Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-04 15:48:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
17337 commits 385 branches 195 tags 258 MiB
Commit graph

17337 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seth Hall
a432e3ce25 Reorganizing the notice framework. 2011-06-01 11:13:34 -04:00
Seth Hall
0504bf53fc Updates to bro.init and more logging reorg. 2011-06-01 11:10:52 -04:00
Seth Hall
799199eb4f Reorganized logging framework a bit. 2011-06-01 11:08:17 -04:00
Seth Hall
afda3c68ba More script movement and documentation. 2011-06-01 11:04:07 -04:00
Seth Hall
ae3bd76769 Reorganizing the policy scripts for clarity. 2011-06-01 10:07:53 -04:00
Seth Hall
e0467fad2d Fixing bugs discovered by Jon in SMTP script. 2011-05-31 14:48:03 -04:00
Seth Hall
e07189e129 Merge branch 'topic/policy-scripts-new' of ssh://git.bro-ids.org/bro into topic/policy-scripts-new 2011-05-26 00:28:37 -04:00
Seth Hall
da6105ac53 A bit more filename cleanup for the content extraction. 2011-05-26 00:28:28 -04:00
Seth Hall
eacffb7b53 Added a uid column to the dpd log. 2011-05-26 00:28:06 -04:00
Jon Siwek
33f0c237ca Doc tweaks for new conn/contents.bro 2011-05-25 15:34:57 -05:00
Seth Hall
b32ff14a77 New conn/ script for extracting contents. 
- Restructured conn scripts to match other core scripts.
 2011-05-25 14:56:48 -04:00
Seth Hall
fe274c3e64 Setting the snaplen to 0 to capture the full packet regardless of size. 
In my limited testing this seemed to work fine but we should
make an actual test for this eventually.
 2011-05-25 13:37:21 -04:00
Seth Hall
b8a1336088 Renaming a helper function for building regexes. 2011-05-24 14:45:16 -04:00
Seth Hall
7ab4601116 Adding a script dependency. 2011-05-24 14:44:40 -04:00
Seth Hall
354f41d964 Updates to FTP script based on comments from Jon. 2011-05-24 14:44:18 -04:00
Seth Hall
b2e2905e87 Updates to DPD scripts. 
- Moved the DPD sigs into the dpd/ directory.
- Updated some comments to reflect reality.
- Added a TODO about a bug.
 2011-05-24 14:42:37 -04:00
Seth Hall
5414c146fa Merge branch 'topic/policy-scripts-new' of ssh://git.bro-ids.org/bro into topic/policy-scripts-new 
Conflicts:
	policy/http.bro
 2011-05-24 10:12:45 -04:00
Seth Hall
d0b4fabcad Updates and fixes for HTTP analysis scripts. 
- File hashing is enabled by default and fixed.
- Other small fixes.
 2011-05-24 10:11:10 -04:00
Seth Hall
19c9aaebb9 Fixed bug due to vectors now initially indexed on 0. 2011-05-24 10:08:17 -04:00
Seth Hall
15bfa23ce1 Merge remote branch 'origin/master' into topic/seth/ssl-binpac 
Conflicts:
	src/bro.bif
 2011-05-23 17:09:41 -04:00
Seth Hall
6918c225db Finished core support for new SSL analyzer. 
- Certificate and certificate chain validation is now done
  fully in policy script land.  The script to do this will
  be written in the new policy scripts branch once this is
  merged.

- Removed hand written SSL analyzer.

- Rewrote and reworked much of the BinPAC SSL analyzer.
 2011-05-23 17:04:27 -04:00
Seth Hall
a57e50da35 SSL analyzer changes with accompanying BiF. 
- Full DER certificates are extracted as strings to be used with
  corresponding BiFs.
- x509_verify function to verify single certs and/or full certificate chains.
 2011-05-23 14:54:52 -04:00
Seth Hall
297a2cb9c5 A table_s_of_s type to get around bifcl type limitation. 2011-05-23 14:52:18 -04:00
Jon Siwek
bf84801249 Packaging tweaks and rewrite of 'dist' target. 
- Move binary packaging scripts out of source root into pkg/ subdir
- A consistent CMake version (2.8.4) is now enforced for binary packaging
- Added a 'bindist' target to top Makefile as a convenience
- The 'dist' target has been rewritten to depend on standard system
  command/utils rather than CMake and the full dependency chain of Bro,
  addressing #398 (but the CMake 'package_source' target is still available
  in the generated build/Makefile and can be used if desired)
 2011-05-20 17:08:59 -05:00
Jon Siwek
d1cdc9f208 Generation of docs for http/detect-webapps.bro and depending scripts now works. 2011-05-18 11:51:06 -05:00
Jon Siwek
f0143c3c5f Merge branch 'master' into topic/policy-scripts-new 2011-05-18 11:44:45 -05:00
Robin Sommer
e0c05868e3 Updating submodule(s). 2011-05-18 09:08:59 -07:00
Robin Sommer
0913ef3abe Merge remote branch 'origin/topic/jsiwek/deb-packaging' 
* origin/topic/jsiwek/deb-packaging:
  Changes to allow DEB packaging via CPack, addresses #458
 2011-05-18 09:08:18 -07:00
Robin Sommer
b829c269ff Merge remote branch 'origin/fastpath' 
* origin/fastpath:
  Fix reST markup generated for record redefs.
  Fixes for more doc mode corner cases caused by type cloning.

