Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 01:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
15378 commits 388 branches 195 tags 264 MiB
Commit graph

15378 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tomer Lev
d7734ca783 Return the actual error code instead of a message when compiling to windows 2022-11-09 18:15:34 +02:00
Elad Solomon
032f0587f4 Updated windows dockerfile 2022-11-09 18:15:34 +02:00
Elad Solomon
1b3719cf29 Fix libpcap usage 2022-11-09 18:15:34 +02:00
Elad Solomon
f500c4faf4 Added Compilation flags for vpack 2022-11-09 18:15:34 +02:00
Tomer Lev
62e2f85d2f Manually patched 2 commits from zeek github 
In case transport layer has zero length and we are ignoring checksums, calculate the length ourselvs. This happens due to protocol fragmantation
 2022-11-09 18:15:34 +02:00
Tim Wojtulewicz
216c00d7e9 Use multithreaded runtime library under MSVC 2022-11-09 18:15:34 +02:00
PIE Easy Start
b712f00b7e Adding CI files 2022-11-09 18:15:34 +02:00
Tim Wojtulewicz
d352ace4d2 Add conanfile for windows builds 2022-11-09 18:15:34 +02:00
Tomer Lev
d2f625c115 Replaced weakly_canonical with lexically_normal in normalize_path func. 
Replaced weakly_canonical with lexically_normal in normalize_path func. Normalizing the path now does not access the filesystem.
 2022-11-09 18:15:34 +02:00
Elad Solomon
3f349b8a37 Optimize initial memory consumption 2022-11-09 18:15:34 +02:00
Omer Horovitz
eb08b696bf adding StubSyslog 
adding StubSyslog ifdef USE_STUB_SYSLOG
 2022-11-09 18:15:34 +02:00
Elad Solomon
c3b9756576 Zeek Statistics 
- Added statistics hook
- Fixed rlimit usage
- Removed POpen for windows implementation layer
- Completed statistics plugin
 2022-11-09 18:15:33 +02:00
Guy Magen
fbf5b68d6f Fixed ftp bug 
Fixed ftp bug
 2022-11-09 18:15:33 +02:00
Elad Solomon
7b37194a48 Zeek Conan Package 2022-11-09 18:15:33 +02:00
Elad Solomon
f0dac4405e Forced creation of symlink in case it gets corrupted by git 2022-11-09 18:15:33 +02:00
Elad Solomon
235ec2565f Updated build script to keep build output 2022-11-09 18:15:33 +02:00
Elad Solomon
fde3a6b73f Added kqueue as conan package 2022-11-09 18:15:33 +02:00
Tomer Lev
0dbfd9b04e Building supervisor for window 2022-11-09 18:15:33 +02:00
Elad Solomon
3a80b79497 Compile Zeek with MSVC 
Allow Zeek to be embedded in another project
 2022-11-09 18:15:30 +02:00
Tim Wojtulewicz
2bd4af7477 Add libunistd submodule, needed by future MSVC work 2022-11-09 18:13:40 +02:00
Tim Wojtulewicz
ec43a9360d Merge remote-tracking branch 'origin/topic/timw/static-kqueue-warning' 
* origin/topic/timw/static-kqueue-warning:
  Update cmake submodule to remove STATIC_KQUEUE variable
 2022-11-09 08:51:25 -07:00
zeek-bot
09a3da5e0b Update doc submodule [nomail] [skip ci] 2022-11-09 01:02:28 +00:00
Tim Wojtulewicz
b9a4afe9bf Update zeek-testing-private commit hash 2022-11-08 16:53:58 -07:00
Arne Welzel
8b04868de3 {http,smtp}/entities: Align header regexes with extract_filename_from_content_disposition() 2022-11-08 16:45:25 -07:00
Arne Welzel
6ef9423f3c analyzer/HTTP: Call TCP_ApplicationAnalyzer::Done() after RequestMade()/ReplyMade() 2022-11-08 16:44:42 -07:00
Arne Welzel
fa956efa79 file_analysis/Analyzer: Limit maximum number of violations 
Just the same as for protocol analyzers, prevent from violation event overload.
 2022-11-08 16:44:39 -07:00
Arne Welzel
e688bfcf73 test: Add btest verifying max_analyzer_violations functionality 
The pcap has been generated roughly based on the example found on wikipedia
with some added garbled response after the STAT command from the client.
 2022-11-08 16:44:34 -07:00
Arne Welzel
c58cdf407a analyzer: Cap analyzer violations at 1000 per analyzer instance 2022-11-08 16:44:30 -07:00
Tim Wojtulewicz
557ffe7bbc Report an error if a key is too big for a DictEntry 2022-11-08 16:44:29 -07:00
Tim Wojtulewicz
d19478f49f Use larger size variable for DictEntry key_size to avoid overflows with big keys 2022-11-08 16:44:29 -07:00
Arne Welzel
c132d140ae ftp: Limit pending commands to FTP::max_pending_commands (default 20) 2022-11-08 16:44:17 -07:00
Arne Welzel
d2689379bc Update baselines after AnalyzePacket changes 
Mainly, for bad headers we do not (can not) put addresses into
the log anymore. Some were rather obviously bogus previously
already.
 2022-11-08 16:44:15 -07:00
Arne Welzel
70c74e9d71 protocol/ip: Only attach IP_Hdr to Packet if valid 
Ensure packet->ip_hdr is not set (so no one can assume it's valid)
when AnalyzePacket() found something weird with the header.
 2022-11-08 16:44:04 -07:00
Vern Paxson
ee0a6f6835 Script optimization maintenance and updates: 
maintenance fixes for variadic run-time checks, '_' placeholder identifier
  "-O allow-cond" permits compiling scripts to C++ when influenced by @if conditionals
  more robust standalone compile-to-C++ properties
  fix for nested "when" statements
  test suite updates
 2022-11-08 11:56:32 -08:00
Robin Sommer
0ef709ae7c
Add some missing bits when flipping endpoints. 
Couple places missed flipping state.
 2022-11-08 13:25:20 +01:00
Josh Soref
6f30f8df7c spelling: successful 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:05:24 -05:00
Josh Soref
90f1da4fe7 spelling: deterministic 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:05:24 -05:00
Josh Soref
34966a93ef spelling: canonicalize 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:05:24 -05:00
Josh Soref
b79dfafefb spelling: algorithm 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:05:24 -05:00
Josh Soref
8995db4cd3 spelling: variation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
711576c10f spelling: value 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
c22d4f5d8c spelling: session 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
4782193393 spelling: repetitions 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
683ef60823 spelling: params 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
e3d60ea268 spelling: further 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
015f27e345 spelling: confirm 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
075360773a spelling: channel 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
38d6cdeb89 spelling: announcement 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
zeek-bot
be5a30df7d Update doc submodule [nomail] [skip ci] 2022-11-08 00:44:27 +00:00
Robin Sommer
62a52be314
Bump documentation. 2022-11-07 11:48:35 +01:00