Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Add a test and baseline for addr_to_ptr_name BiF.
2012-02-08 11:23:02 -06:00
Remove --enable-brov6 flag, IPv6 now supported by default.
2012-02-03 16:46:58 -06:00
GH-211: improve consistency of how scripting errors are handled
2019-01-30 11:20:09 -06:00
Add tests for untested BIFs
2012-08-03 17:24:04 -05:00
Add more tests for previously-untested BIFs
2012-05-24 16:33:19 -05:00
Also switch BloomFilters from H3 to siphash.
2016-07-13 09:04:10 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Allow default function/hook/event parameters. Addresses #972 .
2013-05-07 14:32:22 -05:00
Add test cases for the bytestring_to_double BIF
2012-10-25 17:10:51 -05:00
Add more tests for previously-untested BIFs
2012-05-29 14:04:36 -05:00
Add more tests for previously-untested BIFs
2012-05-25 17:15:29 -05:00
Add check_subnet bif that allows exact membership test for subnet tables.
2016-03-09 16:52:25 -08:00
Add more tests for previously-untested BIFs
2012-05-24 16:33:19 -05:00
Add more tests for previously-untested BIFs
2012-05-29 14:04:36 -05:00
SSH: Update baselines
2015-03-18 13:02:33 -04:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Remove deprecated functions/events
2019-05-02 12:06:39 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Add rename, unlink, and rmdir bifs.
2017-04-24 11:58:05 -07:00
GH-532: improve disable_analyzer BIF
2019-08-09 20:03:26 -07:00
GH-532: improve disable_analyzer BIF
2019-08-09 20:03:26 -07:00
GH-532: improve disable_analyzer BIF
2019-08-09 20:03:26 -07:00
Merge remote-tracking branch 'origin/topic/jazoff/fix-snaplen'
2018-08-21 14:54:55 -05:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
Remove deprecated functions/events
2019-05-02 12:06:39 -07:00
Add tests for untested BIFs
2012-08-03 17:24:04 -05:00
[ADD] builtin function enum_to_int()
2014-11-10 18:24:27 -08:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Add more tests for previously-untested BIFs
2012-05-24 16:33:19 -05:00
Add more tests for previously-untested BIFs
2012-05-29 14:04:36 -05:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
Update docs and tests of the fmt() function
2016-04-27 15:34:47 -05:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Added test case for get_current_packet_header bif.
2016-04-20 00:05:33 +02:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Add more tests for previously-untested BIFs
2012-05-24 16:33:19 -05:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Some more testing fixes.
2019-04-14 09:58:30 -04:00
Add new functions for calculating geographic distance
2016-06-07 13:11:10 -05:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
get hll ready for merging
2013-07-30 16:47:26 -07:00
Misc. unit test improvements
2018-08-10 16:58:27 -05:00
Replace libmagic w/ Bro signatures for file MIME type identification.
2014-03-04 11:12:06 -06:00
Update PacketFilter/Discarder code for IP version independence.
2012-03-08 13:12:04 -06:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Add more BIF tests
2012-08-07 14:10:55 -05:00
Add more tests for previously-untested BIFs
2012-05-29 14:04:36 -05:00
Remove deprecated functions/events
2019-05-02 12:06:39 -07:00
Merge branch 'master' of https://github.com/anthonykasza/bro
2013-08-19 11:20:50 -07:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
Merge branch 'master' of https://github.com/ZekeMedley/zeek
2019-02-15 17:51:29 -06:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Add more tests for previously-untested BIFs
2012-05-25 17:15:29 -05:00
Add more tests for previously-untested BIFs
2012-05-24 16:33:19 -05:00
Merge branch 'stats-bytes-recvd' of https://github.com/msmiley/bro
2015-03-04 13:16:19 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
BIT-1894: fix bad integer casts in BIFs: sort, rand, order, to_int
2018-01-26 15:49:34 -06:00
Add more tests for previously-untested BIFs
2012-05-29 14:04:36 -05:00
Add new BIF: print_raw()
2019-10-02 15:21:24 -07:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Add more tests for previously-untested BIFs
2012-05-29 14:04:36 -05:00
Add more BIF tests
2012-08-07 14:10:55 -05:00
Add more tests for previously-untested BIFs
2012-05-25 17:15:29 -05:00
Recursively handle into container types in record_fields()
2019-11-13 15:28:06 +01:00
Refactoring various usages of new IPAddr class.
