Bernhard Amann
94f53e3eb3
Merge branch 'topic/bernhard/log-send-proto' into topic/bernhard/input
...
Conflicts:
src/LogMgr.cc
src/LogMgr.h
Also fixup Input framework to work with the changed definitions.
2011-12-07 13:25:57 -08:00
Bernhard Amann
89a29c3d7d
Merge remote-tracking branch 'origin/master' into topic/bernhard/input
2011-12-07 13:13:43 -08:00
Bernhard Amann
e114bdf627
make LogWriter output the type of data stored inside a set or vector.
...
Now the type output is e.g. vector[string] instead of just vector.
2011-12-07 13:04:46 -08:00
Bernhard Amann
4b3cc95f72
send enum instead of string
2011-12-07 12:43:15 -08:00
Bernhard Amann
a0da991030
memleak fix.
2011-12-07 12:21:42 -08:00
Bernhard Amann
ca17a1cf46
make logging framework send the protocol to the writer.
...
for use in future writers, that have a special type for port, which includes the protocol.
2011-12-07 12:21:38 -08:00
Robin Sommer
9295beda7f
Stepping stone events aren't deprecated but internal.
2011-12-07 08:20:52 -08:00
Bernhard Amann
eb64eeedcd
memleak fix.
2011-12-06 10:56:26 -08:00
Bernhard Amann
4a690484ec
make port annotation work and ascii input reader way more rebust with better error messages.
2011-12-06 10:42:37 -08:00
Jon Siwek
ef2f3e7507
Fix some reST formatting issues in bro.bif that Sphinx complains about.
2011-12-06 10:08:44 -06:00
Jon Siwek
749e510fc7
Merge branch 'master' into topic/script-reference
...
Conflicts:
src/event.bif
2011-12-06 09:37:13 -06:00
Bernhard Amann
aecbbdd966
make logging framework send the protocol to the writer.
...
for use in future writers, that have a special type for port, which includes the protocol.
2011-12-05 16:18:54 -08:00
Bernhard Amann
78b24da7e4
start support for annotation for log field types.
...
commit before rolling part of it back...
2011-12-05 15:02:03 -08:00
Bernhard Amann
949ec6897a
Merge remote-tracking branch 'origin/master' into topic/bernhard/localnet
2011-12-03 20:15:05 -08:00
Robin Sommer
b449d5652d
Merge remote-tracking branch 'remotes/origin/topic/robin/broccoli-connrec'
...
* remotes/origin/topic/robin/broccoli-connrec:
Adapting attribute serialization when talking to Broccoli.
2011-12-03 15:57:39 -08:00
Matthias Vallentin
af9b072ddf
Phew, half way through bro.bif documentation.
2011-12-02 21:28:08 -08:00
Robin Sommer
1e45910b25
Merge remote-tracking branch 'origin/topic/jsiwek/bro-log-suffix'
...
* origin/topic/jsiwek/bro-log-suffix:
Teach LogWriterAscii to use BRO_LOG_SUFFIX env. var. (addresses #704 )
Closes #704 .
2011-12-02 16:52:18 -08:00
Matthias Vallentin
be3913fe54
Merge branch 'topic/script-reference' of ssh://git.bro-ids.org/bro into topic/script-reference
2011-12-01 20:57:59 -08:00
Matthias Vallentin
25bb69c3af
More BiF documentation.
2011-12-01 20:43:11 -08:00
Robin Sommer
03b7ebfb5b
Merge remote-tracking branch 'origin/topic/jsiwek/fix-dns-double-free'
...
* origin/topic/jsiwek/fix-dns-double-free:
Fix double-free of DNS_Mgr_Request object (addresses #661 )
Closes #661 .
2011-12-01 16:40:07 -08:00
Robin Sommer
df3ae4b30d
Merge remote-tracking branch 'origin/topic/jsiwek/remote-log-peer'
...
* origin/topic/jsiwek/remote-log-peer:
Add a remote_log_peer event which contains an event_peer record param.
Closes #493 .
2011-12-01 16:02:11 -08:00
Jon Siwek
edc0a451f8
Teach LogWriterAscii to use BRO_LOG_SUFFIX env. var. (addresses #704 )
2011-12-01 16:18:56 -06:00
Jon Siwek
0c8b5a712d
Add a remote_log_peer event which contains an event_peer record param.
...
Addresses #493 .
2011-12-01 14:07:08 -06:00
Robin Sommer
18d968adcd
Adapting attribute serialization when talking to Broccoli.
...
Broccoli doesn't support expressions, and we now no longer send them
when serializing attributes. This is the Bro change mentioned in #606 .
It's needs a correspondinly modified Broccoli identifying itself as
such, and it isn't tested yet ...
Addresses #606 .
