Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 21:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
3767 commits 387 branches 198 tags 286 MiB
Commit graph

3767 commits

This branch
This branch
All branches
Author SHA1 Message Date
Matthias Vallentin
2fc5ca53ff Make hashers serializable. 
There exists still a small bug that I could not find; the unit test
istate/opaque.bro fails. If someone sees why, please chime in.
 2013-07-25 17:35:35 +02:00
Matthias Vallentin
e482897f88 Add docs and use default value for hasher names. 2013-07-25 15:16:53 +02:00
Matthias Vallentin
5769c32f1e Support emptiness check on Bloom filters. 2013-07-24 13:18:19 +02:00
Matthias Vallentin
5736aef440 Refactor Bloom filter merging. 2013-07-24 13:05:38 +02:00
Matthias Vallentin
5383e8f75b Add bloomfilter_clear() BiF. 2013-07-24 11:21:10 +02:00
Robin Sommer
c89f61917b Updating NEWS. 2013-07-23 20:10:49 -07:00
Robin Sommer
474107fe40 Broifying the code. 
Also extending API documentation a bit more and fixing a memory leak.
 2013-07-23 20:10:32 -07:00
Robin Sommer
21685d2529 Merge remote-tracking branch 'origin/topic/matthias/bloom-filter' 
I'm moving the new files into a subdirectory probabilistic, and into a
corresponding namespace. We can later put code for the other
probabilistic data structures there as well.

* origin/topic/matthias/bloom-filter: (45 commits)
  Implement and test Bloom filter merging.
  Make hash functions equality comparable.
  Make counter vectors mergeable.
  Use half adder for bitwise addition and subtraction.
  Fix and test counting Bloom filter.
  Implement missing CounterVector functions.
  Tweak hasher interface.
  Add missing include for GCC.
  Fixing for unserializion error.
  Small fixes and style tweaks.
  Only serialize Bloom filter type if available.
  Create hash policies through factory.
  Remove lingering debug code.
  Factor implementation and change interface.
  Expose Bro's linear congruence PRNG as utility function.
  H3 does not check for zero length input.
  Support seeding for hashers.
  Add utility function to access first random seed.
  Update H3 documentation (and minor style nits.)
  Make H3 seed configurable.
  ...
 2013-07-23 16:40:56 -07:00
Matthias Vallentin
69a7dd03bc Merge remote-tracking branch 'origin/master' into topic/matthias/bloom-filter 2013-07-22 22:26:15 +02:00
Seth Hall
7d9f31fcfd Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Fixed a scriptland state issue that manifested especially badly on proxies.
 2013-07-22 14:26:10 -04:00
Seth Hall
5c3bf14d16 Fixed a scriptland state issue that manifested especially badly on proxies. 2013-07-22 14:02:56 -04:00
Matthias Vallentin
a39f980cd4 Implement and test Bloom filter merging. 2013-07-22 18:11:12 +02:00
Matthias Vallentin
eb64f5f961 Make hash functions equality comparable. 2013-07-22 18:03:55 +02:00
Matthias Vallentin
9c2f57a9d9 Make counter vectors mergeable. 2013-07-22 16:36:54 +02:00
Matthias Vallentin
a3c61fe7eb Use half adder for bitwise addition and subtraction. 2013-07-22 15:55:51 +02:00
Matthias Vallentin
7a0240694e Fix and test counting Bloom filter. 2013-07-22 14:09:32 +02:00
Matthias Vallentin
79a2e4b5d5 Implement missing CounterVector functions. 2013-07-21 22:41:48 +02:00
Matthias Vallentin
fd2e155d1a Tweak hasher interface. 2013-07-21 17:59:03 +02:00
Robin Sommer
d349520745 Another test fix. 
The classic "uniq -c" is not portable ...
 2013-07-18 21:34:02 -07:00
Robin Sommer
006e370ee0 Canonyfying the output of core.print-bpf-filters. 
I couldn't figure out why it's not stable but it doesn't seem to
matter for now unless more such situations show up.
 2013-07-18 19:58:19 -07:00
Robin Sommer
720e146fcc Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Fixing a dns reporter message in master.
 2013-07-18 12:30:43 -07:00
Seth Hall
1e32100fed Fixing a dns reporter message in master. 2013-07-18 09:24:22 -04:00
Robin Sommer
c373f93c4f Updating submodule(s). 
[nomail]
 2013-07-17 21:57:25 -07:00
Robin Sommer
efd343af8d Extending external canonifier to remove fractional values from 
capture_loss.log.
 2013-07-17 21:57:17 -07:00
Robin Sommer
d8801bb9c4 Canonifying internal order for plugins and their components to make it 
deterministic.
 2013-07-17 21:57:13 -07:00
Robin Sommer
57b05a2989 Small raw reader tweaks that I forgot to commit earlier. 2013-07-17 17:30:35 -07:00
Robin Sommer
18201afcf8 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Small raw reader fixes * crash when accessing nonexistant file. * memory leak when reading from file.
 2013-07-15 18:19:08 -07:00
Bernhard Amann
7427ce511b Small raw reader fixes 
* crash when accessing nonexistant file.
* memory leak when reading from file.

