Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 08:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
10798 commits 385 branches 195 tags 258 MiB
Commit graph

10798 commits

This branch
This branch
All branches
Author SHA1 Message Date
Robin Sommer
de58e54397 Updating submodule(s). 2011-07-19 17:40:13 -07:00
Robin Sommer
1b7bf29896 Updating submodule(s). 2011-07-19 17:40:12 -07:00
Jon Siwek
ad7654745f Fix istate.events tests. 
The receiver now registers for signature_match event so that
the http.log comes out the same as the sender's side.
 2011-07-19 17:40:12 -07:00
Robin Sommer
2afb3ea1a1 Updating submodule(s). 2011-07-19 17:40:12 -07:00
Robin Sommer
38bc560358 Fixing 0-chunk bug in remote logging. 2011-07-19 17:40:07 -07:00
Robin Sommer
b2a3723a1d Fixing tests that need a diff canonifier. 2011-07-19 17:39:46 -07:00
Jon Siwek
a73ef6f0e1 Changes to IRC analyzer and events (addresses #469). 
- Removed irc_client and irc_server events.
- Added is_orig arguments to all other irc events.
- Fix analyzer not recognizing Turbo DCC extension message format.
- Fix analyzer not generating irc_dcc_message event when irc_privmsg_message
  event doesn't have a handler registered.
- Changes to IRC policy scripts to use the above changes.
 2011-07-19 17:06:01 -05:00
Seth Hall
cdca251f47 $PATH is now appropriately set by the bro-path-dev.(sh|csh) scripts. 2011-07-19 16:28:05 -04:00
Seth Hall
9f264548f4 Reorganizing the packet filter framework a little bit. 
- netstats.bro is no longer loaded by default with the packet-filter framework.
 2011-07-19 16:26:32 -04:00
Seth Hall
93daf88856 Packet drops aren't calculated when reading from traces now. 2011-07-19 15:37:42 -04:00
Jon Siwek
77ceb105df Fix utils/conn-ids test due to renamed conn-ids.bro 2011-07-19 11:17:52 -05:00
Jon Siwek
1a88548310 Merge branch 'master' into topic/jsiwek/unit-tests 2011-07-19 11:16:59 -05:00
Seth Hall
2eb12fef61 More conn-id file renaming fixes. 2011-07-19 12:12:16 -04:00
Jon Siwek
ba3316c0ff Merge branch 'master' into topic/jsiwek/unit-tests 2011-07-19 11:02:57 -05:00
Seth Hall
7ad0af666d Renamed utils/conn_ids.bro to utils/conn-ids.bro for consistency. 2011-07-19 12:00:27 -04:00
Jon Siwek
1b1905fcea Moving the test for site.bro to live w/ other utils/ tests. 2011-07-19 10:38:52 -05:00
Jon Siwek
613b7a1405 Fix test due to moving of site.bro 2011-07-19 10:34:51 -05:00
Jon Siwek
caf798def0 Merge branch 'master' into topic/jsiwek/unit-tests 2011-07-19 10:29:56 -05:00
Jon Siwek
27ba228fa1 More policy/utils unit tests and documentation. 2011-07-19 10:28:26 -05:00
Seth Hall
cee3991822 Script updates. 
- Fixing more vestiges from moving site.bro and removing functions.bro