2012-02-22 14:45:44 -06:00
Add more tests for previously-untested BIFs
2012-05-24 16:33:19 -05:00
Added reverse() function to strings.bif.
2013-03-23 08:39:04 -07:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Merge branch 'master' of https://github.com/ZekeMedley/zeek
2019-02-15 17:51:29 -06:00
Deprecate str_shell_escape, add safe_shell_quote replacement
2019-03-25 17:51:04 -07:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Add SHA1 and SHA256 hashing BIFs. (addresses #542 )
2012-05-04 16:09:05 -05:00
Add SHA1 and SHA256 hashing BIFs. (addresses #542 )
2012-05-04 16:09:05 -05:00
BIT-1894: fix bad integer casts in BIFs: sort, rand, order, to_int
2018-01-26 15:49:34 -06:00
Deprecate split* family of BIFs.
2015-01-21 15:34:42 -06:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
Add tests for untested BIFs
2012-08-03 17:24:04 -05:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Add more tests for previously-untested BIFs
2012-05-29 14:04:36 -05:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
Quick pass over unit tests, adding -b flag to bro so they run faster.
2012-11-30 17:44:36 -06:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
fix acld plugin to use address instead of subnet (and add functions for
2015-06-05 00:00:20 -07:00
add bif function to test if a subnet revers to v4 or v6.
2015-04-14 14:51:52 -07:00
Add tests for previously-untested strings BIFs
2012-05-23 16:34:03 -05:00
Add more tests for previously-untested BIFs
2012-05-24 16:33:19 -05:00
Fix documentation for system_env BIF
2012-06-01 13:12:55 -05:00
Improve error messages from to_addr and to_subnet BIFs
2019-08-01 10:49:03 -07:00
Fix the to_count function to use strtoull versus strtoll.
2015-04-16 09:56:18 -05:00
Updating tests for the #start/#end change.
2012-07-19 22:28:55 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
BIT-1894: fix bad integer casts in BIFs: sort, rand, order, to_int
2018-01-26 15:49:34 -06:00
Add more tests for previously-untested BIFs
2012-05-25 17:15:29 -05:00
Fix to_port() BIF for port strings with a port number of zero.
2012-12-18 15:08:18 -06:00
Improve error messages from to_addr and to_subnet BIFs
2019-08-01 10:49:03 -07:00
Add more tests for previously-untested BIFs
2012-05-25 17:15:29 -05:00
Allow iterating over bif functions with result type vector of any.
2014-02-25 15:30:29 -08:00
Merge remote-tracking branch 'origin/topic/dnthayer/bif-tests'
2012-06-06 11:42:16 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Add more tests for previously-untested BIFs
2012-05-30 16:30:50 -05:00
Adjust x509 unit tests to work around OpenSSL 1.0 vs. 1.1 differences
2018-06-29 16:01:23 -05:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
BIT-1941: improve reliability of broker.disconnect unit test
2018-07-02 16:32:13 -05:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Remove opaque of ocsp_resp.
2019-06-18 11:09:16 -07:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Support unserializing broker data into type 'any'
2018-05-31 10:39:40 -05:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Fix recursive type checks/casts of broker data into type 'any'
2018-09-10 14:55:50 -05:00
Improve broker.remote_id unit test
2018-10-03 15:50:07 -05:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Parallelize communication tests using btest TEST-PORT
2018-11-04 15:29:59 -06:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Update broker unit test output.
2019-05-23 18:06:47 -07:00
Update broker unit test output.