Addresses #1038.
 2013-07-15 13:50:40 -07:00
Robin Sommer
58290d6fc0 Updating NEWS. 2013-07-14 08:42:35 -07:00
Robin Sommer
50357ec47a Merge remote-tracking branch 'origin/topic/bernhard/sqlite-update' 
* origin/topic/bernhard/sqlite-update:
  yep, freebsd still needs this fix
  bump sqlite to 3.7.17.

Closes #1037.
 2013-07-14 08:04:19 -07:00
Bernhard Amann
e01678d132 yep, freebsd still needs this fix 2013-07-12 21:09:13 +02:00
Robin Sommer
06287966a1 Bringing the DPD POP3 signature back. 
This also avoids the need for updating the external test suite.
 2013-07-10 14:19:00 -07:00
Robin Sommer
cb09bd6358 Merge remote-tracking branch 'origin/topic/seth/bittorrent-fix-and-dpd-sig-breakout' 
Closes #1035.

* origin/topic/seth/bittorrent-fix-and-dpd-sig-breakout:
  Small test fixes.
  Added a missing curly brace in smtp/dpd.sig
  Fix a bug where the same analyzer tag was reused for two different analyzers.
  Moved DPD signatures into script specific directories.
 2013-07-10 11:37:57 -07:00
Robin Sommer
7d8a135ca4 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  const adjustment
 2013-07-10 10:55:45 -07:00
Jon Siwek
0394493fac const adjustment 
And fixes compiler warning about overloaded virtual function hiding.
 2013-07-10 11:55:40 -05:00
Matthias Vallentin
446344ae99 Add missing include for GCC. 2013-07-10 01:32:59 -07:00
Matthias Vallentin
21a07ced82 Merge branch 'topic/matthias/bloom-filter' of ssh://git.bro.org/bro into topic/matthias/bloom-filter 2013-07-10 01:29:06 -07:00
Robin Sommer
40201a180e Fixing for unserializion error. 
Because BloomFilter is a base class, with other classes derived from
it, it needs special treatment.
 2013-07-09 21:00:53 -07:00
Seth Hall
8322bbfd62 Small test fixes. 2013-07-09 23:28:09 -04:00
Seth Hall
60da0f4764 Added a missing curly brace in smtp/dpd.sig 2013-07-09 22:57:36 -04:00
Seth Hall
4dda9cd3ba Fix a bug where the same analyzer tag was reused for two different analyzers. 2013-07-09 22:45:21 -04:00
Seth Hall
39444b5af7 Moved DPD signatures into script specific directories. 
- This caused us to lose signatures for POP3 and Bittorrent.  These will
   need discovered in the repository again when we add scripts
   for those analyzers.
 2013-07-09 22:44:55 -04:00
Robin Sommer
841604bebe Updating submodule(s). 
[nomail]
 2013-07-08 20:46:52 -07:00
Robin Sommer
7fe7684d4a Updating submodule(s). 
[nomail]
 2013-07-08 13:28:07 -07:00
Robin Sommer
2ea1f483db Bringing back test for enable_auto_protocol_capture_filters (formerly 
all_packets).
 2013-07-08 13:06:03 -07:00
Robin Sommer
b62927e9de Merge remote-tracking branch 'origin/topic/seth/packet-filter-updates' 
Closes #1030.

* origin/topic/seth/packet-filter-updates:
  Missed a test fix.
  Updating test baselines.
  Updates for the PacketFilter framework to simplify it.
  Last test update for PacketFilter framework.
  Several final fixes for PacketFilter framework.
  Packet filter framework checkpoint.
  Checkpoint on the packet filter framework.
  Initial rework of packet filter framework.
 2013-07-07 21:09:28 -07:00
Seth Hall
1e5906af08 Missed a test fix. 2013-07-05 01:52:37 -04:00
Seth Hall
af87126521 Updating test baselines. 2013-07-05 01:27:59 -04:00
Seth Hall
4149724f59 Updates for the PacketFilter framework to simplify it. 2013-07-05 01:12:22 -04:00
Seth Hall
5f8ee93ef0 Merge remote-tracking branch 'origin/master' into topic/seth/analyzer-framework 
Conflicts:
	scripts/base/init-default.bro
	scripts/base/protocols/dns/main.bro
	scripts/base/protocols/ftp/main.bro
	scripts/base/protocols/http/main.bro
	scripts/base/protocols/irc/main.bro
	scripts/base/protocols/smtp/main.bro
	scripts/base/protocols/ssh/main.bro
	scripts/base/protocols/ssl/main.bro
	scripts/base/protocols/syslog/main.bro
	src/main.cc
	testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
 2013-07-04 23:07:52 -04:00