Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 04:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
15236 commits 388 branches 197 tags 276 MiB
Commit graph

102 commits

Author SHA1 Message Date
Jan Grashoefer
1882307cf3 Add pcap_file option to supervised nodes. 
This allows to start Supervised nodes with a pcap_file argument
rather than interface.

This is based on changes from @J-Gras.
 2023-03-21 16:18:02 +01:00
Tim Wojtulewicz
a8fc63e182 Merge remote-tracking branch 'microsoft/master' 
* microsoft/master: (71 commits)
  Clang formatting
  Mask ports before inserting them into the map
  Fix compiler warning from applied patch
  Remove statistics plugin in favor of stats bif
  Add EventHandler version of stats plugin
  Mark a few EventHandler methods const
  Changed implementation from std::map to std::unordered_map of Val.cc
  Removed const, Windows build is now working
  Added fixes suggested in PR
  Update src/packet_analysis/protocol/ip/IP.cc
  Apply suggestions from code review
  Clang format again but now with v13.0.1
  Rewrote usages of define(_MSC_VER) to ifdef _MSC_VER
  Clang format it all
  Fixed initial CR comments
  Add NEWS entry about Windows port
  Add a couple of extra unistd.h includes to fix a build failure
  Use std::chrono instead of gettimeofday
  Update libkqueue submodule [nomail]
  Don't call tokenize_string if the input string is empty
  ...
 2022-11-11 15:23:21 -07:00
Tim Wojtulewicz
2739275b88 Merge remote-tracking branch 'jsoref/spelling-src' 
* jsoref/spelling-src:
  Spelling src
 2022-11-11 12:49:15 -07:00
Josh Soref
cd201aa24e Spelling src 
These are non-functional changes.

* accounting
* activation
* actual
* added
* addresult
* aggregable
* aligned
* alternatively
* ambiguous
* analysis
* analyzer
* anticlimactic
* apparently
* application
* appropriate
* arithmetic
* assignment
* assigns
* associated
* authentication
* authoritative
* barrier
* boundary
* broccoli
* buffering
* caching
* called
* canonicalized
* capturing
* certificates
* ciphersuite
* columns
* communication
* comparison
* comparisons
* compilation
* component
* concatenating
* concatenation
* connection
* convenience
* correctly
* corresponding
* could
* counting
* data
* declared
* decryption
* defining
* dependent
* deprecated
* detached
* dictionary
* directional
* directly
* directory
* discarding
* disconnecting
* distinguishes
* documentation
* elsewhere
* emitted
* empty
* endianness
* endpoint
* enumerator
* essentially
* evaluated
* everything
* exactly
* execute
* explicit
* expressions
* facilitates
* fiddling
* filesystem
* flag
* flagged
* for
* fragments
* guarantee
* guaranteed
* happen
* happening
* hemisphere
* identifier
* identifies
* identify
* implementation
* implemented
* implementing
* including
* inconsistency
* indeterminate
* indices
* individual
* information
* initial
* initialization
* initialize
* initialized
* initializes
* instantiate
* instantiated
* instantiates
* interface
* internal
* interpreted
* interpreter
* into
* it
* iterators
* length
* likely
* log
* longer
* mainly
* mark
* maximum
* message
* minimum
* module
* must
* name
* namespace
* necessary
* nonexistent
* not
* notifications
* notifier
* number
* objects
* occurred
* operations
* original
* otherwise
* output
* overridden
* override
* overriding
* overwriting
* ownership
* parameters
* particular
* payload
* persistent
* potential
* precision
* preexisting
* preservation
* preserved
* primarily
* probably
* procedure
* proceed
* process
* processed
* processes
* processing
* propagate
* propagated
* prototype
* provides
* publishing
* purposes
* queue
* reached
* reason
* reassem
* reassemble
* reassembler
* recommend
* record
* reduction
* reference
* regularly
* representation
* request
* reserved
* retrieve
* returning
* separate
* should
* shouldn't
* significant
* signing
* simplified
* simultaneously
* single
* somebody
* sources
* specific
* specification
* specified
* specifies
* specify
* statement
* subdirectories
* succeeded
* successful
* successfully
* supplied
* synchronization
* tag
* temporarily
* terminating
* that
* the
* transmitted
* true
* truncated
* try
* understand
* unescaped
* unforwarding
* unknown
* unknowndata
* unspecified
* update
* usually
* which
* wildcard

