* origin/topic/seth/dns-srv-fix:
No longer accidentally attempting to parse NBSTAT RRs as SRV RRs.
Fix DNS SRV responses and a small issue with NBNS queries and label length.
BIT-1147 #merged
* origin/topic/bernhard/ssl-failure:
only call disable_analyzer if the connection is still open.
update test baselines
At the moment, SSL connections where the ssl_established event does not fire are not logged.
* topic/robin/http-connect:
HTTP fix for output handlers.
Expanding the HTTP methods used in the signature to detect HTTP traffic.
Updating submodule(s).
Fixing removal of support analyzers, plus some tweaking and cleanup of CONNECT code.
HTTP CONNECT proxy support.
BIT-1132 #merged
* origin/topic/vladg/socks_fix:
Fix misidentification of SOCKS traffic. Traffic that had a certain bytestring would get incorrectly identified as SOCKS. This seemed to happen a lot with DCE/RPC traffic.
Tweaked the error message and added SetSkip() to the "reserved" case
as well.
BIT-1130 #merged
* origin/topic/jsiwek/dns-improvements:
Rewrite DNS state tracking which matches queries and replies.
Change dns.log to include only standard DNS queries.
Improve DNS analysis.
* origin/topic/jdopheid/bro/edits_to_installation_and_getting_started:
Added some grammar and spelling corrections to Installation and Quick Start Guide.
Minor grammar edits to Installation and Quick Start pages
BIT-1123 #merged
* origin/topic/jsiwek/http-file-id-caching:
Revert use of HTTP file ID caching for gaps range request content.
Extend file analysis API to allow file ID caching, adapt HTTP to use it.
BIT-1125 #merged
When an anonymoys function was defined inside an initialization
context, that context transfered over to the function body and could
lead to spurious error messages.
* origin/topic/jsiwek/review-rafael-bro-manual-changes:
Add unit tests for new Bro Manual docs.
Reformat line width of some docs (i.e. `fmt -72`).
Pass over doc xref links and linking style.
New Bro Manual Development Edition and basic.css to fix btest output overflow problem (Update 1).
BIT-1118 #merged
* origin/topic/jazoff/notice_file_info:
Include file information in notices
BIT-1113 #merged
I'm wondering if there's a way to test creating these emails ... ?
* origin/topic/jsiwek/libmagic-integration:
Don't use LOG_* options to ExternalProject_Add if not supported.
Integrate libmagic 5.16 via CMake ExternalProject.
BIT-1116 #merged
* origin/fastpath:
Improve GeoIP City database support.
Broxygen init fixes, addresses BIT-1110.
Fix for packet writing to make it use the global snaplength.
Fix for traffic with TCP segmentation offloading with IP header len field being set to zero.
Changes:
- Changing semantics of the new_event() meta event: it's raised
only for events that have a handler defined. There are too many
checks in Bro that prevent events wo/ handler from being even
prepared to raise to do that differently.
- Adding test case.
* topic/robin/event-dumper:
New script misc/dump-events.bro, along with core support, that dumps events Bro is raising in an easily readable form.
Prettyfing Describe() for record types.
