Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 00:58:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
6022 commits 387 branches 195 tags 259 MiB
Commit graph

6022 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jon Siwek
58ea1ff458 BIT-1408: improve I/O loop and Broker IOSource. 2015-06-03 08:25:49 -05:00
Jeff Barber
49ece39cb6 One more tinker to Packet -- ensure no uninitialized values 2015-06-02 16:37:23 -04:00
Jeff Barber
97ab422e17 Packet::IP()-created IP_Hdr should not free 2015-06-02 16:37:16 -04:00
Robin Sommer
a6618eb964 Merge branch 'master' of git.bro.org:bro 2015-06-02 10:37:31 -07:00
Seth Hall
217ccf6063 Add signature support for F4M files. 2015-06-02 12:48:53 -04:00
Robin Sommer
26d10d88d2 Merge remote-tracking branch 'origin/topic/dnthayer/doc-improvements-2.4' 
Lots of good stuff! Thanks for catchign the plugin doc inconsistencies!

* origin/topic/dnthayer/doc-improvements-2.4:
  Add missing documentation on the "Bro Package Index" page
  More improvements to the Logging Framework doc
  Fix documentation typo
  Update the "Log Files" documentation
  Add links in the logging framework doc
  Add a link to the bro-plugins documentation
  Update bro man page
  Update script language reference documentation
  Fix typos in the "writing bro plugins" doc
  Fix a "make doc" warning
  Improve logging framework doc
  Add link to broctl doc from the quickstart doc
  Update install documentation and fix some typos
  Minor improvements to logging framework documentation
  Correct a minor typo in the docs
 2015-06-02 09:44:51 -07:00
Robin Sommer
6791c9a81d Merge remote-tracking branch 'origin/topic/vladg/bit-1410' 
BIT-1410 #merged

* origin/topic/vladg/bit-1410:
  Add memleak btest for attachments over SMTP.
  BIT-1410: Add btest
  BIT-1410: Update baselines
  BIT-1410: Propagate is_orig to MIME_Mail
 2015-06-02 09:18:40 -07:00
Seth Hall
0eb345a25a Updating the Mozilla root certs. 2015-06-02 11:51:08 -04:00
Daniel Thayer
45caf8d2c1 Add missing documentation on the "Bro Package Index" page 2015-06-02 10:00:00 -05:00
Vlad Grigorescu
0a4604fe98 Add memleak btest for attachments over SMTP. 2015-06-01 21:14:52 -05:00
Vlad Grigorescu
847b16442b BIT-1410: Add btest 2015-06-01 20:49:04 -05:00
Vlad Grigorescu
05ea2d43c7 BIT-1410: Update baselines 2015-06-01 20:38:59 -05:00
Vlad Grigorescu
60d07f8483 BIT-1410: Propagate is_orig to MIME_Mail 2015-06-01 20:26:58 -05:00
Daniel Thayer
63aa61fcc9 More improvements to the Logging Framework doc 2015-06-01 16:36:44 -05:00
Daniel Thayer
7681263f91 Fix documentation typo 2015-06-01 14:29:03 -05:00
Daniel Thayer
4db9b8d792 Update the "Log Files" documentation 2015-06-01 14:26:09 -05:00
Seth Hall
097354a43f Updates for the urls.bro script. Fixes BIT-1404. 2015-06-01 11:38:26 -04:00
Daniel Thayer
4ddfe0ed83 Merge remote-tracking branch 'origin/master' into topic/dnthayer/doc-improvements-2.4 2015-05-31 23:49:38 -05:00
Daniel Thayer
b6920ac188 Add links in the logging framework doc 
Added links to the log writers that are available as external plugins.
 2015-05-31 23:34:19 -05:00
Daniel Thayer
648d091b29 Add a link to the bro-plugins documentation 2015-05-31 23:17:59 -05:00
Daniel Thayer
6bd24780b5 Update bro man page 2015-05-31 23:04:30 -05:00
Daniel Thayer
d0e304de46 Update script language reference documentation 2015-05-30 01:35:55 -05:00
Daniel Thayer
260b25f20a Fix typos in the "writing bro plugins" doc 2015-05-30 00:18:04 -05:00
Daniel Thayer
24701f2678 Fix a "make doc" warning 
Also fixed some indentation.
 2015-05-29 14:38:50 -05:00
Jeff Barber
72fca3ee26 Make enums work for non-C++11 config 2015-05-29 10:37:43 -04:00
Jeff Barber
30fdc37479 Refactor to make bro use a common Packet object. 
Do a better job of parsing layer 2 and keeping track of layer 3 proto.
Add support for raw packet event, including Layer2 headers.
 2015-05-29 10:37:39 -04:00
Daniel Thayer
7cf04c9f3a Improve logging framework doc 
Reorganized the content to be easier to follow, added a few more examples,
fixed some ugly formatting (removed scrollbars that make the examples
difficult to read).
 2015-05-28 17:52:32 -05:00
Robin Sommer
2b1cd66f17 Updating CHANGES and VERSION. 2015-05-28 13:37:52 -07:00
Robin Sommer
fbf40090a8 Updating submodule(s). 
[nomail]
 2015-05-28 13:20:44 -07:00
Robin Sommer
0a9b768e46 Updating submodule(s). 
[nomail]
 2015-05-28 12:15:48 -07:00
Robin Sommer
d9ef8c36c9 Updating submodule(s). 
[nomail]
 2015-05-28 12:02:26 -07:00
Robin Sommer
a3290d194c Fix segfault when DNS is not available. 
Based on patch by Frank Meier.

