Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 18:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
6202 commits 387 branches 195 tags 267 MiB
Commit graph

6202 commits

This branch
This branch
All branches
Author SHA1 Message Date
Robin Sommer
de3932bc42 A bit more cleanup for the new overlap detection. 2015-07-03 09:05:44 -07:00
Robin Sommer
5d30be2083 A set of tests exercising IP defragmentation and TCP reassembly. 2015-07-03 08:40:22 -07:00
Robin Sommer
c1f060be63 Merge branch 'topic/yunzheng/bit-1314' 
I've worked on this a bit more:

    - Added tcp_max_old_segments to init-bare.bro.
    - Removed the existing call to Overlap() as that now led to
      duplicate events.
    - Fixed the code checking for overlaps, as it didn't catch all the
      cases.

BIT-1314 #merged
GitHub #31 merged

* topic/yunzheng/bit-1314:
  BIT-1314: Added QI test for rexmit_inconsistency
  BIT-1314: Add detection for Quantum Insert attacks
 2015-07-03 08:40:12 -07:00
Robin Sommer
46fc3db8cc Merge remote-tracking branch 'origin/topic/jsiwek/mime-multipart-boundary-leniency' 
* origin/topic/jsiwek/mime-multipart-boundary-leniency:
  Allow '<' and '>' in MIME multipart boundaries.

BIT-1400 #merged
 2015-06-28 12:31:47 -07:00
Robin Sommer
264a824fcc Merge remote-tracking branch 'origin/topic/seth/deflate-missing-headers-fix' 
I've changed the dynamic allocation of the unzipbuf back to stack
allocation, hope I'm not not missing the reason for doing that ...

* origin/topic/seth/deflate-missing-headers-fix:
  Fixes an issue with missing zlib headers on deflated HTTP content.

BIT-1399 #merged
 2015-06-28 12:23:36 -07:00
Robin Sommer
0ac506fd1a Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Correct the name used in the header identifier
 2015-06-25 07:12:08 -07:00
Justin Azoff
5c060f302e Correct the name used in the header identifier 2015-06-24 12:26:54 -04:00
Robin Sommer
408c0d8ac3 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Restore the --load-seeds cmd-line option
 2015-06-24 07:51:08 -07:00
Daniel Thayer
368c1463ab Restore the --load-seeds cmd-line option 
Also enabled the short options -G/-H for --load-seeds/--save-seeds.
 2015-06-23 13:16:31 -05:00
Robin Sommer
b98708bf14 Removing dead code for no longer supported -G switch. 2015-06-19 16:27:08 -07:00
Robin Sommer
ffa254acd0 Merge remote-tracking branch 'origin/topic/seth/modbus_dpd_fix' 
* origin/topic/seth/modbus_dpd_fix:
  Call ProtocolConfirmed on modbus
 2015-06-19 14:08:13 -07:00
Robin Sommer
d54667803b Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Put cmd-line options in alphabetical order
 2015-06-19 09:13:59 -07:00
Seth Hall
7d105935b1 Call ProtocolConfirmed on modbus 
After a PDU is successfully parsed from both sides of a
modbus connection we're now declaring the protocol confirmed.

A small extension to the modbus/events test was added to verify
that "modbus" was identified in the service field in conn.log.
 2015-06-19 07:00:38 -04:00
Daniel Thayer
6c812bd5d6 Put cmd-line options in alphabetical order 
Sorted cmd-line options in alphabetical order to make it easier to
add or remove options (or even to just check if they're listed
correctly in the source code).
 2015-06-18 12:39:46 -05:00
Jon Siwek
668f3e38ad Updating submodule(s). 
[nomail]
 2015-06-11 12:15:33 -05:00
Johanna Amann
af1a663410 Update submodule 
[nomail]
 2015-06-09 07:31:28 -07:00
Robin Sommer
94c3e32cfa Fixing tiny thing in NEWS. 2015-06-09 07:01:06 -07:00
Johanna Amann
8402ec3b1c Updating submodule(s) and tagging release. 2015-06-08 13:28:17 -07:00
Robin Sommer
582da62d04 Fix reporter errors with GridFTP traffic. 2015-06-08 09:42:06 -07:00
Robin Sommer
659de2b357 Updating submodule(s). 
[nomail]
 2015-06-07 20:59:24 -07:00
Robin Sommer
795a3b8ad8 PE Analyzer: Change how we calculate the rva_table size. 2015-06-06 08:21:27 -07:00
Jon Siwek
7de83e0cf0 Fix a unit test to check for Broker requirement. 2015-06-05 09:10:50 -05:00
Robin Sommer
74c83058e6 Test for Broker termination. 2015-06-04 14:48:58 -07:00
Robin Sommer
476a5dbc34 Merge remote-tracking branch 'origin/topic/jsiwek/bit-1408' 
BIT-1408 #merged

