* origin/topic/bernhard/reader-info:
fix small bug - now configuration actually is passed.
add mode to readerinfo - no need to have it separately everywhere anymore.
introduce reader-info struct analogous to writer-info.
Introduce support for a table of key/value pairs with further configuration options, with the same userinterface as in the logging interface.
make writer-info work when debugging is enabled
Conflicts:
testing/btest/Baseline/scripts.base.frameworks.input.event/out
testing/btest/Baseline/scripts.base.frameworks.input.executeraw/out
testing/btest/Baseline/scripts.base.frameworks.input.raw/out
testing/btest/Baseline/scripts.base.frameworks.input.rereadraw/out
testing/btest/Baseline/scripts.base.frameworks.input.tableevent/out
Closes#841.
* robin/topic/writer-info:
Extending the log writer DoInit() API.
Reworking log writer API to make it easier to pass additional information to a writer's initialization method.
Conflicts:
src/logging/WriterBackend.cc
src/logging/WriterBackend.h
src/logging/WriterFrontend.cc
* origin/fastpath:
Fix inconsistencies in random number generation.
Updating input framework unit tests.
Add front-end name to InitMessage from WriterFrontend to Backend.
Small tweak to make test complete quicker.
Drain events before terminating log/thread managers.
Fix strict-aliasing warning in RemoteSerializer.cc (fixes#834).
Fix typos in event documentation
Fix typos in NEWS for Bro 2.1 beta
The srand()/rand() interface was being intermixed with the
srandom()/random() one. The later is now used throughout.
Changed the srand() and rand() BIFs to work deterministically if Bro
was given a seed file (addresses #825). They also now wrap the
system's srandom() and random() instead of srand() and rand() as per
the above.
Generally tried to make them more reliable and execute quicker.
They all now load the listen script as a trick to make sure input
sources are fully read, but also terminate() at appropriate times
so that they don't take more time than needed. They're also all
serialized with the 'comm' group so listening on a port doesn't
interfere with the communication tests.
At the time WriterBackend::Init() happens, it's in a different thread
than its frontend member, but tried to access it directly to get its
name, that info is now sent in the InitMessage instead.
(Problem was observed segfaulting the unit test
scripts.base.frameworks.notice.mail-alarms on Ubuntu 12.04).
Using the default scripts, the events from RemoteSerializer::LogStats()
were attempting to use the logging framework after logging/threading
had been terminated which never worked right and sometimes caused
crashes with "fatal error: cannot lock mutex".
Also made communication log baseline test pass more reliably.
This adds a new parameter of type "icmp6_nd_options" to the ICMPv6
neighbor discovery events (icmp_redirect, icmp_router_solicitation,
icmp_router_advertisement, icmp_neighbor_solicitation,
icmp_neighbor_advertisement) which includes data extracted from
all neighbor discovery options (RFC 4861) that are present in the
ICMPv6 message.
set frontend type before starting the thread. This means that the thread type will be output correctly in the error message.
return errno string of pthread functions called in thread start
We now pass in a Info struct that contains:
- the path name (as before)
- the rotation interval
- the log_rotate_base_time in seconds
- a table of key/value pairs with further configuration options.
To fill the table, log filters have a new field "config: table[string]
of strings". This gives a way to pass arbitrary values from
script-land to writers. Interpretation is left up to the writer.
Also splits calc_next_rotate() into two functions, one of which is
thread-safe and can be used with the log_rotate_base_time value from
DoInit().
Includes also updates to the None writer:
- It gets its own script writers/none.bro.
- New bool option LogNone::debug to enable debug output. It then
prints out all the values passed to DoInit(). That's used by a
btest test to ensure the new DoInit() values are right.
- Fixed a bug that prevented Bro from terminating..
(scripts.base.frameworks.logging.rotate-custom currently fails.
Haven't yet investigated why.)
* origin/topic/seth/tunnels-merge:
Fixed some problems with the SOCKS analyzer and tests.
Conflicts:
scripts/base/protocols/socks/main.bro
src/socks-analyzer.pac
* origin/topic/seth/tunnels-merge:
SOCKS DPD fixes.
Fix a bug in the SOCKS analyzer.
SOCKS and tunnel test updates.
Updates for the SOCKS analyzer.
Very small updates to the tunnels framework.
- Make the uid field optional since it's conceptually incorrect
for proxies being treated as tunnels to have it.
- Reordered two fields in the log.
- Reduced the default tunnel expiration interface to something more
reasonable (1 hour).
