mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
2233521de7
BIT-1550 #merged * origin/topic/johanna/netcontrol: (72 commits) Update baselines and news Move prefixtable back to all IPv6 internal handling. NetControl: Add functions to search for rules affecting IPs/subnets Add check_subnet bif that allows exact membership test for subnet tables. Rewrite internal handling of rules. Add bif that allows searching for all matching subnets in table. Add signaling of succesful initialization of plugins to NetControl. Add rule hooks to the acld plugin. Add new logfiles for shunting and drops to netcontrol Extend NetControl logging and fix bugs. Update OpenFlow API and events. small acld plugin fix Revert "introduce &weaken attribute" Fix crash when printing type of recursive structures. Testcase for crash when a record contains a function referencing a record. Rename Pacf to NetControl fix acld plugin to use address instead of subnet (and add functions for conversion) implement quarantine miscelaneous missing bits and pieces Acld implementation for Pacf - Bro side. ...
99 lines
2.4 KiB
Text
99 lines
2.4 KiB
Text
##! Cluster support for the NetControl framework.
|
|
|
|
@load ./main
|
|
@load base/frameworks/cluster
|
|
|
|
module NetControl;
|
|
|
|
export {
|
|
## This is the event used to transport add_rule calls to the manager.
|
|
global cluster_netcontrol_add_rule: event(r: Rule);
|
|
|
|
## This is the event used to transport remove_rule calls to the manager.
|
|
global cluster_netcontrol_remove_rule: event(id: string);
|
|
}
|
|
|
|
## Workers need ability to forward commands to manager.
|
|
redef Cluster::worker2manager_events += /NetControl::cluster_netcontrol_(add|remove)_rule/;
|
|
## Workers need to see the result events from the manager.
|
|
redef Cluster::manager2worker_events += /NetControl::rule_(added|removed|timeout|error)/;
|
|
|
|
|
|
function activate(p: PluginState, priority: int)
|
|
{
|
|
# we only run the activate function on the manager.
|
|
if ( Cluster::local_node_type() != Cluster::MANAGER )
|
|
return;
|
|
|
|
activate_impl(p, priority);
|
|
}
|
|
|
|
global local_rule_count: count = 1;
|
|
|
|
function add_rule(r: Rule) : string
|
|
{
|
|
if ( Cluster::local_node_type() == Cluster::MANAGER )
|
|
return add_rule_impl(r);
|
|
else
|
|
{
|
|
if ( r$id == "" )
|
|
r$id = cat(Cluster::node, ":", ++local_rule_count);
|
|
|
|
event NetControl::cluster_netcontrol_add_rule(r);
|
|
return r$id;
|
|
}
|
|
}
|
|
|
|
function remove_rule(id: string) : bool
|
|
{
|
|
if ( Cluster::local_node_type() == Cluster::MANAGER )
|
|
return remove_rule_impl(id);
|
|
else
|
|
{
|
|
event NetControl::cluster_netcontrol_remove_rule(id);
|
|
return T; # well, we can't know here. So - just hope...
|
|
}
|
|
}
|
|
|
|
@if ( Cluster::local_node_type() == Cluster::MANAGER )
|
|
event NetControl::cluster_netcontrol_add_rule(r: Rule)
|
|
{
|
|
add_rule_impl(r);
|
|
}
|
|
|
|
event NetControl::cluster_netcontrol_remove_rule(id: string)
|
|
{
|
|
remove_rule_impl(id);
|
|
}
|
|
@endif
|
|
|
|
@if ( Cluster::local_node_type() == Cluster::MANAGER )
|
|
event rule_expire(r: Rule, p: PluginState) &priority=-5
|
|
{
|
|
rule_expire_impl(r, p);
|
|
}
|
|
|
|
event rule_added(r: Rule, p: PluginState, msg: string &default="") &priority=5
|
|
{
|
|
rule_added_impl(r, p, msg);
|
|
|
|
if ( r?$expire && r$expire > 0secs && ! p$plugin$can_expire )
|
|
schedule r$expire { rule_expire(r, p) };
|
|
}
|
|
|
|
event rule_removed(r: Rule, p: PluginState, msg: string &default="") &priority=-5
|
|
{
|
|
rule_removed_impl(r, p, msg);
|
|
}
|
|
|
|
event rule_timeout(r: Rule, i: FlowInfo, p: PluginState) &priority=-5
|
|
{
|
|
rule_timeout_impl(r, i, p);
|
|
}
|
|
|
|
event rule_error(r: Rule, p: PluginState, msg: string &default="") &priority=-5
|
|
{
|
|
rule_error_impl(r, p, msg);
|
|
}
|
|
@endif
|
|
|