Jon, I added the line below, please double-check.

diff --git a/src/Var.cc b/src/Var.cc
index 7880325..00ac734 100644
--- a/src/Var.cc
+++ b/src/Var.cc
@@ -260,6 +260,7 @@ void add_type(ID* id, BroType* t, attr_list* attr, int /* is_event */)
 			tnew = new FuncType(t->AsFuncType()->Args(),
 			                    t->AsFuncType()->YieldType(),
 			                    t->AsFuncType()->IsEvent());
+			break;
 		default:
 			SerializationFormat* form = new BinarySerializationFormat();
 			form->StartWrite();
 2011-05-18 09:06:41 -07:00
Jon Siwek
73a18714b3 Fix reST markup generated for record redefs. 
They should have been using reST roles to xref the original record type
instead of a reST directive to declare a new type.
 2011-05-17 15:27:45 -05:00
Jon Siwek
d69c3edf21 Fixes for more doc mode corner cases caused by type cloning. 
"shallow" copying has to be done for any type that can contain
record types in order to accommodate record redefs that add fields.
 2011-05-17 15:03:40 -05:00
Jon Siwek
196b4af44d Small doc-comment tweak. 2011-05-17 11:26:34 -05:00
Jon Siwek
3a655c610c Add all new policy scripts to doc generation target. 
Minor script tweaks along the way to get rid of reST format warnings
or @load dependency issues.
 2011-05-17 11:15:09 -05:00
Jon Siwek
56a946568a More changes to how Bro generates docs for scripts in subdirs of BROPATH 
The output reST filename now reflects the subdir information (by flattening
'/' path separators into the '^' character).  This is to prevent file name
conflicts when generated reST docs, but during the CMake 'doc' target to
build HTML docs, everything gets unflattened.
 2011-05-16 20:17:58 -05:00
Jon Siwek
e608aae0ba Merge remote-tracking branch 'origin/master' into topic/policy-scripts-new 2011-05-16 13:59:02 -05:00
Jon Siwek
f18951a77e Changes to allow DEB packaging via CPack, addresses #458 2011-05-16 13:51:32 -05:00
Robin Sommer
1199085b27 An extension to the ICMP analyzer to handle redirects. 
The analyzer now raises icmp_redirect() events that come with the
redirection address.

By Julien Sentier.
 2011-05-13 18:47:50 -07:00
Robin Sommer
437ac29ca9 Updating submodule(s). 2011-05-13 17:40:12 -07:00
Gregor Maier
cbf3390762 Merge branch 'fastpath' of ssh://git.bro-ids.org/bro into fastpath 2011-05-13 08:07:23 -07:00
Jon Siwek
70e14cb7d5 Fix CommentedTypeDecl to track whether it's in a record like TypeDecl does. 2011-05-12 19:55:26 -05:00
Jon Siwek
f70b5ece8c Add note to stub files used for grouping script docs. 2011-05-12 15:13:51 -05:00
Jon Siwek
3fe92fc1ff Remove duplicate 'addr_set' type declaration. 2011-05-12 13:01:58 -05:00
Jon Siwek
6b7e300e0b Remove unused events 'bro_signal' and 'no_handler' 2011-05-12 13:00:22 -05:00
Jon Siwek
c14afc7079 Adding conn.bro documentation for 'conn_state' and 'history' fields. 2011-05-12 12:47:43 -05:00
Jon Siwek
650177cde0 DNS policy scripts documentation cleanup/tweaks. 2011-05-12 12:19:43 -05:00
Jon Siwek
68784634ff Fixing doc tests in the btest suite. 
- reduce number of docs generated by `make doc`; will add as they're reviewed

- Conforming to new Notice::Type enum for notices
 2011-05-12 11:21:20 -05:00
Seth Hall
7399b79dd2 Updating DNS scripts based on comments from Jon. 2011-05-11 14:17:35 -04:00
Seth Hall
01499922ac Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-05-11 10:53:56 -04:00
Robin Sommer
da5618b9ba Portability fixes for tests on MacOS. 2011-05-10 21:27:44 -07:00
Robin Sommer
a8f15616f2 Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-05-10 20:58:02 -07:00