2011-12-01 11:52:01 -08:00
Jon Siwek
2913a990c4
Merge branch 'master' into fastpath
2011-12-01 09:12:42 -06:00
Matthias Vallentin
1fb58eaeb7
Start documenting bro.bif.
2011-11-30 22:40:50 -08:00
Robin Sommer
a690199613
Merge remote-tracking branch 'origin/master' into topic/script-reference
2011-11-30 15:39:41 -08:00
Jon Siwek
4444c56a94
Fix double-free of DNS_Mgr_Request object (addresses #661 )
...
In DNS::Resolve, they could be deleted once from where they were
stored in the nb_dns_info cookie and once again from where they
were stored in the DNS_Mgr::requests list. Before commit
bd9c937236
2011-11-30 13:31:54 -06:00
Jon Siwek
f1c2b338ce
Fix documentation formatting that Sphinx complained about
2011-11-30 11:32:49 -06:00
Jon Siwek
9be652f8ff
Rearrange packet filter and dpd documentation.
2011-11-30 10:13:20 -06:00
Matthias Vallentin
98028dba89
Finish Broxygen documentation of string.bif.
2011-11-29 17:56:45 -08:00
Robin Sommer
ebd15cf12e
Fixing ASCII logger to escape the unset-field place-holder if written
...
out literally.
2011-11-29 17:01:47 -08:00
Bernhard Amann
a68e6b9fa4
allow sets to be read from files, convenience function for reading a file once,
...
bug in destructor that could lead to a segfault.
2011-11-29 15:05:09 -08:00
Matthias Vallentin
76ca1f532f
Begin with documenting strings.bif.
2011-11-29 12:20:09 -08:00
Robin Sommer
0523a18a23
Almost done with event.bif.
...
Added comments to almost all events. The only ones I'm leaving out are
Gnutella and BitTorrent, don't know enough about those protocols to
document the events. If anybody does, please chime in.
A round of proofreading would be good too, there are probably still a
few typos in the texts.
2011-11-29 10:10:46 -08:00
Robin Sommer
59a6187f42
Checkpointing work on event.bif.
...
Much there, not all yet.
2011-11-28 18:41:39 -08:00
Robin Sommer
fa9125f61a
Adding some first doc strings to event.bif.
...
Still trying to find the right style.
2011-11-28 18:41:38 -08:00
Bernhard Amann
4975584e01
change Log enum to Input enum.
2011-11-28 13:45:00 -08:00
Matthias Vallentin
5666448a48
Change some BiF return values from bool to any.
...
The BiFs
- do_profiling
- make_connection_persistent
- expect_connection
used to unconditionally return true. Since such a return value is meaningless,
returning 'any' is more appropriate.
2011-11-27 17:18:59 -08:00
Jon Siwek
8f8290c852
Add simple profiling class to accumulate Stmt usage stats across runs.
...
Use the BROFILER_FILE environment variable to point to a file in
which Stmt usage statistics from Bro script-layer can be output.
This should be able to be used to check Bro script coverage that
that e.g. the entire test suite covers.
2011-11-27 15:57:18 -06:00
Matthias Vallentin
e9f05348b0
Perform type checking on count-to-port conversion.
...
Related to #684 .
2011-11-26 18:22:25 -08:00
Jon Siwek
71f2f81bc6
Fix order of include directories.
...
This change prevents locally installed header files from overshadowing
the header files of the same name that Bro needs during compilation.
2011-11-24 16:42:18 -06:00
Jon Siwek
5867035c33
Merge branch 'master' into fastpath
2011-11-24 16:41:07 -06:00
Seth Hall
03646a8d55
Added the ssl_session_ticket_handshake event and fixed a few SSL bugs.
2011-11-23 16:10:58 -05:00
Bernhard Amann
3c40f00a53
make filters pointers (for inheritance)
2011-11-22 16:09:13 -08:00
Bernhard Amann
f82bf3f35f
re-enable direct event sending from input readers
2011-11-22 11:09:06 -08:00
Matthias Vallentin
c04b261376
Remove redundant connection_record() BiF.
...
The function lookup_connection() provides the same functionality and has more
graceful failure semantics.
2011-11-21 23:03:46 -08:00
Matthias Vallentin
1179c1a598
Remove redundant active_connection() BiF.
...
The BiF connection_exists has a more intuitive name and provides the same
functionality, thus we can remove active_connection().
2011-11-21 22:55:14 -08:00
Matthias Vallentin
6a563c8829
Make exit() parameterizable.
...
The exit() BiF used to have no arguments and always invoked exit(0) from libc.
This small fix allows for non-zero exit values of the Bro process.
2011-11-21 22:30:53 -08:00
Bernhard Amann
3035eb2b21
fix a little bug that prevented several simultaneous filters from working.
2011-11-21 19:30:16 -08:00
