Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 02:28:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
11634 commits 388 branches 195 tags 268 MiB
Commit graph

11634 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jon Siwek
ef3d451af3 Fix Travis CI script to checkout particular commits of external tests 2018-08-21 16:49:06 -05:00
Jon Siwek
553ce6aca1 Fix signed/unsigned comparison warning 2018-08-21 16:16:00 -05:00
Jon Siwek
9121c0436f Add --with-broker configure option 2018-08-21 15:55:56 -05:00
Jon Siwek
b679a51376 Merge remote-tracking branch 'origin/topic/jazoff/fix-snaplen' 
* origin/topic/jazoff/fix-snaplen:
  problem: default snaplen is too small for jumbo frames
 2018-08-21 14:54:55 -05:00
Jon Siwek
b63f0e2675 Updating submodule(s). 
[nomail]
 2018-08-21 10:02:02 -05:00
Johanna Amann
aa2488fb69 Merge remote-tracking branch 'origin/master' into topic/johanna/tls-more-data 2018-08-20 16:10:21 -07:00
Jon Siwek
ee0bbdad34 Fix outdated documentation test baselines 2018-08-20 15:51:51 -05:00
Jon Siwek
bcf97f70ea Merge remote-tracking branch 'origin/topic/jsiwek/empty-lines' 
* origin/topic/jsiwek/empty-lines:
  Add 'smtp_excessive_pending_cmds' weird
  Fix SMTP command string comparisons
  Improve handling of empty lines in several text protocol analyzers
  Add rate-limiting sampling mechanism for weird events
  Teach timestamp canonifier about timestamps before ~2001
 2018-08-20 15:35:16 -05:00
Jon Siwek
000072978a Merge remote-tracking branch 'origin/topic/dnthayer/ticket1700-part2' 
* origin/topic/dnthayer/ticket1700-part2:
  Remove the node-specific local-*.bro scripts
 2018-08-20 15:02:41 -05:00
Daniel Thayer
052a5b4d84 Remove the node-specific local-*.bro scripts 2018-08-20 12:57:00 -05:00
Jon Siwek
4912513517 Improve diff-remove-abspath canonifier: collapse '/' sequences 2018-08-20 12:47:57 -05:00
Jon Siwek
6595b21e2e Merge remote-tracking branch 'origin/topic/dnthayer/ticket1963' 
* origin/topic/dnthayer/ticket1963:
  Remove unused redef-able constants
  Convert some redef-able constants to runtime options
 2018-08-20 12:44:58 -05:00
Jon Siwek
1671244a64 Merge remote-tracking branch 'origin/topic/dnthayer/doc-fixes-for-2.6' 
* origin/topic/dnthayer/doc-fixes-for-2.6:
  Fix some typos and improve formatting in NEWS
  Update the operators documentation
  Replace references to libgeoip in the documentation
  Update install instructions for python-ipaddress
  Update documentation of "option" and "redef" declarations
  Improvements to the config framework documentation
  Rearrange some lines on the "Log Files" documentation page
  Improve install/setup instructions for libmaxminddb
  Update NEWS for config framework clusterization changes
  Update config framework doc for clusterization changes
  Fix typos and formatting issues in config framework docs
 2018-08-17 17:10:34 -05:00
Jon Siwek
edf8658b11 Merge remote-tracking branch 'origin/topic/vladg/dhcp_event_deprecation' 
* origin/topic/vladg/dhcp_event_deprecation:
  Add script to support the old DHCP events