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-09 12:08:15 -05:00
Tomer Lev
5cdc6e150e Clang format it all 2022-11-09 18:55:51 +02:00
Tim Wojtulewicz
2e457eb3ea Fix a few compiler warnings from MSVC 2022-11-09 18:17:07 +02:00
Tim Wojtulewicz
77c555a3a8 Fixing some issues from rebasing 2022-11-09 18:16:13 +02:00
Elad Solomon
3f349b8a37 Optimize initial memory consumption 2022-11-09 18:15:34 +02:00
Tomer Lev
0dbfd9b04e Building supervisor for window 2022-11-09 18:15:33 +02:00
Elad Solomon
3a80b79497 Compile Zeek with MSVC 
Allow Zeek to be embedded in another project
 2022-11-09 18:15:30 +02:00
Tim Wojtulewicz
e8dbfc1cb0 Fix a bunch of variable shadowing issues from LGTM 2022-11-02 15:54:51 -07:00
Christian Kreibich
412c150c63 Suppress deprecation warnings for the Supervisor's own NodeConfig::script access 
These spots involve our own usage of the deprecated "scripts" field, required to
keep the deprecation functional.
 2022-09-02 12:12:19 -07:00
Christian Kreibich
c7860e3238 Expand Supervisor to support loading additional scripts before user scripts 
In supervised nodes, the Supervisor's NodeConfig$scripts vector adds scripts to
the end of the user-provided scripts (options.scripts_to_load), so they load
_after_ any user-provided ones. This can cause confusing redef pitfalls when
users expect their customizations to run last, as they normally do.

This adds two members in Supervisor::NodeConfig, `addl_base_scripts` and
`addl_user_scripts`, to store scripts to load before and after the user scripts,
respectively. The latter serves the same purpose as the old `scripts` member,
which is still there but deprecated (in scriptland only). It functions as
before, after any scripts added via `addl_user_scripts`.
 2022-09-02 10:23:35 -07:00
Tim Wojtulewicz
9f97a91d39 Remove unnecssary includes of Dict.h 2022-07-05 13:33:34 -07:00
Tim Wojtulewicz
47e7fe2cd1 Convert Dictionary types to be templated classes 
This has the fortunate side-effect of also making it so we can store
the value objects as typed pointers, instead of void*.
 2022-07-05 13:33:34 -07:00
Christian Kreibich
14188fc7a7 Add Supervisor::node_status notification event 
The Supervisor generates this event every time it receives a status update from
the stem, meaning a node got created or re-created. A corresponding
SupervisorControl::node_status event relays the same information for users
interacting with the Supervisor over Broker.
 2022-05-30 21:36:35 -07:00
Benjamin Bannier
72cbc7cd13 Move 3rdparty source files to 3rdparty/ 
This patch moves in-tree 3rdparty source files to `3rdparty/`. With that
we can remove special treatment of these files for `run-clang-format`.
 2021-11-09 07:20:18 +01:00
Tim Wojtulewicz
9af6b2f48d clang-format: Set penalty for breaking after assignment operator 2021-09-27 10:49:48 -07:00
Tim Wojtulewicz
9cb54f5d44 clang-format: Force zeek-config.h to be earlier in the config ordering 2021-09-25 11:52:55 -07:00
Tim Wojtulewicz
b2f171ec69 Reformat the world 2021-09-16 15:35:39 -07:00
Tim Wojtulewicz
9b15db25f6 Reorder fields in some classes for more compact memory layout 2021-07-14 14:59:49 -07:00
Tim Wojtulewicz
f8389c92e0 Merge remote-tracking branch 'origin/topic/timw/freebsd-warning' 
* origin/topic/timw/freebsd-warning:
  Fix a compile warning on FreeBSD
 2021-07-08 18:00:34 -07:00
Tim Wojtulewicz
12ac62645a Fix a compile warning on FreeBSD 2021-07-08 16:10:19 -07:00
Christian Kreibich
7bee79b400 Add optional bare-mode boolean flag to Supervisor's node configuration 
When omitted, the node inherits the Supervisor's bare-mode
status. When true/false, the new Zeek node will enable/disable bare
mode, respectively. It continues to load any scripts passed at the
command line and in the additional scripts list already provided in
the node configuration.

Includes testcase.
 2021-07-08 13:12:53 -07:00
Christian Kreibich
36051dc9a1 Add support for setting environment variables via supervisor 
The NodeConfig record now has a table for specifying environment variable names
and values, which the supervisor sets in the created node.

This also repositions the cpu_affinity member to keep the order the same in
the corresponding script-layer and in-core types.