2019-05-23 18:06:47 -07:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Update broker unit test output.
2019-05-23 18:06:47 -07:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
A few more updates to the digest functions.
2019-01-24 10:44:28 -08:00
Update broker unit test output.
2019-05-23 18:06:47 -07:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Add config framework.
2017-11-29 13:46:59 -08:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Add duration thresholding to the conn-size analyzer.
2019-08-01 11:57:40 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
GH-646: add new "successful_connection_remove" event
2019-11-11 19:52:59 -08:00
Improve analysis of TCP SYN/SYN-ACK reversal situations.
2014-03-11 17:03:59 -05:00
GH-545: add "addl" parameter to flow_weird and net_weird events
2019-08-20 22:45:22 -04:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Merge remote-tracking branch 'origin/topic/jsiwek/fix-dns-double-free'
2011-12-01 16:40:07 -08:00
Merge branch 'Reporter/MessageFix' of https://github.com/catenacyber/bro
2018-04-16 10:58:45 -07:00
Implement ERSPAN support.
2017-02-03 12:29:22 -08:00
Improve ERSPAN Type III support
2019-01-17 18:06:10 -06:00
Added ERSPAN III testing
2019-01-24 14:05:13 +00:00
Moved link-layer addresses into endpoints.
2016-06-02 01:46:26 +02:00
Fix assignments to event arguments becoming visible to subsequent
2017-10-27 13:28:48 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Fix global opaque val segfault, addresses BIT-1071
2013-08-29 17:17:40 -05:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Extract ICMPv6 NDP options and include in ICMP events (addresses #833 ).
2012-06-26 17:10:00 -05:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
BIT-342: add "icmp_sent_payload" event.
2015-03-18 16:16:24 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Improve availability of IPv6 flow label in connection records.
2012-05-22 15:18:33 -05:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Updated affected test case.
2016-04-20 00:23:11 +02:00
Unit test tweaks/fixes.
2012-08-16 16:33:46 -05:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Merge remote-tracking branch 'origin/topic/johanna/remove-serializer'
2019-06-20 13:38:54 -07:00
Fix memory leak due to enum type/val circular references
2019-01-29 18:28:13 -06:00
Fix memory leak due to enum type/val circular references
2019-01-29 18:28:13 -06:00
Add memory leak test of closure (un)serialization
2019-08-07 12:41:22 -07:00
add clustered leak test for hll. No issues.
2013-08-29 14:01:22 -07:00
GH-237: add @load foo.bro -> foo.zeek fallback
2019-04-16 17:49:37 -07:00
Add test cases to verify new file extension is recognized
2019-04-11 12:26:50 -05:00
Add test cases to verify new file extension is recognized
2019-04-11 12:26:50 -05:00
Update tests and baselines due to renaming all scripts
2019-04-11 23:32:58 -05:00
Add test cases to verify new file extension is recognized
2019-04-11 12:26:50 -05:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Fix mobility checksums unit test.
2012-05-17 14:47:09 -05:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Merge branch 'master' of https://github.com/rdenniston/zeek
2019-03-19 19:19:02 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Add config framework.
2017-11-29 13:46:59 -08:00
Make options redef-able by default.
2018-08-10 11:53:36 -07:00
More bro-to-zeek renaming in the unit tests
2019-05-16 02:27:54 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Merge remote-tracking branch 'origin/topic/jazoff/fix-snaplen'
2018-08-21 14:54:55 -05:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Update tests and baselines due to renaming all scripts
2019-04-11 23:32:58 -05:00
A set of various fixes and smaller API tweaks, plus tests.
2014-08-24 19:55:26 -07:00
A set of various fixes and smaller API tweaks, plus tests.
2014-08-24 19:55:26 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Duplicate TCP segment should trigger tcp_multiple_retransmissions
2019-07-28 15:15:40 -06:00
Disable MQTT by default
2019-08-05 17:04:39 -07:00
GH-589: improve printing of sub-microsecond intervals
2019-09-23 19:57:49 -07:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Allow for logging of the VLAN data about a connection in conn.log
2015-07-22 14:13:17 -04:00
Rewrite weird logging.