Updated coverage tests and fixed incorrect DHCP:: scoping on some things
 2018-08-17 16:38:19 -05:00
Jon Siwek
fa46c6a16a Updating submodule(s). 
[nomail]
 2018-08-17 15:16:25 -05:00
Jon Siwek
bd24421734 BIT-466: add redef += support to vectors 2018-08-17 15:16:15 -05:00
Daniel Thayer
1a4629b0dc Merge remote-tracking branch 'origin/master' into topic/dnthayer/ticket1963 2018-08-17 14:11:47 -05:00
Johanna Amann
b1dbd757a6 Merge remote-tracking branch 'origin/master' into topic/johanna/tls-more-data 2018-08-17 11:52:00 -07:00
Johanna Amann
95c72f3717 Update submodule 
[nomail]
 2018-08-17 11:25:58 -07:00
Daniel Thayer
a71ed6f781 Merge remote-tracking branch 'origin/master' into topic/dnthayer/doc-fixes-for-2.6 2018-08-17 11:34:16 -05:00
Daniel Thayer
ab2f745edb Fix some typos and improve formatting in NEWS 2018-08-17 11:33:19 -05:00
Daniel Thayer
8fe300a47c Update the operators documentation 
Added documentation for some new operators and improve documentation of
the "in" operator.  Also corrected a few typos in the docs.
 2018-08-17 11:30:39 -05:00
Jon Siwek
fcabd72b92 BIT-1815: move SMB::write_cmd_log functionality into policy/ script 
The option is removed, but same functionality is now enabled simply
by loading policy/protocols/smb/log-cmds.bro
 2018-08-17 11:15:18 -05:00
Jon Siwek
fc7d3cd981 Fix possible race in netcontrol acld/broker plugins 
Best to subscribe before connecting
 2018-08-17 10:31:31 -05:00
Jon Siwek
a04c76c035 Enable SMB by default by moving scripts from policy/ to base/ 2018-08-16 17:23:28 -05:00
Jon Siwek
7fdf621a1d BIT-1924: add DHCP port to software.log for completeness 2018-08-16 16:08:29 -05:00
Daniel Thayer
c941c565a6 Replace references to libgeoip in the documentation 
Replace references to the old libgeoip library with "libmaxminddb" or
"GeoIP support".
 2018-08-16 15:45:58 -05:00
Daniel Thayer
f40e317c0d Update install instructions for python-ipaddress 2018-08-16 15:41:18 -05:00
Daniel Thayer
4613347a95 Update documentation of "option" and "redef" declarations 
Add documentation of using "redef" on a runtime option.  Also mention
how to change an option's value at runtime.
 2018-08-16 14:23:25 -05:00
Jon Siwek
81a8961f16 BIT-1858: fix logged-names for DNS RR types 44 and 45 2018-08-16 14:13:31 -05:00
Jon Siwek
15dc5d1dda BIT-1850: add missing DCE/RPC PDU type enum values 2018-08-16 14:09:03 -05:00
Daniel Thayer
6ef98cdb77 Improvements to the config framework documentation 
Add documentation of using redef to redefine initial value of options.
Mention caveats for changing the value of specific data types.
Show an example of how to use the Config::set_value() function.
Other small improvements to the examples and text.
 2018-08-16 13:32:46 -05:00
Jon Siwek
da9f91fc19 Add env. variables to override Broker listen/connect retry intervals 
And use them to default retries to 1sec for all unit tests.
 2018-08-16 12:16:03 -05:00
Daniel Thayer
ccfca956e9 Rearrange some lines on the "Log Files" documentation page 
Moved config.log out of the "Network Protocols" section.  Moved broker.log
so that it appears in alphabetical order.
 2018-08-16 11:31:26 -05:00
Jon Siwek
05b10fe2e7 BIT-1544: allow NULs in file analysis handles 2018-08-15 18:03:02 -05:00
Daniel Thayer
9291fef6d2 Merge remote-tracking branch 'origin/master' into topic/dnthayer/doc-fixes-for-2.6 2018-08-15 15:27:44 -05:00
Jon Siwek
f336c8c710 Fix seg fault on trying to type-cast invalid/nil Broker::Data 
This situation now throws a runtime expression exception instead of
crashing on null pointer access.
 2018-08-15 11:02:52 -05:00
Daniel Thayer
d7be90c3ca Remove unused redef-able constants 2018-08-15 10:30:09 -05:00
Daniel Thayer
dc0904a7f3 Convert some redef-able constants to runtime options 2018-08-15 10:17:14 -05:00
Jon Siwek
0e6913fba0 BIT-1798: fix PPTP GRE tunnel decapsulation 2018-08-14 16:48:04 -05:00
Jon Siwek
5821c16490 Fix SumStats::observe key normalization logic 
The loop over Reducers in SumStats::observe performs a key normalization
and inadvertently modifies the key used for subsequent iterations.

Reported by Jim Mellander.
 2018-08-13 17:53:26 -05:00
Jon Siwek
d66a589558 Add 'smtp_excessive_pending_cmds' weird 2018-08-13 16:31:11 -05:00
Jon Siwek
1f7e112879 Fix SMTP command string comparisons 2018-08-13 16:30:44 -05:00
Jon Siwek
2d47586473 Merge remote-tracking branch 'origin/topic/johanna/config-framework-fixes' 
* origin/topic/johanna/config-framework-fixes:
  Fix test that fails now that options are automatically redefable.
  Make options redef-able by default.
  Ascii formatter: do not complain about port text.
  Make parsing of booleans a little bit more lenient.
 2018-08-13 10:54:39 -05:00
Jon Siwek
4e3db97379 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Improve the travis-job script to work outside of Travis
 2018-08-13 10:25:05 -05:00
Jon Siwek
a2f8d81fb6 Fix validate-certs.bro comments 2018-08-13 10:20:58 -05:00
Jon Siwek
67524f26d5 Immediately apply broker subscriptions made during bro_init() 
Otherwise that's begging for unit test failures due to races
 2018-08-10 17:18:21 -05:00
Jon Siwek
083947af41 Update default broker threading configuration 
Now defaults to a max of 4 threads typically indepedent of core
count (previously could go up to a hard cap of 8).  Also now allow
controlling this setting via BRO_BROKER_MAX_THREADS environment
variable.
 2018-08-10 17:08:26 -05:00
Jon Siwek
9f12b56105 Misc. unit test improvements 2018-08-10 16:58:27 -05:00
Johanna Amann
7b44a64994 Fix test that fails now that options are automatically redefable. 2018-08-10 14:28:17 -07:00