Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 17:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
6849 commits 385 branches 195 tags 260 MiB
Commit graph

6849 commits

This branch
This branch
All branches
Author SHA1 Message Date
Robin Sommer
5f308aeef2 Updating submodule(s). 
[nomail]
 2015-02-24 16:36:00 -08:00
Jon Siwek
98ab541087 Updating submodule(s). 
[nomail]
 2015-02-24 10:20:55 -06:00
Seth Hall
0d6292d5ca Remove several BroString escaping methods that are no longer useful. 2015-02-24 09:37:37 -05:00
Mike Smiley
3877b3e34b add bytes recvd to Stats and stats.bro 
use libpcap packet hdr.len to count bytes
 2015-02-23 21:27:28 -05:00
Robin Sommer
4c2e5fc8b2 Updating NEWS. 2015-02-23 16:58:18 -08:00
Robin Sommer
6350d330f3 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Crashing bug in WriterBackend when deserializing WriterInfo where config is present. Testcase crashes on unpatched versions of Bro.
  Fix wrong value test in WriterBackend. Found by Aaron Eppert (aeppert@gmail.com)
 2015-02-23 16:33:58 -08:00
Robin Sommer
c199077f3b Updating submodule(s). 
[nomail]
 2015-02-23 16:27:02 -08:00
Robin Sommer
5dea09b7c1 Baseline updates for the addition of local_resp. 
That patch is a strong contender for the smallest ever ratio of
lines-of-code-changed to lines-of-baselines-updated. :-)
 2015-02-23 16:25:11 -08:00
Johanna Amann
ee290c3d7a Crashing bug in WriterBackend when deserializing WriterInfo where config 
is present. Testcase crashes on unpatched versions of Bro.

Found by Aaron Eppert <aeppert@gmail.com>.

This (probably) fixes the crash issue with sqlite a few people have
reported on the mailing list in the past.
 2015-02-23 13:54:44 -08:00
Robin Sommer
9ab7b13b9e Merge branch 'master' of https://github.com/msmiley/bro 2015-02-23 13:30:42 -08:00
Johanna Amann
d63dfb0c6f Fix wrong value test in WriterBackend. Found by Aaron Eppert (aeppert@gmail.com) 2015-02-23 10:43:10 -08:00
Gilbert Clark
d3a5440cff Merge branch 'master' into topic/gilbert/plugin-api-tweak 2015-02-23 13:22:47 -05:00
Jon Siwek
8a758d2eb7 Merge remote-tracking branch 'origin/topic/robin/plugin-updates' 
* origin/topic/robin/plugin-updates:
  Doc tweak.
  Submodule update.
  Updating plugin docs to recent changes.
  Update submodules.
  Updating submodule.
  Updating submodules.
  Updating plugin tests.
  Making plugin names case-insensitive for some internal comparisions.
  Updating submodules.
  Explicitly removing some old scripts on install.
  Removing setting installation plugin path from  bro-path-dev.sh .
  Creating the installation directory for plugins at install time.

BIT-1318 #merged
BIT-1302 #closed
BIT-1312 #closed
 2015-02-23 12:20:39 -06:00
Jon Siwek
ba8b737f9e Update broker submodule. 2015-02-23 10:21:18 -06:00
Gilbert Clark
ce18a2867e Merge branch 'master' of ssh://git.bro-ids.org/bro into topic/gilbert/plugin-api-tweak 2015-02-23 00:00:38 -05:00
Vlad Grigorescu
96fc3b75f7 Merge remote-tracking branch 'origin/master' into topic/vladg/sip 2015-02-21 13:07:22 -05:00
Robin Sommer
d29679484d Removing dependency on PCAP_NETMASK_UNKNOWN to compile with libpcap < 
1.1.1.
 2015-02-20 13:49:58 -08:00
Robin Sommer
abcb8e7c95 Merge remote-tracking branch 'origin/topic/jsiwek/while' 
Added documentation to statement reference.

* origin/topic/jsiwek/while:
  Add 'while' statement to Bro language.

BIT-1315 #merged
 2015-02-20 12:59:39 -08:00
Robin Sommer
a2189c0338 Merge remote-tracking branch 'origin/fastpath' 
(No way to activate/test it it seems?)

