/misc 2013-08-19 10:41:10 -05:00
Bernhard Amann
19932175e9 add external 3rdparty submodule 2013-08-16 18:41:25 -07:00
Bernhard Amann
96893f4c16 step 1 - delete 3rdparty 2013-08-16 18:40:45 -07:00
Robin Sommer
97c0d5d461 Updating submodule(s). 
[nomail]
 2013-08-16 15:53:05 -07:00
Matthias Vallentin
516e044e34 Use Bro-style platform-independent integer types. 2013-08-16 13:29:52 -07:00
Matthias Vallentin
f5655bd2fe Merge branch 'topic/jsiwek/bloomfilter-fix' into topic/matthias/bloom-filter 2013-08-16 12:34:50 -07:00
Matthias Vallentin
8660c1ab55 Merge ssh://git.bro.org/bro into topic/matthias/bloom-filter 2013-08-16 21:10:37 +02:00
Jon Siwek
774dadfe9a Change bloom filter's dependence on size_t. 
That type can vary across platforms, but factored in to a bloom
filter's internal state, e.g. size of the seed.
 2013-08-16 12:39:21 -05:00
Jon Siwek
e202500f5f Fix a unit test. 2013-08-15 15:53:00 -05:00
Jon Siwek
57b193593d Make mem leak tests able to time out. 
This is a workaround for what seems to be a deadlock in gperftools
(seen in their 2.0 and 2.1 releases) that happens occasionally.
 2013-08-15 14:27:02 -05:00
Jon Siwek
59cea649c9 Fix a compiler warning regarding strncat misuse. 2013-08-14 15:13:24 -05:00
Jon Siwek
4198414118 Add a diff canonifier to a test in need of it. 2013-08-14 15:10:47 -05:00
Jon Siwek
c18d1100ab Merge branch 'master' into topic/jsiwek/misc 2013-08-14 14:19:54 -05:00
Jon Siwek
85084f2493 Input framework unit test adjustments. 
- Generally increased the time allowed before they timeout.

- For tests w/ a clear termination condition (most of them), made
  timeouts result in a test failure.

- Seemed to be a race in some cases between tests generating output and
  the input reader stream getting removed/closed, so moved stream removal
  closer to termination time, when all output should be available.
 2013-08-14 14:10:04 -05:00
Robin Sommer
f7a31ab004 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Fix timer type enum and timer name array mismatch.
 2013-08-14 10:30:03 -07:00
Robin Sommer
6989de0e51 Merge branch 'topic/robin/unified2-analyzer-merge' 
* topic/robin/unified2-analyzer-merge:
  Fixed a problem where the Unified2 analyzer was attached to every file.
  Fixes in case a packet isn't seen that matches an event.
  Finished work on unified2 analyzer.
  Fixed some tests.
  Working unified2 analyzer.
  Unified2 file analyzer updated to new plugin style.
  Adding the unified2 analyzer.
 2013-08-14 10:29:10 -07:00
Robin Sommer
a646fde884 Merge remote-tracking branch 'origin/topic/seth/unified2-analyzer' into topic/robin/unified2-analyzer-merge 
* origin/topic/seth/unified2-analyzer:
  Fixed a problem where the Unified2 analyzer was attached to every file.
  Fixing intel framework tests.
  Updating submodule(s).
  Add file name support to intel framework.
  Add file support to intel framework and slightly restructure intel http handling.

Conflicts:
	CHANGES
	VERSION
	scripts/base/files/unified2/main.bro
	testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
	testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
 2013-08-14 10:27:26 -07:00
Jon Siwek
d3dad31bdc Raw input reader command execution "fixes". 
- Primarily working around an issue that occurs when threads
  concurrently create pipes and fork a child process.  See comment in
  code...

- Other minor cleanup of the code:  making sure the child process calls
  _exit() versus exit(), limits itself to few select system calls before
  the exec(), and closes more unused file descriptors.
 2013-08-14 11:37:30 -05:00
Jon Siwek
95507d5865 Fix timer type enum and timer name array mismatch. 2013-08-14 10:48:44 -05:00
Seth Hall
f8f465e259 Fixed a problem where the Unified2 analyzer was attached to every file. 2013-08-14 01:01:03 -04:00