2016-06-15 13:49:35 -07:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
GH-443: fix uses of timestamp 0 in cluster diagnostic logs
2019-06-27 23:00:42 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Add rate-limiting sampling mechanism for weird events
2018-07-26 19:57:36 -05:00
Permit weird sampling rate of 0.
2018-09-05 13:12:23 -07:00
Moved link-layer addresses into endpoints.
2016-06-02 01:46:26 +02:00
Refined state machine update placement to (1) properly deal with gaps capped
2019-04-22 09:13:23 -07:00
Refined state machine update placement to (1) properly deal with gaps capped
2019-04-22 09:13:23 -07:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
GH-618: add "tcp_options" event containing TCP option values
2019-10-03 18:59:02 -07:00
Extending rexmit_inconsistency() event to receive an additional
2015-10-26 14:16:08 -07:00
Moved link-layer addresses into endpoints.
2016-06-02 01:46:26 +02:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Duplicate TCP segment should trigger tcp_multiple_retransmissions
2019-07-28 15:15:40 -06:00
Fix potential crash TCP headers were captured incompletely.
2015-08-30 18:49:05 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Merge branch 'ntp-rewrite' of https://github.com/mauropalumbo75/zeek
2019-06-15 19:11:34 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
BIT-1798: fix PPTP GRE tunnel decapsulation
2018-08-14 16:48:04 -05:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Add parsing for GTPv1 extension headers and control messages.
2013-02-07 14:59:02 -06:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Add parsing for GTPv1 extension headers and control messages.
2013-02-07 14:59:02 -06:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Refined state machine update placement to (1) properly deal with gaps capped
2019-04-22 09:13:23 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
Merge branch 'p-l--topic/support-wlan-monitor'
2018-05-15 13:32:34 -04:00
Refactor X509 generalizedtime support and test.
2015-09-18 12:46:49 -07:00
GH-618: add "tcp_options" event containing TCP option values
2019-10-03 18:59:02 -07:00
Update unit test output to match json.zeek being deprecated and slight format changes to JSON output
2019-07-02 13:14:52 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
GH-618: add "tcp_options" event containing TCP option values
2019-10-03 18:59:02 -07:00
Merge remote-tracking branch 'origin/topic/dev/print-to-log'
2019-12-02 13:47:09 -08:00
Update unit test output to match json.zeek being deprecated and slight format changes to JSON output
2019-07-02 13:14:52 -07:00
Fix ZEEK_PROFILER_FILE file format/parsing
2019-11-07 16:47:09 -08:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
Rename Zeexygen to Zeekygen
2019-05-02 21:39:21 -07:00
GH-427: improve default ID values shown by Zeekygen
2019-06-24 19:02:05 -07:00
Add parsing rules for IPv4/IPv6 subnet literal constants, addresses #888
2012-10-22 15:57:21 -05:00
Add more language tests
2012-09-04 17:39:00 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Change @PATH to @DIR for clarity. Add @FILENAME. Addresses #869 .
2013-06-05 11:01:11 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Add more language tests
2012-08-31 14:05:02 -05:00
Merge remote-tracking branch 'origin/topic/johanna/bit-1976'
2018-08-29 18:28:54 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Add more language tests
2012-08-31 14:05:02 -05:00
Add more language tests
2012-08-31 14:05:02 -05:00
Add more language tests
2012-08-31 14:05:02 -05:00
BIT-1288: Improve coercion of &default expressions.
2014-11-18 12:40:16 -06:00
Improve &default validation for global vars: exclude sets
2019-10-15 18:24:35 -07:00
Add more language tests
2012-09-04 17:39:00 -05:00
fix bug in serialization test
2019-07-25 11:53:16 -07:00
Allow serialization of closures over Broker.
