filter. (Seth Hall and Robin Sommer)
- Merging in the patch from #264, which provides support for mixed
VLAN and MPLS traffic.
- Changing Bro's default filter from being built dynamically to being
a static "ip or not ip". To get the old behaviour back (i.e., the
dynamically built filter), redef "all_packets" to false.
- print-filter.bro now always prints the filter that Bro is actually
using, even if overriden from the command line.
It's now all implemented in CMake scripting.
The generation of reST docs is now a distinct target, "restdoc", while
the target to generate HTML docs, "doc", depends on "restdoc". reST doc
generation supports incremental builds (documentation for a given policy
script is only regenerated when it is out of date), but HTML doc generation
via ``make doc`` is not incremental (Sphinx always starts with fresh input).
Building the "restdoc" target is now covered by a btest to ensure all
policy scripts are parse-able when Bro is in "doc mode".
Generated reST docs should now support "@load"ing from subdirectories. e.g.
"@load foo/baz" and "@load bar/baz" will now generate the right xref links.
* origin/topic/robin/conn-ids:
Moving uid from conn_id to connection, and making output determistic if a hash seed is given.
Extending conn_id with a globally unique identifiers.
"delete x$y" now resets record field "x" back to its original state if
it is either &optional or has a &default. "delete" may not be used
with non-optional/default fields.
- When Bro is given a PRNG seed, it now uses its own internal random
number generator that produces consistent results across sytems.
Note that this internal generator isn't very good, so it should only
be used for testing purposes.
- The BTest configuration now sets the environemnt variables TZ=UTC
and LANG=C to ensure consistent results.
- Fixing doc markup in logging.bro.
- Updating baselines.
Adds a diff canonifier that skips diffing the places where example.bro
may use MutableVal derivatives (e.g. sets/tables), which don't always
generate the same ordering in the reST docs across runs.
* do_split was having a problem if there was another match
after the end of the number of separators. It would only
return the match up to the point of the next match instead
of the rest of the string.
Some still don't pass:
- events-ssl doesn't work; not clear yet why, there may be some
problem with SSL connections.
- broccoli needs the changes topic/jsiwek/64bit-val-fix, plus
adaption of the protocol version.
- pybroccoli crashes even with the 64bit-val-fix changes. Reason
unclear.
with the field.
This works now:
type X: record {
a: table[string] of bool &default=table( ["foo"] = T );
b: table[string] of bool &default=table();
c: set[string] &default=set("A", "B", "C");
d: set[string] &default=set();
};
I think previously the intend was to associate &default with the
table/set (i.e., define the default value for non-existing indices).
However, that was already not working: the error checking was
reporting type mismatches. So, this shouldn't break anything and make
things more consistent.
The merge does not include the hack to switch back to 32-bit for
Broccoli. It does contain a version of the SSL tests converted to
btest, which however doesn't pass yet (as some of the others as well)
* origin/topic/robin/comm-ssl:
Fixing crashes when SSL is not configured correctly.
Adding a test for SSL-based communciation to the istate testsuite.
Note that currently most of them don't pass because (i) the code
adding the environment variable for seeding the RNG has not been
merged into master yet; and (2) Broccoli to Bro communication is
currently broken because of the int64 problem. Once these are fixed,
then baselines need to be recreated and checked.
Therefore, the istate tests aren't activated in btest.cfg yet.
Note that I've shifted things around a little bit. The traces are now
in Traces/* (capital T), and the known-hosts-test in policy/*.
Scripts/ was meant just for helper shell scripts for the testing
framework. Also, I've not yet included "policy" in btest.cfg as a
TestDir because the corresponding script is not yet in master.
* origin/topic/appleman/unittests:
Test, trace file, and baseline for testing the known-services policy script
Baseline for KNOWN-HOSTS tesT
Initial drop of known-hosts unit test, with tracefile and directory structure, as well as c ouple of files pulled from Robin's logging branch.
The &log keyword now operates as discussed:
- When associated with individual record fields, it defines them
as being logged.
- When associated with a complete record type, it defines all fields
to be logged.
- When associated with a record extension, it defines all added
fields to be logged.
Note that for nested record types, the inner fields must likewise
be declared with &log. Consequently, conn_id is now declared with
&log in bro.init.
Vectors are now allowed to be logged and will be recorded as an
ordered set of items.
