Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 04:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
12462 commits 388 branches 197 tags 276 MiB
Commit graph

25 commits

Author SHA1 Message Date
Tim Wojtulewicz
92b84a00f9 Add command-line option to write unprocessed packets to a file 
This commit also changes the PcapDumper to automatically flush after
every called to Dump(). This is because pcap_dump has an internal buffer
of some sort that only writes to the file after a set amount of bytes.
When using the new option on a low-traffic network, it might be a while
before you see any packets written since it has to overcome that buffer
limit first.
 2021-11-12 09:30:26 -07:00
Tim Wojtulewicz
fe932944c4 GH-1620: Add event and plugin hook to track packets not processed 2021-11-12 09:30:26 -07:00
Tim Wojtulewicz
b2f171ec69 Reformat the world 2021-09-16 15:35:39 -07:00
Tim Wojtulewicz
c752d76052 Move packet filter out of NetSessions 2021-04-29 10:24:45 -07:00
Tim Wojtulewicz
4ad08172d0 Remove obsolete ZEEK_FORWARD_DECLARE_NAMESPACED macros 2021-02-24 14:35:44 -07:00
Jon Siwek
fc114069b0 Merge remote-tracking branch 'origin/topic/jsiwek/unknown-protocol-options' 
* origin/topic/jsiwek/unknown-protocol-options:
  Move UnknownProtocol options to init-bare.zeek
  Coverity 1436183: Initialize packet_analysis::Manager fields
 2020-11-12 14:35:01 -08:00
Tim Wojtulewicz
96d9115360 GH-1079: Use full paths starting with zeek/ when including files 2020-11-12 12:15:26 -07:00
Jon Siwek
49094688fd Coverity 1436183: Initialize packet_analysis::Manager fields 2020-11-11 12:58:02 -08:00
Tim Wojtulewicz
c3cf36e135 GH-1221: Add unknown_protocols.log for logging packet analyzer lookup failures 2020-11-09 20:37:26 -07:00
Tim Wojtulewicz
afdc08085f Move packet dumping to packet_mgr 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
1cf251d1ca Move IP and IP tunnel code from Sessions into packet analyzers 2020-10-15 12:18:30 -07:00
Tim Wojtulewicz
23bbe0ac38 Move packet_mgr to the zeek namespace 2020-09-24 09:56:55 -07:00
Jan Grashoefer
8f951574d7 Add explicit root analyzer for packet analysis. 2020-09-23 11:13:29 -07:00
Jan Grashoefer
0925b3bbec Remove encap_hdr_size (replaced by skip analyzer). 2020-09-23 11:13:28 -07:00
Jan Grashoefer
cbdaa53f85 Remove magic identifiers from Ethernet analyzer. 2020-09-23 11:13:28 -07:00
Jan Grashoefer
d4ff5a236c Further simplified the packet analysis API. 
This is still WIP and includes the following changes:
* Dispatchers are now part of analyzers (moving dispatching logic from
  the manager to the analyzers)
* All available analyzers are instantiated on start up
* Removal of configuration class
 2020-09-23 11:13:28 -07:00
Jan Grashoefer
9feda100b9 Move dispatching into packet analyzers. 
WIP that updates only the Ethernet analyzer.
 2020-09-23 11:13:28 -07:00
Jan Grashoefer
96d0e11bb8 Move cur_pos from packet into packet manager loop. 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
c2500d03d6 Remove packet_analysis/Defines.h 
- Replace uses of identifier_t with uint32_t
- Replace repeated usage of tuple type for Analysis results with type alias
 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
d22481aef3 Remove Manager::Reset() method 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
bd6d3e0112 Remove enabled state from Components, ability to enable/disable from Manager 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
f39d6bb4c4 Use shared_ptr instead of raw pointers in packet_analysis for analyzers and dispatchers 2020-09-23 11:13:28 -07:00
Tim Wojtulewicz
1c3ded7dd5 Merge ProtocolAnalyzerSet into Manager, remove AnalyzerSet base class 2020-09-23 11:13:28 -07:00
Jan Grashoefer
1e0e8e35af Minor fixes for packet analyzer renaming. 2020-09-23 11:13:28 -07:00
Jan Grashoefer
e53ec46c23 Renamed LL-Analyzers to Packet Analyzers. 2020-09-23 11:13:28 -07:00
Renamed from src/llanalyzer/Manager.h (Browse further)