2019-07-12 10:31:40 -07:00
Merge remote-tracking branch 'origin/topic/seth/zeek_init'
2019-04-19 11:24:29 -07:00
Add more language tests
2012-08-29 17:14:03 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Fix TableVal::DoClone to use CloneState cache
2019-06-20 18:34:36 -07:00
Merge remote-tracking branch 'upstream/master' into paraglob
2019-06-20 14:14:48 -07:00
Finish implementation of copy method.
2019-05-22 14:29:37 -07:00
GH-293: Protect copy() against reference cycles.
2019-06-03 15:20:30 +00:00
test suite for bitwise operators
2018-04-26 13:25:04 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
GH-654: allow table() in function &default expressions
2019-10-25 13:00:46 -07:00
GH-171: support warning messages alongside deprecated attributes
2019-06-20 22:57:15 -07:00
Add more language tests
2012-09-04 17:39:00 -05:00
Add tests of the Bro scripting language
2012-08-24 11:32:49 -05:00
Fix ref-counting bug in EnumType copy ctor
2019-07-15 12:42:56 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Some more testing fixes.
2019-04-14 09:58:30 -04:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Fix the expire-redef.bro test
2017-08-10 14:15:31 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
&expire_func(table, arg1, arg2, ...) + type checking.
2019-07-18 12:11:27 -07:00
Check that there is only one of read, write, create_expire
2016-03-18 12:34:26 -07:00
Check that there is only one of read, write, create_expire
2016-03-18 12:34:26 -07:00
Check that there is only one of read, write, create_expire
2016-03-18 12:34:26 -07:00
GH-589: improve printing of sub-microsecond intervals
2019-09-23 19:57:49 -07:00
Add tests of the Bro scripting language
2012-08-24 11:32:49 -05:00
Add key-value for loop
2019-03-14 09:46:16 -07:00
Fix function type-equivalence requiring same param names, addresses #957
2013-03-07 13:02:33 -06:00
Add tests of the Bro scripting language
2012-08-24 11:32:49 -05:00
Frame merge and cleanup for merge.
2019-07-25 11:19:17 -07:00
Allow serialization of closures over Broker.
2019-07-12 10:31:40 -07:00
Fix precedence of hook
2016-06-13 16:02:06 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Add tests of the Bro scripting language
2012-08-24 11:32:49 -05:00
Fix segfault when incrementing whole vector values.
2012-07-13 14:32:50 -05:00
Merge remote-tracking branch 'origin/topic/seth/zeek_init'
2019-04-19 11:24:29 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Add more language tests
2012-09-04 17:39:00 -05:00
GH-219: fix |x| operator int overflow / floating point type inconsistency
2019-01-22 16:42:40 -06:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Change IPv6 output format to no longer automatically be bracketed.
2012-05-07 12:55:54 -05:00
Add key-value for loop
2019-03-14 09:46:16 -07:00
Add more language tests
2012-08-29 17:14:03 -05:00
fix bug in serialization test
2019-07-25 11:53:16 -07:00
Fix record coercion tolerance of optional fields.
2013-10-23 11:37:23 -05:00
Improve set constructor argument coercion.
2013-05-29 16:49:12 -05:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Allow named vector constructors. Addresses #983 .
2013-05-30 10:57:28 -05:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Allow access to global variables using GLOBAL:: namespace.
2016-12-07 15:28:34 -08:00
Add tests of the Bro scripting language
2012-08-24 11:32:49 -05:00
Add lambda expressions with closures to Zeek.
2019-06-20 18:43:56 -07:00
Fix creating a StringVal from std::string.
2019-06-26 11:41:39 -07:00
Make paraglob serializable and copyable.
2019-06-04 14:56:48 -07:00
use PCRE syntax instead of the beautiful new (?i ...) syntax
2018-06-29 13:01:05 -07:00
Add more language tests
2012-09-04 17:39:00 -05:00
Add more language tests
2012-08-29 17:14:03 -05:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
GH-654: allow table() in record &default expressions
2019-10-25 12:48:52 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Fix crash when printing type of recursive structures.