* origin/fastpath:
  Add the ability to remove surrounding braces from the JSON formatter.
 2015-02-20 12:40:00 -08:00
Robin Sommer
15fe0abc3f Updating submodule(s). 
[nomail]
 2015-02-20 12:36:42 -08:00
Vlad Grigorescu
b90c8cb8ec Merge remote-tracking branch 'origin/master' into topic/vladg/file-analysis-exe-analyzer 
Conflicts:
	src/types.bif
 2015-02-19 16:59:52 -06:00
Mike Smiley
a1d49e791e add local_resp to Conn Info 
allow user to differentiate between local -> local and local -> remote
connections
 2015-02-18 20:41:40 -05:00
Jon Siwek
25aac35af1 broker integration: add missing baselines for doc tests 2015-02-18 15:08:22 -06:00
Jon Siwek
a87b4feaae broker integration: add prof.log statistics 2015-02-18 14:53:30 -06:00
Jon Siwek
8d19bf6381 broker integration: add high-level usage documentation 
i.e. documentation of the new "comm framework" w/ examples.
 2015-02-18 12:16:46 -06:00
Robin Sommer
751b6590b5 Doc tweak. 2015-02-17 15:35:28 -08:00
Robin Sommer
802580b0a7 Submodule update. 2015-02-17 14:47:54 -08:00
Robin Sommer
093d406920 Updating plugin docs to recent changes. 2015-02-17 14:03:05 -08:00
Robin Sommer
818ba9127f Update submodules. 2015-02-17 13:59:21 -08:00
Robin Sommer
9025b42534 Updating submodule. 2015-02-17 12:56:36 -08:00
Jon Siwek
b06d82cced broker integration: add API documentation (broxygen/doxygen) 
Also changed asynchronous data store query code a bit; trying to make
memory management and handling of corner cases a bit clearer (former
maybe could still be better, but I need to lookup queries by memory
address to associate response cookies to them, and so wrapping pointers
kind of just gets in the way).
 2015-02-17 10:50:57 -06:00
Robin Sommer
bdb2707a08 Updating submodules. 2015-02-16 20:26:26 -08:00
Robin Sommer
b6bbf90643 Updating plugin tests. 
The init-plugin scripts now expects a destination directory. Normally
that would be a new subdirectory, but for the tests to keep working we
can also put it right into the current directory.
 2015-02-16 20:26:26 -08:00
Robin Sommer
0f96d06252 Making plugin names case-insensitive for some internal comparisions. 
Makes the plugin system a bit more tolerant against spelling
inconsistencies that would be hard to catch otherwise.
 2015-02-16 20:26:23 -08:00
Robin Sommer
ab3cdf494a Updating submodules. 2015-02-16 13:40:21 -08:00
Robin Sommer
d36422fde1 Explicitly removing some old scripts on install. 
Some scripts have moved into plugins, but may cause confusion if they
stick around from old installations. Explicitl removing them on install.

We had this problem before in other cases, and it should be ok to help
people upgrading a bit here, even though hardcoding these isn't great.
 2015-02-16 13:37:59 -08:00
Robin Sommer
ff16f6215a Removing setting installation plugin path from bro-path-dev.sh . 
Also, adding to existing BRO_PLUGIN_PATH rather than replacing.

Addresses #1312
 2015-02-16 12:49:54 -08:00
Robin Sommer
2e043c0ff6 Creating the installation directory for plugins at install time. 2015-02-16 12:11:59 -08:00
Jon Siwek
e95116ba85 Merge branch 'master' into topic/jsiwek/broker 2015-02-16 10:00:17 -06:00
Josh Liburdi
a63d7307c8 FreeRDP test trace showing SSL encryption -- RDP analyzer does not currently handle this and SSL analyzer does not identify it either 2015-02-15 23:13:40 -08:00
Josh Liburdi
7773cd6011 Wireshark test trace for native encryption -- generates a binpac error 2015-02-15 23:11:52 -08:00
jshlbrd
5ef15c8cdd Delete RDP-004.pcap 2015-02-15 23:10:05 -08:00
jshlbrd
55a0b344af Delete nla_win7_win2k8r2.pcap 2015-02-15 23:09:50 -08:00
jshlbrd
dade1936be Update dpd.sig 2015-02-15 23:06:36 -08:00
jshlbrd
10071ffddf Fixed typo 2015-02-15 23:05:11 -08:00
jshlbrd
8a5bb0f6a7 Added check for connection existence 
Added a check for connection existence before trying to remove the RDP analyzer from a connection.
 2015-02-15 23:04:31 -08:00
Josh Liburdi
b1614b7fe9 Modified how cookie value is handled 2015-02-15 22:45:16 -08:00
Josh Liburdi
0ef8a106df Moved DPD to each individual event process 2015-02-15 22:44:00 -08:00
Josh Liburdi
90bfbf9002 Added comments, changed logging events to reduce analyzer errors 2015-02-15 22:43:31 -08:00
Josh Liburdi
a3ab9f5b09 Added comments and TODOs 2015-02-15 10:18:52 -08:00