- Updates comments on analysis-groups.bro

- Added the trim-trace-file script from broctl.
 2011-07-19 10:41:54 -04:00
Jon Siwek
c5e98a8116 Updating documentation for some utils/ policy scripts 2011-07-18 20:14:06 -05:00
Jon Siwek
9b27a98e93 Add unit tests for utils/paths.bro with some changes 
- rename extract_directory() to extract_path() (later seemed clearer)
  and made it work with more than just path string in FTP response msgs
- rename build_full_path() and absolute_path()
- compress_path() should now work with relative paths also
 2011-07-18 20:05:16 -05:00
Seth Hall
731caf3f02 Spelling fix. 2011-07-18 14:31:09 -04:00
Seth Hall
7bf3e94628 Added a policy/site directory with a local.bro start up script. 2011-07-18 14:30:38 -04:00
Seth Hall
2ee000d93e Reverting back to using terminate_communication. 2011-07-18 09:58:41 -04:00
Jon Siwek
4437ee59f7 Adding unit tests for utils. 
Also fixing id_matches_direction() function to check both connection
endpoints when determining direction respectful of local network.
 2011-07-15 16:42:09 -05:00
Jon Siwek
33ce65f691 Fixing tests that need a diff canonifier. 2011-07-15 10:39:04 -05:00
Seth Hall
2b83f94961 Using terminate_communication results in crashes sometimes. 2011-07-15 02:13:13 -04:00
Seth Hall
9576c85dab One more small vestige of the cluster config option. 2011-07-15 01:51:55 -04:00
Seth Hall
e6d63b20b3 Removed the cluster option from the configure script. 2011-07-15 01:46:56 -04:00
Seth Hall
2317bf61f3 Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-07-15 01:11:55 -04:00
Seth Hall
5245e6596c More cluster framework fixes for BroControl. 2011-07-15 01:11:37 -04:00
Jon Siwek
9d468493f2 Renaming a test better. 2011-07-14 22:06:16 -05:00
Jon Siwek
d97003892b Reimplementation of the @prefixes statement. 
Any added prefixes are now used *after* all input files have been
parsed to look for a prefixed, flattened version of the input file
somewhere in BROPATH and, if found, load it.

For example, if "lcl" is in @prefixes, and site.bro is loaded, then
a file named "lcl.site.bro" that's in BROPATH would end up being
automatically loaded as well.  Packages work similarly, e.g. loading
"protocols/http" means a file named "lcl.protocols.http.bro" in BROPATH
gets loaded automatically.
 2011-07-14 21:32:02 -05:00
Jon Siwek
e39a49833f Fix accidental overwrite of BROPATH copy. 2011-07-14 18:17:30 -05:00
Seth Hall
3c7f7d571c Fixed the reporter framework to use the newly renamed reporter_info event. 2011-07-14 15:41:38 -04:00
Robin Sommer
5c2ffab892 Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-07-14 11:08:38 -07:00
Jon Siwek
e5e3bf28ec Make @load statements recognize relative paths. 
For example a script can do "@load ./foo" to load a script named
foo.bro that lives in the same directory or "@load ../bar" to load
a script named bar.bro in the parent directory, even if those
directories are not contained in BROPATH.
 2011-07-14 11:35:23 -05:00
Seth Hall
2045f1e366 Updating a baseline to make a test succeed. 2011-07-14 08:49:33 -04:00
Jon Siwek
f71010a013 Adding test for utils/addrs.bro. 
Also fixed the TODO about making check for valid IPv6 string formats
more robust.
 2011-07-13 20:25:57 -05:00
Jon Siwek
0dfd5b867e Add unit test for site.bro. 
Small fix in site.bro's find_all_emails() to get rid of errors
about accessing non-existent table indices.
 2011-07-13 18:35:43 -05:00
Seth Hall
d9f0612546 Lots of cleanup, tests, and the new Control framework. 
- Control framework is for runtime control of Bro instances.
  It was extracted from BroControl and made more generic.

- Tests for cluster frameworks and control framework.

- Small fix for btest.cfg

- Fixed a bug in the cluster framework that was causing things to break.
 2011-07-13 17:09:20 -04:00
Robin Sommer
250db65043 Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-07-12 18:21:08 -07:00
Seth Hall
427855a40d Fixing the name of a test so that it actually runs. 2011-07-12 16:19:47 -04:00
Seth Hall
b5ca7ceb59 Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-07-12 14:12:44 -04:00
Seth Hall
0332a06012 Fixed most of the tests after the script reorganization. 2011-07-12 14:12:25 -04:00
Robin Sommer
0034eeb99a Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Add git ignore for public trace testing repo path.

(Moved the gitignore entry into the testing/external directory.)
 2011-07-12 09:21:33 -07:00
Robin Sommer
f83650f14a Fixing reporter's weird flow method. 2011-07-11 22:18:22 -07:00
Jon Siwek
46ce75fa78 Add git ignore for public trace testing repo path. 
To help prevent it from being accidentally added.
 2011-07-11 12:44:48 -05:00
Robin Sommer
5113b100d9 Making valgrind a bit more happy, and adding code that may or may not 
help with #490 and #491.
 2011-07-10 15:07:37 -07:00