* origin/topic/timw/windows-ci-unit-testing:
Modify Windows test cmd file to actually run tests
Add template file and cmake call for zeek-path setup on Windows
* origin/topic/neverlord/gh-2806:
test/builtin-plugins: Add plugin using ZEEK_VERSION_NUMBER
Revert putting plugins into a fresh scope for now
Propagate zeek-version.h skip via CMake properties
* origin/topic/awelzel/zeekctl-multiple-loggers:
NEWS: Add entry for ZeekControl and multi-loggers
Bump zeekctl to multi-logger version
logging: Support rotation_postprocessor_command_env
* origin/topic/timw/2324-llc-snap-and-novell-oh-my:
Update docs and NEWS to include LLC, SNAP, and Novell packet analyzers
Fix length checks in VLAN/Ethernet analyzers for non-ethertype protocols
Add forwarding from VLAN analyzer into LLC, SNAP, and Novell 802.3 analyzers
Remove non-standard way of forwarding out of the Ethernet analyzer
Add basic LLC, SNAP, and Novell 802.3 packet analyzers
ARP: add support for IEEE802 hardware type
* topic/timw/2167-aruba-expansion:
Add NEWS entry about 802.11 and ARUBA changes
Remove workaround for tunnels from IEEE 802.11 analyzer
PPP in the GRE analyzer is actually PP*T*P
Add support for 802.11 A-MSDU aggregates
Fix IEEE 802.11 analyzer to properly forward tunneled packets
Fix IEEE 802.11 analyzer to skip packets with the Protected bit enabled
Expand support for Aruba protocol types in GRE analyzer
Default tunnel_type in iosource::Packet to NONE
This also fixes the GRE analyzer to forward into the IEEE 802.11 analyzer
if it encounters Aruba packets with the proper protocol types. This way
the QoS header can be handled correctly.
* origin/topic/christian/sync-ignore_checksums-from-cli:
Given the -C flag, set script-layer ignore_checksums to true.
Add btest for "-C" flag vs the script-layer ignore_checksums global.
* Mask VLAN ID from tp_vlan_tci field to fix vlan > 4095 reported by Zeek
when PCP and/or DEI bits are set.
* Descriptive error message when interface is down. Instead of
"Invalid argument", Zeek now reports "interface is down".
* Performance improvements for the Redis Log::log_stream_policy example
around PortVal wrapping and caching field offsets for property lookups.
* Debug output is now channeled through PLUGIN_DBG_LOG() and available via
zeek -B plugin-Zeek-JavaScript instead of unconditionally on stderr.
* Reduced CMake output when Node.js isn't found
* 'topic/amazingpp/irc-fuid-missing' of github.com:AmazingPP/zeek:
Add irc_dcc_send_ack event and fix missing fields
I've moved IRC_Data back into the zeek::analyzer::file namespace, but
we did move the declaration from protocol/file/File.h to protocol/irc/IRC.h.
But, if someone actually customized IRC_Data and didn't include protocol/irc/IRC.h
for other reasons, I'll be surprised (and also just suggest to update the include).
Add a define for `ZEEK_CONFIG_SKIP_VERSION_H` to static plugins as well
as to dynamic plugins that we build alongside Zeek. When including
`zeek-config.h` with this macro defined, the header skips including
`zeek-version.h`.
* origin/topic/awelzel/add-community-id:
testing/external: Bump hashes for community_id addition
NEWS: Add entry for Community ID
policy: Import zeek-community-id scripts into protocols/conn frameworks/notice
Add community_id_v1() based on corelight/zeek-community-id
