* 'master' of https://github.com/marktayl/bro:
Better multi-space separator handling.
Also tweak multi-space separator handline some more and add test-case
triggering the new behavior.
1) IRC spec indicates "one or more spaces" separating parameters, so be better at handling multiple space separators.
2) Have "length" track against "myline", since it continues to be used against it.
3) "WHO" command's parameters are optional.
Netcontrol log now includes more information; before that, it had not
quite caught up to the new capabilities (like flow modifying and
redirection, as well as mac addresses).
Furthermore, this fixes a number of bugs with cluster mode (like
duplicate events), test failures due to updates in Bro, etc.
Events now generally carry the unique ID of the backend that is given
during initialization; there are a few more functions and other
bugfixes.
A few netcontrol tests are still broken (mostly due to a pcap update in
msater).
When testing against irc-dcc-send.trace, I didn't see an irc_quit_message event generated for the QUIT command at the end of the trace, but rather a weird.log "irc_invalid_line" for the packet: the IRC packet parser wasn't allowing commands without parameters.
* 'master' of https://github.com/marktayl/bro:
Removed duplicate parameter for IRC "QUIT" event handler.
Also add a test-case that checks the output of the quit
event handler.
The missing break did not cause any issues besides one extra
(unspecialized) event being fired in addition to the actual
starttls event.
Found by Aaron Eppert
Due to a logic bug, once an "irc_privmsg_message" event handler is created, *all* IRC events were routed down the code path, generally creating a Weird("irc_invalid_privmsg_message_format") event and terminating the inspection.
BIT-1526 #merged
* origin/topic/seth/radiotap:
Improved Radiotap support and a test.
Fixed RadioTap support (still "Works for Me")
Initial commit of RadioTap encapsulation support)
Radiotap support should be fully functional now with Radiotap
packets that include IPv4 and IPv6. Other radiotap packets are
silently ignored. This includes a test which has 802.11 headers
both with and without QoS data.
