Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 09:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
13262 commits 387 branches 195 tags 259 MiB
Commit graph

13262 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bernhard Amann
88e0cea598 add execute-mode support to the raw reader - allows to directly call commands and read their output. 
Note that fdstream.h is from boost and has a separate license:
 * (C) Copyright Nicolai M. Josuttis 2001.
 * Permission to copy, use, modify, sell and distribute this software
 * is granted provided this copyright notice appears in all copies.
 * This software is provided "as is" without express or implied
 * warranty, and with no claim as to its suitability for any purpose.
 2012-03-18 15:31:47 -07:00
Bernhard Amann
e7dfdb1ae9 Merge remote-tracking branch 'origin/master' into topic/bernhard/input-threads 2012-03-18 11:03:15 -07:00
Bernhard Amann
b34a0b6deb Merge remote-tracking branch 'origin/topic/robin/log-threads' into topic/bernhard/input-threads 
Conflicts:
	src/threading/Manager.cc
 2012-03-18 11:03:04 -07:00
Bernhard Amann
aa6026c1a7 forgot to undo this - this idea did not work, because records cannot reference themselves. 2012-03-18 10:52:23 -07:00
Bernhard Amann
bf597012f8 fix some stupid, not that easy to find bugs. 
Functionality seems to work completely again - including all tests passing.
 2012-03-18 10:50:10 -07:00
Bernhard Amann
3286d013c9 forgot two files. 2012-03-16 23:45:10 -07:00
Bernhard Amann
29f56b4986 continue finetuning of interface + adjust tests. 
streaming + re-reading do not seem to work completely correctly + there are still some strange random crashes.
 2012-03-16 23:43:13 -07:00
Robin Sommer
e3f5cbb670 Small fixes and tweaks. 
- Fixing tiny leak.

    - Fixing threads stat output.
 2012-03-16 09:11:31 -07:00
Robin Sommer
89a3bb33c8 Don't assert during shutdown. 2012-03-16 09:11:00 -07:00
Bernhard Amann
e59aed6ce3 for seth - reverse order of event arguments 2012-03-16 08:31:19 -07:00
Bernhard Amann
842f635695 give EventDescripion field back to events 2012-03-16 08:10:28 -07:00
Bernhard Amann
367c4b4a7e make raw reading work. 
apparently there was a crash in the reader plugin, but main bro did not notice but waited for eternity for it do to something.
 2012-03-16 07:53:29 -07:00
Bernhard Amann
57ffe1be77 completely change interface again. 
compiles, not really tested.

basic test works 70% of the time, coredumps in the other 30 - but was not easy to debug on a first glance (most interestingly the crash happens in the logging framework - I wonder how that works).
Other tests are not adjusted to the new interface yet.
 2012-03-15 18:41:51 -07:00
Robin Sommer
6708f0ed4d Updating submodule(s). 
[nomail]
 2012-03-14 16:08:25 -07:00
Bernhard Amann
b4e6971aab Add regular debugging output for interesting operations (stream/filter operations) to input framework (this was way overdue) 2012-03-14 14:45:53 -07:00
Robin Sommer
d2b59b1cb8 Merge branch 'topic/jsiwek/ipv6-ext-headers' of ssh://git.bro-ids.org/bro into topic/jsiwek/ipv6-ext-headers 
Conflicts:
	src/Sessions.cc
 2012-03-14 13:50:39 -07:00
Jon Siwek
94864da465 Update documentation for new syntax of IPv6 literals. 2012-03-14 15:25:08 -05:00
Jon Siwek
b859230be6 Merge branch 'master' into fastpath 2012-03-14 15:07:29 -05:00
Bernhard Amann
c3d2f1d5fc Merge remote-tracking branch 'origin/master' into topic/bernhard/input-threads 2012-03-14 12:28:53 -07:00
Daniel Thayer
cea52fbccb Merge remote-tracking branch 'origin/master' into topic/icmp6 2012-03-14 11:29:29 -05:00
Robin Sommer
159733f481 Updating submodule(s). 
[nomail]
 2012-03-14 08:42:36 -07:00
Jon Siwek
5312a904ab Fix ipv6_ext_headers event and add routing0_data_to_addrs BIF. 
Also add unit tests for ipv6_ext_headers and esp_packet events.
 2012-03-14 10:31:08 -05:00
Jon Siwek
7af14ec1fe Remove the default "tcp or udp or icmp" filter. 
In default mode, Bro would load the packet filter script framework
which installs a filter that allows all packets, but in bare mode
(the -b option), this old filter would not follow IPv6 protocol
chains and thus filter out packets with extension headers.
 2012-03-14 10:00:48 -05:00
Julien Sentier
a4f8b2ccbe Changing the regular expression to allow Site::local_nets in signatures 
Previous commit closes #792.
 2012-03-13 16:16:55 -07:00
Robin Sommer
cba160c8ac Removing a line of dead code. 
Found by Julien Sentier.

