Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 02:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
12358 commits 388 branches 195 tags 270 MiB
Commit graph

34 commits

Author SHA1 Message Date
Tim Wojtulewicz
b2f171ec69 Reformat the world 2021-09-16 15:35:39 -07:00
Tim Wojtulewicz
c1f0d312b5 Add base class for IP-based packet analyzers 2021-05-18 11:52:03 -07:00
Tim Wojtulewicz
db1d753b35 Rename NetSessions to SessionManager 
This also includes:
- Deprecating the NetSessions name.
- Renaming the zeek::sessions global to zeek::session_mgr and deprecating the old name.
- Renaming Sessions.{h,cc} to SessionManager.{h,cc}.
 2021-04-29 10:24:45 -07:00
Tim Wojtulewicz
c752d76052 Move packet filter out of NetSessions 2021-04-29 10:24:45 -07:00
Jon Siwek
fc114069b0 Merge remote-tracking branch 'origin/topic/jsiwek/unknown-protocol-options' 
* origin/topic/jsiwek/unknown-protocol-options:
  Move UnknownProtocol options to init-bare.zeek
  Coverity 1436183: Initialize packet_analysis::Manager fields
 2020-11-12 14:35:01 -08:00
Tim Wojtulewicz
96d9115360 GH-1079: Use full paths starting with zeek/ when including files 2020-11-12 12:15:26 -07:00
Jon Siwek
89af6f2004 Move UnknownProtocol options to init-bare.zeek 
Otherwise the `unknown_protocol` event cannot be used independently
from `policy/mic/unknown-protocols.zeek`.
 2020-11-11 12:58:38 -08:00
Tim Wojtulewicz
c3cf36e135 GH-1221: Add unknown_protocols.log for logging packet analyzer lookup failures 2020-11-09 20:37:26 -07:00
Tim Wojtulewicz
04dbc8e8be Remove now-unused Packet::l2_valid field 2020-11-09 10:49:57 -07:00
Tim Wojtulewicz
a7d4364334 Review cleanup 2020-10-15 12:44:45 -07:00
Tim Wojtulewicz
afdc08085f Move packet dumping to packet_mgr 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
1cf251d1ca Move IP and IP tunnel code from Sessions into packet analyzers 2020-10-15 12:18:30 -07:00
Jan Grashoefer
8d834a1d89 Packet analysis cleanup. 2020-09-23 11:13:29 -07:00
Jan Grashoefer
7ede4f48bd Simplify packet analyzer config. 2020-09-23 11:13:29 -07:00
Jan Grashoefer
8f951574d7 Add explicit root analyzer for packet analysis. 2020-09-23 11:13:29 -07:00
Jan Grashoefer
38337d799b Improve packet analysis data flow. 2020-09-23 11:13:29 -07:00
Jan Grashoefer
90eb97876f Improve packet analyzer API. 2020-09-23 11:13:28 -07:00
Jan Grashoefer
0ec7516602 Small cleanup of packet analysis. 2020-09-23 11:13:28 -07:00
Jan Grashoefer
0925b3bbec Remove encap_hdr_size (replaced by skip analyzer). 2020-09-23 11:13:28 -07:00
Jan Grashoefer
54961b5ea2 Allow to overwrite packet analysis mappings. 2020-09-23 11:13:28 -07:00
Jan Grashoefer
6f6e5b4df0 Suggested code improvements for packet analysis. 2020-09-23 11:13:28 -07:00
Jan Grashoefer
cbdaa53f85 Remove magic identifiers from Ethernet analyzer. 2020-09-23 11:13:28 -07:00
Jan Grashoefer
462b1fe3a2 Bring back default packet analysis. 
Default analyzers can be configured per packet analyzer by omitting the
identifier in the ConfigEntry.
 2020-09-23 11:13:28 -07:00
Jan Grashoefer
d4ff5a236c Further simplified the packet analysis API. 
This is still WIP and includes the following changes:
* Dispatchers are now part of analyzers (moving dispatching logic from
  the manager to the analyzers)
* All available analyzers are instantiated on start up
* Removal of configuration class
 2020-09-23 11:13:28 -07:00
Jan Grashoefer
9feda100b9 Move dispatching into packet analyzers. 
WIP that updates only the Ethernet analyzer.
 2020-09-23 11:13:28 -07:00
Jan Grashoefer
96d0e11bb8 Move cur_pos from packet into packet manager loop. 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
c2500d03d6 Remove packet_analysis/Defines.h 
- Replace uses of identifier_t with uint32_t
- Replace repeated usage of tuple type for Analysis results with type alias
 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
b46e600775 Move VectorDispatcher to be the only dispatcher 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
d22481aef3 Remove Manager::Reset() method 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
bd6d3e0112 Remove enabled state from Components, ability to enable/disable from Manager 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
f39d6bb4c4 Use shared_ptr instead of raw pointers in packet_analysis for analyzers and dispatchers 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
27fea2b218 Reorganize some pointer handling 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
1c3ded7dd5 Merge ProtocolAnalyzerSet into Manager, remove AnalyzerSet base class 2020-09-23 11:13:28 -07:00
Jan Grashoefer
e53ec46c23 Renamed LL-Analyzers to Packet Analyzers. 2020-09-23 11:13:28 -07:00
Renamed from src/llanalyzer/Manager.cc (Browse further)