Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 15:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
13262 commits 386 branches 195 tags 257 MiB
Commit graph

13262 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seth Hall
e6fd1d9178 Fixed bug with pending requests in HTTP script. 2011-04-26 15:24:02 -04:00
Seth Hall
64e7fd967a Fixed a bug with browser version parsing. 
* The full user-agent string wasn't being sent along
  to the log file in some cases when parsing user-agents.
 2011-04-26 14:24:50 -04:00
Jon Siwek
9875c2ba9c Merge branch 'master' into topic/jsiwek/doc-framework 2011-04-26 10:27:06 -05:00
Seth Hall
cc1501d6e3 Fixed a couple of bugs in the IRC analysis script. 
* Also removed a debug print from the software/vulnerable script.
 2011-04-26 11:24:38 -04:00
Seth Hall
6621a3001a Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-04-26 11:18:58 -04:00
Seth Hall
f6e67a6a87 More script updates. 2011-04-26 11:08:04 -04:00
Robin Sommer
5662fe7358 Updating baselines. 2011-04-23 10:47:14 -07:00
Robin Sommer
c41da9ca99 Fixing bug with deleting still unset record fields of table type. 2011-04-23 10:40:07 -07:00
Seth Hall
adec99751d More script updates. 2011-04-23 02:58:44 -04:00
Robin Sommer
59d6202104 Merge remote branch 'origin/topic/robin/conn-ids' 
* origin/topic/robin/conn-ids:
  Moving uid from conn_id to connection, and making output determistic if a hash seed is given.
  Extending conn_id with a globally unique identifiers.
 2011-04-22 22:13:44 -07:00
Seth Hall
0a151882ae New software parsing tests and all pass now. 2011-04-22 23:39:19 -04:00
Seth Hall
0d870d203d Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-04-22 22:22:08 -04:00
Robin Sommer
46b1fd9850 Delete operator for record fields. 
"delete x$y" now resets record field "x" back to its original state if
it is either &optional or has a &default. "delete" may not be used
with non-optional/default fields.
 2011-04-22 18:40:14 -07:00
Robin Sommer
964060c32f Fixing bug with nested record coercions. 2011-04-22 18:07:29 -07:00
Robin Sommer
386f9db140 Merge remote branch 'origin/fastpath' 
* origin/fastpath:
  Fixed another do_split bug and included a test for the fix.
 2011-04-22 08:43:36 -07:00
Seth Hall
6826b58fb4 Merge remote branch 'origin/master' into topic/seth/ssl-binpac 2011-04-22 09:53:25 -04:00
Seth Hall
c5a19f7cdc Fixed another do_split bug and included a test for the fix. 2011-04-22 08:00:28 -04:00
Robin Sommer
dbecbccdbc Updating submodule(s). 2011-04-21 19:59:49 -07:00
Robin Sommer
5eb74bea67 Merge remote branch 'origin/fastpath' 
* origin/fastpath:
  Fix CheckTypes.cmake from generating different config.h's between CMake runs.
 2011-04-21 19:54:56 -07:00
Robin Sommer
c80cd26e17 Merge remote branch 'origin/topic/seth/decode-nbns-names' 
* origin/topic/seth/decode-nbns-names:
  Updates and tests for netbios name BiF.
 2011-04-21 19:49:24 -07:00
Robin Sommer
9fe52512eb Merge remote branch 'origin/topic/seth/fix-do_split' 
* origin/topic/seth/fix-do_split:
  Fixed the do_split bug and added a test.
 2011-04-21 19:42:50 -07:00
Robin Sommer
da0ea67453 Fixing btests. 
- When Bro is given a PRNG seed, it now uses its own internal random
  number generator that produces consistent results across sytems.
  Note that this internal generator isn't very good, so it should only
  be used for testing purposes.

- The BTest configuration now sets the environemnt variables TZ=UTC
  and LANG=C to ensure consistent results.

- Fixing doc markup in logging.bro.

- Updating baselines.
 2011-04-21 19:31:44 -07:00
Seth Hall
928a930c9c Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-04-21 22:02:45 -04:00
Robin Sommer
5fba6d144e Logging fixes. 
- Now compiles in v6 mode.