2016-02-03 13:22:05 -08:00
GH-151: fix hash calculation for nested sets
2019-01-18 20:54:22 -06:00
BIT-1909: fix invalid redef'd record field accesses
2018-04-11 16:23:26 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Fix use-after-free in some cases of reassigning a table index.
2014-06-10 13:38:32 -05:00
BIT-466: add redef += support to vectors
2018-08-17 15:16:15 -05:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
documentation, test suite update
2018-07-20 08:57:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Add tests of the Bro scripting language
2012-08-24 11:32:49 -05:00
GH-219: fix |x| operator int overflow / floating point type inconsistency
2019-01-22 16:42:40 -06:00
Add more language tests
2012-09-04 17:39:00 -05:00
Support omission of string slice low/high indices, BIT-1097.
2013-12-04 15:11:48 -06:00
Add parsing rules for IPv4/IPv6 subnet literal constants, addresses #888
2012-10-22 15:57:21 -05:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Finish implementation of script-layer switch statement. Addresses #754 .
2012-12-20 12:49:50 -06:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Fix ambiguity between composite table index and record ctor expressions.
2012-11-16 12:43:39 -06:00
Table lookups return copy of non-const &default vals (addresses #981 ).
2013-05-03 11:22:15 -05:00
Allow local table variables to be initialized with {} list expressions.
2012-01-04 16:44:25 -06:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Merge branch 'table-error' of https://github.com/ZekeMedley/zeek
2019-05-28 10:51:50 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Fix redef'ing a table with a new &default attribute
2019-10-11 18:57:03 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Add more language tests
2012-09-04 17:39:00 -05:00
Add tests of the Bro scripting language
2012-08-24 11:32:49 -05:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Fix is/as operators on vector values
2018-09-10 14:54:54 -05:00
Merge remote-tracking branch 'origin/topic/timw/159-coerce-counts'
2019-06-04 17:57:15 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Add ability to grow/shrink a vector using slicing, also adds Insert/Remove methods for VectorVal
2019-06-17 15:34:24 -07:00
Support appending to vector of any
2018-11-07 11:48:43 -06:00
BIT-1280: Fix checking vector indices via "in".
2014-10-28 14:21:16 -05:00
Improve type inference for vector-of-enum constructor
2019-07-25 23:27:47 -07:00
Improve type inference for vector-of-enum constructor
2019-07-25 23:27:47 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Allow iterating over bif functions with result type vector of any.
2014-02-25 15:30:29 -08:00
Fix race condition in language/when.bro test
2012-09-24 18:20:42 -05:00
Add new test for when-statement watching global variables.
2019-06-07 23:17:29 +00:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Update docs and tests for bro_(init|done) -> zeek_(init|done)
2019-04-14 08:49:12 -04:00
GH-236: Add zeek_script_loaded event, deprecate bro_script_loaded
2019-04-19 12:02:22 -07:00
Bro plugins should support a patch version (x.y.z)
2018-09-30 20:30:22 -04:00
Bro plugins should support a patch version (x.y.z)
2018-09-30 20:30:22 -04:00
Bro plugins should support a patch version (x.y.z)
2018-09-30 20:30:22 -04:00
GH-646: add new "successful_connection_remove" event
2019-11-11 19:52:59 -08:00
Bro plugins should support a patch version (x.y.z)
2018-09-30 20:30:22 -04:00
Additional Bro to Zeek renaming
2019-05-19 16:51:36 -05:00
Plugin: Add hooks for log init and writing.
2017-04-24 14:02:05 -07:00
Bro plugins should support a patch version (x.y.z)
2018-09-30 20:30:22 -04:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Bro plugins should support a patch version (x.y.z)
2018-09-30 20:30:22 -04:00
Bro plugins should support a patch version (x.y.z)
2018-09-30 20:30:22 -04:00
Bro plugins should support a patch version (x.y.z)
2018-09-30 20:30:22 -04:00
Bro plugins should support a patch version (x.y.z)
2018-09-30 20:30:22 -04:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Make "in" keyword work with binary data.
