Added check for the optional sub-header in ERSPAN Type III as well
as additional truncation checks to the GRE parsing logic in general.
Also added a unit test for ERSPAN Type II.
Disabling this option allows one to read pcaps, but still initiate
Broker peerings and automatically exit when done processing the pcap
file. The default behavior would normally cause Broker::peer() to
prevent shutting the process down even after done reading the pcap.
This fixes some use-after-free issues in the shutdown order of
various systems: I/O, plugin, logging, and reporter systems may
interact during shutdown if there's errors emitted (or maybe just
still pending) during the shutdown.
Fixes GH-188
While expiring a table, DoExpire checks at the end to see if NextEntry
returned nothing to determine if it should sleep for the short
table_expire_delay or the long table_expire_interval.
However, the check to see if the expire_func deleted the entry
re-assigns the same variable. This means that:
If you have a large table that is behind on expiring values
& The table defines an expire_func
& That expire_func deletes the item
& It so happens that the last item checked in the batch of
table_incremental_step size had expired
then DoExpire will reset the cookie and sleep for table_expire_interval
* origin/rtd-test:
Disable RTD pdf format due to exceeded capacity
Add RTD pdf format
Add RTD yaml config file
Remove some Bro usages in main TOC entries
Remove "contents" Sphinx directive usages
Add a `make livehtml` target
Use sourcecode Sphinx directive more widely
Use Sphinx RTD theme for user manual
Replace some code-block Sphinx directives
Remove unused Sphinx extensions
Remove broxygen Sphinx integration
Remove Sphinx btest integrations and tests
Fix a Sphinx deprecation
These are all changes required to build documentation from a static
Sphinx tree (e.g. on Read the Docs)
It looks better by default with the RTD theme, Bro syntax highlighting
is supported well enough, and I think will be more more consistent
with the literalinclude usages, so being able to drop the extra Sphinx
extension seems good.