* origin/topic/jsiwek/bit-1408:
  BIT-1408: improve I/O loop and Broker IOSource.
 2015-06-04 14:46:30 -07:00
Robin Sommer
45ccf3abda Updating submodule(s). 
[nomail]
 2015-06-03 09:03:27 -07:00
Jon Siwek
58ea1ff458 BIT-1408: improve I/O loop and Broker IOSource. 2015-06-03 08:25:49 -05:00
Jeff Barber
49ece39cb6 One more tinker to Packet -- ensure no uninitialized values 2015-06-02 16:37:23 -04:00
Jeff Barber
97ab422e17 Packet::IP()-created IP_Hdr should not free 2015-06-02 16:37:16 -04:00
Robin Sommer
a6618eb964 Merge branch 'master' of git.bro.org:bro 2015-06-02 10:37:31 -07:00
Seth Hall
217ccf6063 Add signature support for F4M files. 2015-06-02 12:48:53 -04:00
Robin Sommer
26d10d88d2 Merge remote-tracking branch 'origin/topic/dnthayer/doc-improvements-2.4' 
Lots of good stuff! Thanks for catchign the plugin doc inconsistencies!

* origin/topic/dnthayer/doc-improvements-2.4:
  Add missing documentation on the "Bro Package Index" page
  More improvements to the Logging Framework doc
  Fix documentation typo
  Update the "Log Files" documentation
  Add links in the logging framework doc
  Add a link to the bro-plugins documentation
  Update bro man page
  Update script language reference documentation
  Fix typos in the "writing bro plugins" doc
  Fix a "make doc" warning
  Improve logging framework doc
  Add link to broctl doc from the quickstart doc
  Update install documentation and fix some typos
  Minor improvements to logging framework documentation
  Correct a minor typo in the docs
 2015-06-02 09:44:51 -07:00
Robin Sommer
6791c9a81d Merge remote-tracking branch 'origin/topic/vladg/bit-1410' 
BIT-1410 #merged

* origin/topic/vladg/bit-1410:
  Add memleak btest for attachments over SMTP.
  BIT-1410: Add btest
  BIT-1410: Update baselines
  BIT-1410: Propagate is_orig to MIME_Mail
 2015-06-02 09:18:40 -07:00
Seth Hall
0eb345a25a Updating the Mozilla root certs. 2015-06-02 11:51:08 -04:00
Daniel Thayer
45caf8d2c1 Add missing documentation on the "Bro Package Index" page 2015-06-02 10:00:00 -05:00
Vlad Grigorescu
0a4604fe98 Add memleak btest for attachments over SMTP. 2015-06-01 21:14:52 -05:00
Vlad Grigorescu
847b16442b BIT-1410: Add btest 2015-06-01 20:49:04 -05:00
Vlad Grigorescu
05ea2d43c7 BIT-1410: Update baselines 2015-06-01 20:38:59 -05:00
Vlad Grigorescu
60d07f8483 BIT-1410: Propagate is_orig to MIME_Mail 2015-06-01 20:26:58 -05:00
Daniel Thayer
63aa61fcc9 More improvements to the Logging Framework doc 2015-06-01 16:36:44 -05:00
Daniel Thayer
7681263f91 Fix documentation typo 2015-06-01 14:29:03 -05:00
Daniel Thayer
4db9b8d792 Update the "Log Files" documentation 2015-06-01 14:26:09 -05:00
Seth Hall
097354a43f Updates for the urls.bro script. Fixes BIT-1404. 2015-06-01 11:38:26 -04:00
Daniel Thayer
4ddfe0ed83 Merge remote-tracking branch 'origin/master' into topic/dnthayer/doc-improvements-2.4 2015-05-31 23:49:38 -05:00
Daniel Thayer
b6920ac188 Add links in the logging framework doc 
Added links to the log writers that are available as external plugins.
 2015-05-31 23:34:19 -05:00
Daniel Thayer
648d091b29 Add a link to the bro-plugins documentation 2015-05-31 23:17:59 -05:00
Daniel Thayer
6bd24780b5 Update bro man page 2015-05-31 23:04:30 -05:00
Daniel Thayer
d0e304de46 Update script language reference documentation 2015-05-30 01:35:55 -05:00
Daniel Thayer
260b25f20a Fix typos in the "writing bro plugins" doc 2015-05-30 00:18:04 -05:00
Daniel Thayer
24701f2678 Fix a "make doc" warning 
Also fixed some indentation.
 2015-05-29 14:38:50 -05:00
Jeff Barber
72fca3ee26 Make enums work for non-C++11 config 2015-05-29 10:37:43 -04:00