2017-09-18 12:12:38 -07:00
Add a file entropy test.
2016-04-13 00:44:02 -04:00
Extend file extraction log.
2017-01-25 01:16:46 -05:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Fix parsing of x509 pre-y2k dates
2016-04-26 12:30:28 -07:00
SCT: Allow verification of SCTs in Certs.
2017-03-29 09:17:24 -07:00
SCT: add validation of proofs for extensions and OCSP.
2017-03-29 09:04:05 -07:00
Moving all analyzers over to new structure.
2013-04-16 20:52:03 -07:00
GH-387: update Broker topic names to use "zeek/" prefix
2019-05-29 15:56:37 -07:00
GH-387: update Broker topic names to use "zeek/" prefix
2019-05-29 15:56:37 -07:00
Add Broker::forward() function
2018-08-28 19:42:22 -05:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Misc. unit test improvements
2018-08-10 16:58:27 -05:00
GH-387: update Broker topic names to use "zeek/" prefix
2019-05-29 15:56:37 -07:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
Continue work on config framework clusterization.
2018-06-27 10:47:17 -07:00
Add sending of values to nodes that dropped out.
2018-06-29 13:10:00 -07:00
GH-591: allow Config::set_value() to use empty/unspecified table/sets
2019-10-02 22:13:43 -07:00
Support whitespace at end of line for config reader.
2019-10-14 11:43:16 -04:00
Update broker unit test output.
2019-05-23 18:06:47 -07:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
Weird settings: make constants into options.
2018-09-05 13:12:23 -07:00
Add DPD::max_violations option
2019-07-19 13:00:02 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Update tests to reflect new error msg.
2019-06-24 09:34:02 -07:00
Fixing tests
2017-01-25 02:06:35 -05:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
Updates the files event api and brings file reassembly up to master.
2014-09-26 00:40:37 -04:00
Fixing tests
2017-01-25 02:06:35 -05:00
Adding test with command line that used to trigger a crash.
2017-01-31 14:52:37 -08:00
Updates the files event api and brings file reassembly up to master.
2014-09-26 00:40:37 -04:00
Merge branch 'topic/robin/ascii-escape-normalization'
2015-04-21 15:59:54 -07:00
Merge branch 'topic/robin/ascii-escape-normalization'
2015-04-21 15:59:54 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Merge branch 'topic/robin/ascii-escape-normalization'
2015-04-21 15:59:54 -07:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Fixing tests
2017-01-25 02:06:35 -05:00
OCSP/TLS/SCT: Fix a number of test failures.
2017-05-06 08:01:20 -07:00
Make paraglob serializable and copyable.
2019-06-04 14:56:48 -07:00
Make parsing of booleans a little bit more lenient.
2018-08-10 10:03:22 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Add config framework.
2017-11-29 13:46:59 -08:00
GH-591: fix reading set[enum] values from input files
2019-10-02 22:09:16 -07:00
Merge remote-tracking branch 'origin/topic/johanna/config'
2018-02-07 14:10:48 -08:00
Be more liberal with whitespaces for ip-addresses, subnets, etc.
2019-02-19 15:06:06 -08:00
Fixed &default values ignored by input framework.
2016-06-16 01:02:51 +02:00
Improve introspection of Record and TypeType values
2018-10-18 15:10:02 -05:00
fix crash when all value fields of imported table are uninitialized.
