Any added prefixes are now used *after* all input files have been
parsed to look for a prefixed, flattened version of the input file
somewhere in BROPATH and, if found, load it.
For example, if "lcl" is in @prefixes, and site.bro is loaded, then
a file named "lcl.site.bro" that's in BROPATH would end up being
automatically loaded as well. Packages work similarly, e.g. loading
"protocols/http" means a file named "lcl.protocols.http.bro" in BROPATH
gets loaded automatically.
For example a script can do "@load ./foo" to load a script named
foo.bro that lives in the same directory or "@load ../bar" to load
a script named bar.bro in the parent directory, even if those
directories are not contained in BROPATH.
- Control framework is for runtime control of Bro instances.
It was extracted from BroControl and made more generic.
- Tests for cluster frameworks and control framework.
- Small fix for btest.cfg
- Fixed a bug in the cluster framework that was causing things to break.
- Scripts now use the full path for @load to remove the subpaths
from the shipped BROPATH.
- Some script sets have been reorganized to make optional loads
more obvious.
Also removing the -l command-line option as that can now be done at
the script-level.
A couple tests fail now that use -l. Leaving that until we have
script-level replacement.
- It's ok to always load the framework. If you don't
specifiy the CLUSTER_NODE environment variable it doesn't
ultimately do anything.
- The $CLUSTER_NODE variable causes the framework to try and
load a script named cluster-layout.bro which must be located
somewhere in your $BROPATH. The value of the $CLUSTER_NODE
variable is a count that indicates a node in the Cluster::nodes
variable that is set in the cluster-layout.bro script.
- The Cluster::nodes variable is a flat configuration because
it's assumed that it would be automatically generated by a
utility such as BroControl. This will facilitate the tiered or
"deep" clustering that is coming.
It had some conceptual problems because notices aren't
always logged and in some cases are fairly infrequently
logged which resulted in a lot of notice tags being
attached to connections where the notice didn't show
up in a log file. Also, the rule of thumb here is that
frameworks should never load protocols. It's just bad
practice and probably indicates incorrect design somewhere.
The link between the conn log and the notice log should
now be made with the connections unique ID which is logged
in both logs and is more reliable.
- The Makefiles now run btest with "-f diag.log" so that diangnostics
output will always be written into that file.
- Makefiles now hardcode path to btest to avoid picking up the wrong version
if in PATH.
- The canonifier scripts now live in testing/scripts, and they are
used from both btest/ and external/.
- There's a new diff-remove-uids scripts that removed connection UIDs
for diffing. The external/* tests now use that by default.
- Timestamp removal now has its own script: diff-remove-timestamps.
diff-canonifier calls that.
- All Makefile have a "brief" target that runs btest with -b.
- The higher-level directories have Makefile to call the subdirs.