Includes testcase.
 2021-07-08 13:12:53 -07:00
Jon Siwek
2855df63ce Add RecordVal::AssignField() and use it in supervisor code 
This is a convenience method to assign a known record field value by
field name.  May also be useful to reduce warnings from static analysis
(e.g. Coverity) about not checking for negative return values before
assigning since that now flows through a [[noreturn]] error path.
 2021-03-26 18:57:42 -07:00
Vern Paxson
62bab66114 migration to using new differentiated methods for setting record fields 2021-02-25 16:59:26 -08:00
Vern Paxson
0118b6ee38 migrate to differentiated vector "At" accessors to support future efficiency 2021-02-25 13:28:23 -08:00
Jon Siwek
8a8a983c49 Add missing zeek/ to header includes 
Related to https://github.com/zeek/zeek/pull/1377
 2021-01-29 19:16:29 -08:00
Tim Wojtulewicz
892124378c Implement standard-library-compatible iterators for Dictionary 2021-01-14 13:49:40 -07:00
Tim Wojtulewicz
4962986df1 Remove GET_FIELD_AS macro, replace with template methods 2021-01-14 11:58:59 -07:00
Vern Paxson
7f92a573d2 Remove BroValUnion by hoisting underlying Val subclass values into subclasses 2021-01-14 11:58:59 -07:00
Tim Wojtulewicz
96d9115360 GH-1079: Use full paths starting with zeek/ when including files 2020-11-12 12:15:26 -07:00
Tim Wojtulewicz
fe0c22c789 Base: Clean up explicit uses of namespaces in places where they're not necessary. 
This commit covers all of the common and base classes.
 2020-08-24 12:07:00 -07:00
Tim Wojtulewicz
0ac3fafe13 Move zeek::net namespace to zeek::run_state namespace. 
This also moves all of the code from Net.{h,cc} to RunState.{h,cc} and marks Net.h as deprecated
 2020-08-20 16:11:47 -07:00
Tim Wojtulewicz
db36688bf0 Move a few smaller files to zeek namespaces 2020-08-20 16:11:46 -07:00
Tim Wojtulewicz
ddf48d7529 Move a few of the zeek::util methods and variables to zeek::util::detail 2020-08-20 16:11:44 -07:00
Tim Wojtulewicz
8d2d867a65 Move everything in util.h to zeek::util namespace. 
This commit includes renaming a number of methods prefixed with bro_ to be prefixed with zeek_.
 2020-08-20 16:00:33 -07:00
Tim Wojtulewicz
e7c6d51ae7 Move the functions and variables in Net.h to the zeek::net namespace. This includes moving network_time out of util.h. 2020-08-20 15:55:17 -07:00
Tim Wojtulewicz
be92bd536f Move iosource code to zeek namespaces 2020-08-20 15:55:17 -07:00
Tim Wojtulewicz
886fc102b8 Move DebugLogger to zeek namespaces 2020-07-31 16:23:34 -04:00
Tim Wojtulewicz
a2a435360a Move all of the hashing classes/functions to zeek::detail namespace 2020-07-31 16:23:34 -04:00
Tim Wojtulewicz
118605f4ac Add deprecated version of EnumType::GetVal() to returns EnumVal*, rename IntrusivePtr version to GetEnumVal 2020-07-15 14:56:05 -07:00
Jon Siwek
7669f560d1 Integrate Supervisor code review suggestions 2020-07-09 13:56:11 -07:00
Jon Siwek
10709c627b Add Supervisor::{stdout,stderr}_hook 
These allow capturing/handling the stdout/stderr of child processes
via Zeek scripts.
 2020-07-07 20:21:32 -07:00
Jon Siwek
a46e24091a Move some supervisor structures to detail namespace 
* StemHandle -> detail::SupervisorStemHandle
* SupervisedNode -> detail::SupervisedNode
* Supervisor::Node -> detail::SupervisorNode
 2020-07-07 18:39:23 -07:00
Jon Siwek
9087621714 Improve default supervisor stdout/stderr handling 
The stdout/stderr of child processes is now redirected over a pipe back
to the supervisor process so that it can prefix the output with
the name of the emitting node.
 2020-07-07 18:39:23 -07:00
Jon Siwek
0acd5fea0c Factor Supervisor initialization data to separate struct from Stem 2020-07-07 18:38:38 -07:00
Jon Siwek
d00b3a8daa Move ParentProcessCheckTimer to detail namespace 2020-07-07 18:38:38 -07:00
Tim Wojtulewicz
45d2c96643 Rename BroString files to ZeekString 2020-07-02 17:24:22 -07:00