Conflicts:
doc/scripts/DocSourcesList.cmake
scripts/base/init-bare.bro
src/ConnCompressor.cc
src/Sessions.cc
Just trying to bring topic/gregor/tunnel up to date in this new branch.
Compiles, but untested.
- The 'icmp_conn' record now contains an 'hlim' field since hop limit
in the IP header is an interesting field for at least these ND
messages.
- Changed 'icmp_router_advertisement' event parameters.
'router_lifetime' is now an interval. Fix 'reachable_time' and
'retrans_timer' using wrong internal Val type for intervals.
Made more of the known router advertisement flags available through
boolean parameters.
- Changed 'icmp_neighbor_advertisement' event parameters to add
more of the known boolean flags.
* origin/topic/icmp6:
Fixes for IPv6 truncation and ICMP/ICMP6 analysis.
Change ICMPv6 checksum calculation to use IP_Hdr wrapper.
Update IPv6 atomic fragment unit test to filter output of ICMPv6.
Add more data to icmp events
More code cleanup
Add more icmpv6 events, and general code cleanup
Fix compile failure after merge from master
Significant edit pass over ICMPv6 code.
Porting Matti's branch to git.
Closes#808.
This should it make easier for other people to understand what is going on without having knowledge of an "internal api * means * in external api" mapping.
- Add more guards against trying to analyze captured packets with a
truncated IPv6 static header or extension header chain.
- Add back in the ICMP payload tracking for ICMP "connections".
- Fix 'icmp_context' record construction. Some field assignments
were mismatched for ICMP and ICMP6. Source and destination
addresses were set incorrectly for context packets that don't
contain a full IP header. Some fields for ICMP6 weren't filled out.
- Changed ICMP Time Exceeded packets to raise the 'icmp_time_exceeded'
event instead of 'icmp_error_message'.
- Add unit tests for truncation and the main types of ICMP/ICMP6
that have specific events.
- Documentation clarifications.
So that src/dst addresses used in pseudo-header are correct when
there's certain extension headers (routing/destination).
Add ICMP/ICMPv6 checksum unit tests.
* origin/topic/jsiwek/mobile-ipv6:
Add support for mobile IPv6 Mobility Header (RFC 6275).
Refactor IP_Hdr routing header handling, add MobileIPv6 Home Address handling.
Revert TCP checksumming to cache common data, like it did before.
Revert "Improve handling of IPv6 Routing Type 0 headers."
Improve handling of IPv6 routing type 0 extension headers.
- The option to use integers insteads of double was ignored.
- Renaming script-level options to remove the ds_ prefix.
- Log rotation didn't work.
- A set of simple unit tests.
- Accessible at script-layer through 'mobile_ipv6_message' event.
- All Mobile IPv6 analysis now enabled through --enable-mobile-ipv6
configure-time option, otherwise the mobility header, routing type 2,
and Home Address Destination option are ignored.
Value assigned in bro_init() to a table with &create_expire
weren't expiring when reading traffic from an interface. It worked
when reading a pcap file, but I added a test case to show it still
working.
The variable was never "used" in the case google perftools was not
found, so CMake warned about it being unused since it was manually
specified as a cache variable in the configure script. There might
be a better way to organize that, but this is a quick/easy hack.
