Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-04 07:38:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
12680 commits 385 branches 195 tags 258 MiB
Commit graph

120 commits

Author SHA1 Message Date
Tim Wojtulewicz
a49dcc8954 Merge remote-tracking branch 'origin/topic/johanna/dpd-packet-limit' 
* origin/topic/johanna/dpd-packet-limit:
  PIA - switch size to int64_t
  Introduce dpd_max_packets
 2021-09-22 12:16:56 -07:00
Tim Wojtulewicz
b2f171ec69 Reformat the world 2021-09-16 15:35:39 -07:00
Johanna Amann
011ac442a1 Remove the Stepping Stone analyzer 
This commit removes the stepping stone analyzer. It has been deactivated
by default since at least Zeek 2.0, is dysfunctional in cluster settings
and has a bunch of other issued.

Relates to GH-1573
 2021-06-03 14:28:12 +01:00
Tim Wojtulewicz
0618be792f Remove all of the random single-file deprecations 
These are the changes that don't require a ton of changes to other files outside
of the original removal.
 2021-01-27 10:52:40 -07:00
Tim Wojtulewicz
96d9115360 GH-1079: Use full paths starting with zeek/ when including files 2020-11-12 12:15:26 -07:00
Tim Wojtulewicz
cd06bf34c7 GH-1215: Remove dispatch_map from packet analysis, replace with BIF methods for registering dispatches 2020-11-02 19:03:25 +00:00
Jan Grashoefer
0925b3bbec Remove encap_hdr_size (replaced by skip analyzer). 2020-09-23 11:13:28 -07:00
Jon Siwek
5ed13284c3 GH-165: Fix global initializations that indirectly use builtin types 2020-08-27 14:01:08 -07:00
Tim Wojtulewicz
a34e632eef Move NetVar from zeek to zeek::detail namespace 2020-08-20 16:11:46 -07:00
Tim Wojtulewicz
289c03d386 Move NetVar.h to zeek namespace 2020-08-20 15:55:17 -07:00
Ron Wellman
e7146c2a6b Implement EDNS Client Subnet Option 2020-07-06 15:09:03 -04:00
Tim Wojtulewicz
64332ca22c Move all Val classes to the zeek namespaces 2020-06-30 20:48:09 -07:00
Tim Wojtulewicz
149e3b3c32 Disable some deprecation diagnostics for GCC 
Clang automatically disables deprecation warnings for types used within
already-deprecated contexts, such as if you use a deprecated type inside
of a method that's beeen marked as deprecated. GCC doesn't have this
feature so it spews a lot more warnings. These functions are now wrapped
in pragmas that disable the warnings for the usage.
 2020-06-11 15:43:11 -07:00
Tim Wojtulewicz
ea3c679101 Remove the inclusion of Func.h from NetVar.h, which reduces the inclusion of Func.h overall. 2020-06-01 15:00:35 -07:00
Jon Siwek
f1e8289caa Deprecate remaining "opt_internal" functions in Var.h 2020-05-14 17:24:21 -07:00
Jon Siwek
a5762c12cc Move various elements into ID.h and zeek::id namespace 
* A handful of generic/useful/common global type pointers that used
  to be in NetVar.h