- Loading logging.bif.*bro* in logging.bro for consistency.
 2011-04-21 18:50:11 -07:00
Jon Siwek
17314fa144 Add parser error hint when in doc mode about checking ## comment syntax. 2011-04-21 13:34:37 -05:00
Seth Hall
561bfb0361 Adding some comments about data types to remove from bro.init. 2011-04-21 14:26:20 -04:00
Seth Hall
8b363e934a More updates to software logging and more tests. 2011-04-21 14:25:52 -04:00
Seth Hall
e34d24df8f Moved the packet segment logging into it's own script. 2011-04-21 14:25:09 -04:00
Jon Siwek
4373565373 Merge branch 'master' into topic/jsiwek/doc-framework 2011-04-21 11:09:58 -05:00
Seth Hall
6275bc555d Merge remote branch 'origin/master' into topic/policy-scripts-new 
Conflicts:
	policy/conn.bro
 2011-04-21 01:16:08 -04:00
Seth Hall
7c168e0afa Extract packet data for the dpd.log 2011-04-21 01:00:11 -04:00
Seth Hall
e17cd94525 Add LLMNS and mDNS analysis ports to the default DNS analysis 2011-04-21 00:59:42 -04:00
Robin Sommer
f945bd5b7f Updating submodule(s). 2011-04-20 21:33:38 -07:00
Robin Sommer
13a492091f Merge remote branch 'origin/topic/robin/logging-internals' 
Includes some additional cleanup.
 2011-04-20 21:30:41 -07:00
Seth Hall
33bea9bef5 Removed a debug print. 2011-04-20 23:25:15 -04:00
Seth Hall
5a868eefda More extensive base script updating. 
* This is basically another checkpoint, but the difference
  is that in this one all.bro loads just about all of the
  new scripts and functionality.
 2011-04-20 23:14:54 -04:00
Jon Siwek
4634d92394 Move stuff related to policy script documentation from doc/ to doc/scripts/ 2011-04-20 21:11:32 -05:00
Jon Siwek
c472931eb9 Fixing example.bro's auto-reST generation baseline test. 
Adds a diff canonifier that skips diffing the places where example.bro
may use MutableVal derivatives (e.g. sets/tables), which don't always
generate the same ordering in the reST docs across runs.
 2011-04-20 20:09:33 -05:00
Seth Hall
c564f545c0 Updates and tests for netbios name BiF. 
* New BiF named: decode_netbios_name_type
* \x01 and \x02 are now decoded because I saw those
  bytes being actively used in names.
 2011-04-20 15:59:11 -04:00
Seth Hall
11ca973a10 Mistype correction. 2011-04-20 08:59:10 -04:00
Seth Hall
5c47f1b155 Many more script updates. 2011-04-20 08:53:22 -04:00
Seth Hall
58f3b3921d Merge remote branch 'origin/topic/robin/logging-internals' into topic/policy-scripts-new 2011-04-19 22:54:32 -04:00
Seth Hall
cba5766bc8 Fixed the do_split bug and added a test. 
* do_split was having a problem if there was another match
  after the end of the number of separators.  It would only
  return the match up to the point of the next match instead
  of the rest of the string.
 2011-04-19 22:24:46 -04:00
Seth Hall
7a1fd6498c Merge remote branch 'origin/topic/robin/logging-internals' into topic/policy-scripts-new 2011-04-19 20:35:00 -04:00
Robin Sommer
5a6311d360 Implementing a VectorCoerceExpr. 
Turns out we didn't have that yet.

I don't remember who implemented vectors originally, but he does owe
us all round at Jupiter ...
 2011-04-19 16:58:18 -07:00
Robin Sommer
b3b5a73113 Fixing problem with optional fields. 2011-04-19 16:22:40 -07:00
Robin Sommer
2bc5e69961 Updating submodule(s). 2011-04-19 15:55:33 -07:00
Robin Sommer
a4a47c3df1 Merge remote branch 'origin/topic/seth/count_to_addr' 
* origin/topic/seth/count_to_addr:
  Adjusting BiF name to indicate v4 addresses only.
  count_to_addr function
 2011-04-19 15:52:16 -07:00
Jon Siwek
9b7c8b9f98 Fix CheckTypes.cmake from generating different config.h's between CMake runs. 
Changing a file that causes CMake to re-run would incorrectly use
leftover state to arrive at the wrong conclusion about whether the
system has a given type.
 2011-04-19 10:44:44 -05:00
Seth Hall
61be2f5bd3 Adjusting BiF name to indicate v4 addresses only. 
* Function is now named count_to_v4_addr
 2011-04-19 00:30:56 -04:00