Closes #786.
 2012-03-13 16:14:05 -07:00
Robin Sommer
11fdb5edce Updating submodule(s). 
[nomail]
 2012-03-13 16:11:36 -07:00
Robin Sommer
9dd63acaa3 Updating baseline. 
Is that a platform-specific difference?
 2012-03-13 16:10:42 -07:00
Robin Sommer
b4239de4a3 Updating NEWS. 
Previous commit closes #796.
 2012-03-13 15:40:34 -07:00
Robin Sommer
d8d7dd4d53 Merge remote-tracking branch 'origin/topic/jsiwek/ipv6-literals' 
* origin/topic/jsiwek/ipv6-literals:
  Change IPv6 literal constant syntax to require encasing square brackets
 2012-03-13 15:33:43 -07:00
Robin Sommer
79948c7974 Merge remote-tracking branch 'origin/topic/jsiwek/ipv6-ext-headers' 
* origin/topic/jsiwek/ipv6-ext-headers:
  Update PacketFilter/Discarder code for IP version independence.
  Add a few comments to IP.h
  Fix some IPv6 header related bugs.
  Add IPv6 fragment reassembly.
  Add handling for IPv6 extension header chains (addresses #531)
 2012-03-13 15:25:18 -07:00
Robin Sommer
e83714e178 Merge branch 'master' into topic/jsiwek/ipv6-ext-headers 2012-03-13 15:25:05 -07:00
Robin Sommer
c78a391635 Merge remote-tracking branch 'origin/topic/jsiwek/remove-match' 
* origin/topic/jsiwek/remove-match:
  Remove the match expression (addressed #753).
 2012-03-13 14:55:40 -07:00
Robin Sommer
5b2b03c6f7 Merge remote-tracking branch 'origin/fastpath' 2012-03-13 14:55:30 -07:00
Jon Siwek
bf3f184a01 Change IPv6 literal constant syntax to require encasing square brackets 
This is to avoid ambiguity between compressed hex notation and
module namespacing, both which use "::". E.g.: "aaaa::bbbb" could
be an identifier or an IPv6 address, but "[aaaa::bbbb]" is now
clearly the address.

Also added IPv6 mixed notation to allow an IPv4 dotted-decimal
address to be specified in the lower 32-bits.
 2012-03-13 13:47:07 -05:00
Jon Siwek
e74cbbf774 Add unit test for IPv6 fragment reassembly. 2012-03-12 15:26:51 -05:00
Bernhard Amann
92555badd4 cleanup, more sanity tests, a little bit more documentation 2012-03-11 20:43:26 -07:00
Bernhard Amann
faf5c95752 a couple of small fixes ( default values, all null lines) 2012-03-11 19:41:41 -07:00
Robin Sommer
8eaf40ec18 Reverting accidental commit. 
Thanks, Seth!
 2012-03-08 20:24:12 -08:00
Robin Sommer
f0682bb01a Merge branch 'topic/robin/log-threads' of ssh://git.bro-ids.org/bro into topic/robin/log-threads 2012-03-08 20:24:02 -08:00
Robin Sommer
51009b73bc Finetuning communication CPU usage. 2012-03-08 18:13:17 -08:00
Robin Sommer
1bdd0a5b6b Merge branch 'topic/robin/log-threads' of ssh://git.bro-ids.org/bro into topic/robin/log-threads 2012-03-08 17:42:31 -08:00
Robin Sommer
0208dd2844 Merge remote branch 'origin/master' into topic/robin/log-threads 2012-03-08 17:35:58 -08:00
Robin Sommer
83038d78e0 Adding new leak tests involving remote logging. 2012-03-08 17:35:58 -08:00
Robin Sommer
bf14bd91d7 Removing some no longer needed checks. 2012-03-08 17:30:18 -08:00
Robin Sommer
c0678e7e1f Fixing problem logging remotely when local logging was turned off. 
For that, moved the remote logging from the Manager to the
WriterFrontend. That also simplifies the Manager a bit.
 2012-03-08 17:30:18 -08:00
Jon Siwek
0b32c980bf Update PacketFilter/Discarder code for IP version independence. 
The signatures of script-layer functions 'discarder_check_ip',
'discarder_check_tcp', 'discarder_check_udp', and 'discarder_check_icmp'
were changed to use the more general 'pkt_hdr' type as a parameter
instead of individual header types.
 2012-03-08 13:12:04 -06:00
Bernhard Amann
cd78005d09 Merge remote-tracking branch 'origin/master' into topic/bernhard/input-threads 2012-03-07 13:43:48 -08:00
Bernhard Amann
b31230d429 Merge remote-tracking branch 'origin/topic/robin/log-threads' into topic/bernhard/input-threads 2012-03-07 13:43:27 -08:00
Bernhard Amann
7076c64a5e Merge remote-tracking branch 'origin/topic/robin/log-threads' into topic/bernhard/input-threads 
(and move a little bit of functionality from ascii reader to backend)

Conflicts:
	src/threading/Manager.cc
 2012-03-07 13:42:49 -08:00
Jon Siwek
76ef36e048 Add a few comments to IP.h 2012-03-07 14:17:56 -06:00