* Lookup functions that used to be Var.h
 2020-05-14 17:24:20 -07:00
Jon Siwek
9210d443d3 Trim the list of "global type pointers" from NetVar.h further 
Most of them are deprecated now, with usage sites now doing the lookup
themselves.
 2020-05-14 17:23:20 -07:00
Jon Siwek
d34b24e776 Deprecate global Val pointers in NetVar.h 
All of these have fairly niche uses, so better maintained as
lookup/static closer to the usage site.
 2020-05-14 17:23:20 -07:00
Jon Siwek
c0986f0739 Deprecate global type pointers in NetVar.h 
There's analogous IntrusivePtrs in zeek::vars
 2020-05-14 17:23:20 -07:00
Jon Siwek
c5236ecaee Deprecate internal_list_val() 2020-05-14 17:23:20 -07:00
Jon Siwek
c1b3c9593b Add "udp_content_ports" option 
Any port in that set found as either source or destination port
of a UDP packet will cause the "udp_contents" event to be raised.
 2020-04-07 13:02:29 -07:00
Jon Siwek
2da84020cf Add new "udp_content_delivery_ports_use_resp" option 
This controls whether ports given by "udp_content_delivery_ports_orig" and
"udp_content_delivery_ports_orig" are in terms of the UDP packet's
destination port or by the Connection's "responder" port (the former is
the unchanged default behavior).
 2020-04-06 14:51:34 -07:00
Jon Siwek
e46cf88435 Add Supervisor BIF/event API skeleton 2019-10-15 12:59:45 -07:00
Jon Siwek
aeef4bf030 Merge branch 'topic/jgras/dpd-late-match' of https://github.com/J-Gras/zeek 
* 'topic/jgras/dpd-late-match' of https://github.com/J-Gras/zeek:
  Improve dpd_late_match event generation.
  Improve logging of speculative service.
  Update test-all-policy script.
  Add speculative service script.
  Allow to handle late DPD matches.
 2019-09-17 11:17:41 -07:00
Dominik Charousset
c1f3fe7829 Switch from header guards to pragma once 2019-09-17 14:10:30 +02:00
Jan Grashoefer
5901b6d33c Allow to handle late DPD matches. 
If dpd_match_only_beginning is disabled, matches of protocol signatures
can be handeld using protocol_late_match. To prevent further matching in
this case, dpd_late_match_stop may be activated.
 2019-08-22 19:00:11 +02:00
Jon Siwek
31772b1b96 Remove unused option: chunked_io_buffer_soft_cap 
Used to be a part of old serialization/communication system.
 2019-07-10 18:41:16 -07:00
Jon Siwek
7dc3fca754 Remove BackDoor analyzer 2019-06-27 18:25:43 -07:00
Jon Siwek
a940cf3fb5 Remove InterConn analyzer 2019-06-27 18:05:32 -07:00
Jon Siwek
a520433636 Remove deprecated/unused irc_servers option 2019-06-27 17:48:01 -07:00
Jon Siwek
5343924eb9 Remove dead code: dump_used_event_handlers 2019-06-27 17:43:20 -07:00
Jon Siwek
2655a65331 Remove unused software_version_found events 
- software_version_found
- software_unparsed_version_found
- software_parse_error
 2019-06-27 17:43:20 -07:00
Jon Siwek
b635cc240b Remove deprecated/unused "packet" type 2019-06-27 17:43:20 -07:00
Johanna Amann
5052dc03fc Remove the BroFile cache 
GH-375
 2019-06-26 16:32:18 -07:00
Jon Siwek
7cf623b2ff Merge remote-tracking branch 'origin/topic/johanna/gh-417-consider-removing-p0f' 
* origin/topic/johanna/gh-417-consider-removing-p0f:
  Remove old, unmaintained p0f support.
 2019-06-21 11:18:20 -07:00
Jon Siwek
61d19d25e1 Remove old Broccoli SSL options 
- ssl_ca_certificate
- ssl_private_key
- ssl_passphrase
 2019-06-20 14:19:55 -07:00
Johanna Amann
632e83de57 Remove old, unmaintained p0f support. 
Addresses GH-417
 2019-06-19 09:29:32 -07:00
Vlad Grigorescu
232bee4096 Remove old NTP analyzer. 2019-05-29 08:36:25 -05:00
Jon Siwek
d6096b1618 Remove state_dir and state_write_delay options 
Since associated functionality was already removed
 2019-05-21 09:19:28 -07:00
Johanna Amann
1ff2894af2 Remove deprecated attributes. 
To be more exact: &encrypt, &mergeable, &rotate_interval, &rotate_size

Also removes no longer used redef-able constants:
log_rotate_interval, log_max_size, log_encryption_key

GH-243
 2019-05-20 14:17:03 -07:00
Johanna Amann
dcd6454530 Remove RemoteSerializer and related code/types. 
Also removes broccoli from the source tree.
 2019-05-03 15:00:13 -07:00
Jon Siwek
71ef5c8428 Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7 
* 'fatemabw/bro' of https://github.com/fatemabw/bro:
  DNSSEC support in Bro

I made several changes:

  - renamed event/record types
  - reformatted the info added to dns.log
  - removed the "addl" scripts that added extended dnssec info to dns.log
  - simplifications/improvements to the internal parsing logic
 2018-09-21 16:40:41 -05:00
fatema
ff5c11975d DNSSEC support in Bro 2018-09-05 14:12:07 -04:00
Seth Hall
c2f35920fd First step of DHCP analyzer rearchitecture. 
Old event prototypes have changed and the events are broken right
now and may be removed in favor of the new generic "dhcp_message"
event.

DHCP option parsing is abstracted from the main code base of the
protocol parser and are all now located in their own file.

Documentation, tests, and final code cleanup are still pending.
 2018-02-02 10:14:15 -05:00
Seth Hall
e2fb7591f4 Merge remote-tracking branch 'origin/master' into topic/seth/smb 2016-05-20 14:28:39 -04:00
Seth Hall
d9d579c52c Merge remote-tracking branch 'origin/master' into topic/seth/stats-improvement 2016-05-02 14:34:29 -04:00
Jan Grashoefer
c0bf1b3c67 Added get_current_packet_header bif. 2016-04-20 00:00:47 +02:00
Seth Hall
7251b0f240 Merge remote-tracking branch 'origin/master' into topic/seth/smb 
# Conflicts:
#	scripts/base/init-default.bro
 2016-01-16 21:04:43 -05:00
Seth Hall
6d836b7956 More stats improvements 
Broke out the stats collection into a bunch of new Bifs
in stats.bif.  Scripts that use stats collection functions
have also been updated.  More work to do.
 2016-01-07 16:20:24 -05:00
Robin Sommer
f97b2b180c Moving the remaining code from Layer2.* into Packet.* and documenting 
the Packet API.

Plus, some more cleanup, including removing a legacy option
time_machine_profiling.
 2015-07-21 08:30:23 -07:00