BIT-1387 #merged
 2015-05-28 11:52:54 -07:00
Yun Zheng Hu
2aa214d835 BIT-1314: Added QI test for rexmit_inconsistency 2015-05-28 12:12:22 +02:00
Yun Zheng Hu
b386b2ba51 BIT-1314: Add detection for Quantum Insert attacks 
TCP_Reassembler can now keep a history of old TCP segments using the
`tcp_max_old_segments` option. A value of zero will disable it.

An overlapping segment with different data can indicate a possible
TCP injection attack. The rexmit_inconsistency event will fire if this
is the case.
 2015-05-28 12:11:06 +02:00
Daniel Thayer
e02ad1711c Add link to broctl doc from the quickstart doc 2015-05-27 16:23:02 -05:00
Johanna Amann
5147b0bb02 set fedora 21 specific environment variable to not make it complain about 
md5 signed certs.

Addresses BIT-1402
 2015-05-27 12:24:21 -07:00
Daniel Thayer
fcaf1d9c95 Update install documentation and fix some typos 2015-05-25 13:08:03 -05:00
Daniel Thayer
9cde2be727 Merge remote-tracking branch 'origin/master' into topic/dnthayer/doc-improvements-2.4 2015-05-25 11:59:34 -05:00
Jon Siwek
08822e0dd4 Allow '<' and '>' in MIME multipart boundaries. 
The spec doesn't actually seem to permit these, but Seth had a (private)
pcap showing them used in the wild (and the HTTP/MIME analyzer failed to
parse content as a result).
 2015-05-22 11:46:50 -05:00
Jon Siwek
c870fefbef Updating submodule(s). 
[nomail]
 2015-05-20 13:00:58 -05:00
Seth Hall
ea2ce67c5f Fixes an issue with missing zlib headers on deflated HTTP content. 
- Includes a test.
 2015-05-18 14:30:32 -04:00
Johanna Amann
8be8f2e725 update local-compat.test 2015-05-07 21:55:59 -07:00
Johanna Amann
456a78e204 Updating CHANGES and VERSION. 2015-05-07 20:32:20 -07:00
Johanna Amann
ae74f37696 Updating CHANGES and VERSION. 2015-05-07 13:57:03 -07:00
Robin Sommer
1e66c6718a Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Add /sbin to PATH in btest.cfg
 2015-05-06 09:58:30 -07:00
Daniel Thayer
f6248994e4 Add /sbin to PATH in btest.cfg 
Added /sbin to PATH so that a couple of tests that require ifconfig
are not skipped on systems (such as debian) which don't have /sbin
in PATH by default.

Also removed a duplicate default_path.
 2015-05-04 14:47:56 -05:00
Robin Sommer
190df47c4b Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Update usage output and list of cmd-line options
  A small fix to ssh/geo-data.bro. ssh can now be unset for local-local or remote-remote, so make the script deal with this.
 2015-05-04 09:58:57 -07:00
Daniel Thayer
26007f419e Update usage output and list of cmd-line options 2015-04-29 23:56:55 -05:00
Robin Sommer
31e75c8eac Baseline update. 2015-04-29 20:34:37 -07:00
Vlad Grigorescu
cb91a9c101 A small fix to ssh/geo-data.bro. ssh can now be unset for local-local or remote-remote, so make the script deal with this. 2015-04-29 20:57:40 -04:00