Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 00:58:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
9501 commits 387 branches 195 tags 259 MiB
Commit graph

9501 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jon Siwek
13a431f9fb Merge branch 'master' of https://github.com/redsand/zeek 
- Simplified this to just return result of inet_pton

* 'master' of https://github.com/redsand/zeek:
  adds missing ipv6 support for patricia trie index (white/blacklist) under *nix. only worked for nt before..
 2019-10-30 11:03:59 -07:00
Johanna Amann
f98d4cb9e9 Add --libdir convenience flag to configure. 
The flag sets the library installation directory.
 2019-10-30 10:42:16 -07:00
Tim Shelton
338e15cc38 adds missing ipv6 support for patricia trie index (white/blacklist) under *nix. only worked for nt before.. 2019-10-30 16:00:18 +00:00
Robin Sommer
82f656ec9c Merge remote-tracking branch 'origin/topic/jsiwek/gh-664-tcp-syn-data-signatures' 
* origin/topic/jsiwek/gh-664-tcp-syn-data-signatures:
  GH-664: fix signature matching for payload-carrying SYN packets
 2019-10-30 08:07:47 +00:00
Jon Siwek
9c4e44924f GH-664: fix signature matching for payload-carrying SYN packets 
Or more generally, signatures would not work correctly for any case
where the first TCP packet seen contained payload data, regardless of
its TCP flags.
 2019-10-29 17:20:08 -07:00
Dominik Charousset
72e15fe4d4 Integrate review feedback 2019-10-29 21:24:56 +01:00
Jon Siwek
7b9a27c96a Merge remote-tracking branch 'origin/topic/johanna/remove-build-unique' 
* origin/topic/johanna/remove-build-unique:
  Replace build_unique with make_unique
 2019-10-29 09:42:55 -07:00
Dominik Charousset
0f41b063b2 Add and use new IntrusivePt type in Zeek 
Manual memory management via Ref/Unref is verbose and prone to error. An
intrusive smart pointer automates the reference counting, makes code
more robust (in particular w.r.t. to exceptions) and reduces boilerplate
code. A big benefit of the intrusive smart pointers for Zeek is that
they can co-exist with the manual memory management. Rather than having
to port the entire code base at once, we can migrate components
one-by-one. In this first step, we add the new template
`IntrusivePtr<T>` and start using it in the Broker Manager. This makes
the previous `unref_guard` obsolete.
 2019-10-29 16:49:27 +01:00
Johanna Amann
0ab72e5983 Update submodules 
[nomail]
 2019-10-29 12:21:27 +01:00
Johanna Amann
e2a8dd4db1 Replace build_unique with make_unique 
This was a rarely used convenience function from when we did not yet
have c++17 support.
 2019-10-29 11:50:30 +01:00
Johanna Amann
ff612876c5 Revert "Fix compilation on OS-X." 
This reverts commit cde28074a1.

We now have a c++14 compiler.

Fixes GH-626
 2019-10-29 11:42:45 +01:00
Jon Siwek
6f3a695b3f Updating submodule(s). 
[nomail]
 2019-10-28 22:24:16 -07:00
Jon Siwek
36d7628bcb Install cmake3 from EPEL on CentOS CI system 2019-10-28 20:18:45 -07:00
Jon Siwek
2613640abe Merge remote-tracking branch 'origin/topic/neverlord/cmake3' 
* origin/topic/neverlord/cmake3:
  Fix position of project(), require CMake 3
 2019-10-28 18:31:51 -07:00
Johanna Amann
44086c1f03 Merge remote-tracking branch 'origin/topic/jsiwek/gh-654-coerce-unspecified-table-defaults' 
* origin/topic/jsiwek/gh-654-coerce-unspecified-table-defaults:
  GH-654: allow table() in function &default expressions
  GH-654: allow table() in record &default expressions

Fixes GH-654
 2019-10-28 20:59:39 +01:00
Johanna Amann
8b789f7c31 Merge branch 'fix-typo' of https://github.com/keithjjones/zeek 
* 'fix-typo' of https://github.com/keithjjones/zeek:
  Fix up some documentation.
 2019-10-28 20:42:29 +01:00
Keith J. Jones
05788a2c02 Fix up some documentation. 2019-10-28 09:29:35 -04:00
Dominik Charousset
24d5ffa7a1 Fix position of project(), require CMake 3 
The call to `project` must come after `cmake_minimum_required` in CMake
in order to get the correct policy settings.
 2019-10-28 13:31:46 +01:00
Robin Sommer
505ed8f32f Updating submodule(s). 
[nomail]
 2019-10-28 10:59:29 +00:00
Robin Sommer
d0060df0fe Updating submodules. 2019-10-28 10:09:42 +00:00
Robin Sommer
29164c5992 Merge remote-tracking branch 'origin/topic/jsiwek/gh-585-c++17' 
* origin/topic/jsiwek/gh-585-c++17:
  Update Travis CI config for C++17
  GH-585: Require C++17
 2019-10-28 10:06:16 +00:00
Robin Sommer
9d7c9f37d4 Merge branch 'Fix_http_build_url' of ssh://github.com/Olerdrive/zeek 
I changed the format string of the port to %d and added a test.
 2019-10-28 09:32:32 +00:00
Robin Sommer
7796e6398c Merge branch 'minor-plugin-fixes' of ssh://github.com/awelzel/zeek 2019-10-28 08:55:45 +00:00
Arne Welzel
9b881a1e6f Free memory allocated by glob() in plugin/Manager 2019-10-27 10:23:17 +01:00
Arne Welzel
9e5e7084e6 Remove always false condition in plugin/Manager 
`((m->second + "/").empty())` always evaluates to false. Combine
it with the previously check.
 2019-10-27 10:23:15 +01:00
Alexey Mokeev
6ba1d1dcd3 Make http::build_url work correctly 2019-10-27 11:17:53 +03:00
Johanna Amann
1f9bdceaaf Update submodule 
[nomail]
 2019-10-26 16:58:54 +02:00
Jon Siwek
b698c5507a GH-654: allow table() in function &default expressions 
Table parameters of functions previously did not coerce unspecified
tables used in their &default attribute to the correct type.
 2019-10-25 13:00:46 -07:00
Jon Siwek
34bf78984b GH-654: allow table() in record &default expressions 
Table fields of records previously did not coerce unspecified tables
used in their &default attribute to the correct type.
 2019-10-25 12:48:52 -07:00
Jon Siwek
691fd5c9a4 Change usage of old bro:see directive to zeek:see 2019-10-25 10:42:05 -07:00
Jon Siwek
81ab0b0d05 Use explicit path name for NTP log stream 
For consistency (we do this for all other logs) and just to avoid
the extra path function calls.
 2019-10-25 10:38:58 -07:00
Jon Siwek
cf05b1d7dc Merge branch 'fix-typo' of https://github.com/keithjjones/zeek 
* 'fix-typo' of https://github.com/keithjjones/zeek:
  Fixed typo.
 2019-10-25 10:13:14 -07:00
Keith J. Jones
67499979c8 Fixed typo. 2019-10-25 10:33:20 -04:00
Jon Siwek
08e2f97393 Update Travis CI config for C++17 
Several platforms didn't have a C++17 compiler in their default repos.

Also moved from Fedora 28 to Fedora 30 since that will soon be the
oldest, still-supported version.
 2019-10-24 22:27:54 -07:00
Jon Siwek
2c6cb6e5f3 GH-585: Require C++17 2019-10-24 12:51:06 -07:00
Jon Siwek
29f386e388 Implement minimal supervised cluster configuration 
More aspects of the cluster configuration to get fleshed out later,
but a basic cluster like one would use for a live deployment
can now be instantiated and run under supervision.  The new
clusterized-pcap-processing supervisor mode is also not done yet.
 2019-10-23 17:37:53 -07:00
Jon Siwek
e2bc662fbb Updating submodule(s). 
[nomail]
 2019-10-23 09:18:10 -07:00
Jon Siwek
17076936f7 Updating submodule(s). 
[nomail]
 2019-10-21 17:45:25 -07:00
Jon Siwek
6184a495f0 Update embedded CAF in Broker to 0.17.2 2019-10-21 09:35:25 -07:00
Jon Siwek
25a8ba99fa Change supervisor event response topic names 
They now include the request ID at the end of their topic, to possibly
help with subscription filtering.
 2019-10-21 09:16:26 -07:00
Jon Siwek
7a6355f64f Change supervisor event API to use strings for request IDs 2019-10-21 09:12:50 -07:00
Johanna Amann
808f726fd0 Update submodule 
[nomail]
 2019-10-21 11:43:16 +02:00
Johanna Amann
50f7969e15 Merge remote-tracking branch 'origin/topic/neverlord/select-cmake' 
* origin/topic/neverlord/select-cmake:
  Fix check for cmake commands on POSIX shells
  Prefer cmake3 command, add --cmake=PATH option
 2019-10-21 11:43:10 +02:00
Dominik Charousset
e380a12a8b Fix check for cmake commands on POSIX shells 2019-10-21 08:44:46 +02:00
Jon Siwek
de93a060e5 Improve supervisor signal handling 2019-10-20 08:00:10 -07:00
Dominik Charousset
2885f3ead4 Prefer cmake3 command, add --cmake=PATH option 2019-10-19 17:42:00 +02:00
Jon Siwek
773b39e52e Finish implementing supervisor infrastructure 
The process hierarchy and all supervisor control commands are now
working (e.g. status, create, destroy, restart), but nodes are
not currently spawned with the desired configuration parameters so
they don't yet operate as real cluster nodes (e.g. worker, logger,
manager, proxy).
 2019-10-18 17:57:20 -07:00
Jon Siwek
2bc533f762 Add shutdown logic for intermediate supervisor stem process 
To kill/wait on the supervised leaf nodes before exiting.
 2019-10-18 14:28:54 -07:00
Jon Siwek
0180d47c5a Add backoff logic to supervisor node revival 2019-10-18 13:10:35 -07:00
Jon Siwek
0d0fe4d1cc Add auto-revival of supervisor leaf nodes 2019-10-18 12:21:21 -07:00