2012-03-22 10:59:36 -07:00
GH-378: check validity of missing 'val' field in Input::add_table
2019-05-24 10:30:49 -07:00
Improve introspection of Record and TypeType values
2018-10-18 15:10:02 -05:00
Ascii reader error changes - fix small bugs
2017-03-03 12:42:44 -08:00
Add input file name to additional ASCII reader warning messages
2019-05-24 16:04:06 -07:00
Add input file name to additional ASCII reader warning messages
2019-05-24 16:04:06 -07:00
Add input file name to additional ASCII reader warning messages
2019-05-24 16:04:06 -07:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
make want_record field for tablefilter work...
2011-11-21 15:09:00 -08:00
make want_record field for tablefilter work...
2011-11-21 15:09:00 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Make paraglob serializable and copyable.
2019-06-04 14:56:48 -07:00
make test more robust.
2011-12-06 10:50:36 -08:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
add very basic predicate test.
2011-11-21 15:36:03 -08:00
fix one of the bugs seth found in the input framework.
2012-02-22 10:46:35 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
fix little sneaky bug in input framework with an edge case.
2012-08-04 22:38:26 -07:00
Improve introspection of Record and TypeType values
2018-10-18 15:10:02 -05:00
Improve introspection of Record and TypeType values
2018-10-18 15:10:02 -05:00
BIT-1941: improve unit test stability
2018-07-03 15:00:52 -05:00
BIT-1941: improve unit test stability
2018-07-03 15:00:52 -05:00
small fixes.
2013-05-27 22:59:27 -07:00
Fix offset=-1 (eof) for raw reader
2015-09-16 15:16:04 -07:00
Improve introspection of Record and TypeType values
2018-10-18 15:10:02 -05:00
Improve an input framework unit test
2018-07-17 17:51:52 -05:00
BIT-1941: improve unit test stability
2018-07-03 15:00:52 -05:00
Updating input framework unit tests.
2012-06-29 12:50:57 -05:00
Improve introspection of Record and TypeType values
2018-10-18 15:10:02 -05:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates for the addition of local_resp.
2015-02-23 16:25:11 -08:00
make sqlite3 executable required and add test-cases for errors
2013-05-14 22:09:46 -07:00
make sqlite support more or less work for logging and input
2013-01-15 16:01:30 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Fix race-condition in table-event test.
2013-03-07 20:28:18 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Change Intel framework to round-robin insertion events across proxies
2018-05-24 14:36:22 -05:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Source file path control for Input and Intel frameworks
2019-03-15 16:43:36 -07:00
Refactored FAF integration of intel framework.
2016-06-15 21:56:53 +02:00
Refactored FAF integration of intel framework.
2016-06-15 21:56:53 +02:00
Update tests and baselines due to renaming all scripts
2019-04-11 23:32:58 -05:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Update unit tests for JSON logger to match new output
2019-07-02 13:14:52 -07:00
Updating tests for the #start/#end change.
2012-07-19 22:28:55 -07:00
Tests updates for recent open/close log change.
2012-07-27 12:39:11 -07:00
In bifs, change ODesc objects to have RAW_STYLE.
2015-04-16 21:50:50 -07:00
Escape the empty indicator in logs if it occurs literally as a field's
2016-07-05 16:34:24 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Add gzip log writing to the ascii writer.
2017-04-24 13:15:32 -07:00
GH-606: Output nulls into json data if a field isn't set
2019-09-27 14:12:48 -07:00
GH-186: fix JSON formatting of timestamps before Unix epoch
2018-10-12 21:34:28 +00:00
Merge branch 'master' of https://github.com/aeppert/bro
2015-10-26 16:52:47 -07:00
Merge remote-tracking branch 'origin/topic/timw/cleaner-utf8'
2019-07-29 09:25:25 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Updating tests for the #start/#end change.
2012-07-19 22:28:55 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Renaming ASCII writer filter option 'only_single_header_row' to 'tsv'.
2012-12-03 14:40:38 -08:00
Added optional script and redef bool to enable utf-8 in ASCII logs
2019-07-23 11:59:33 -07:00
Added Jon's test cases as unit tests
2019-07-23 11:59:33 -07:00
Added Jon's test cases as unit tests
2019-07-23 11:59:33 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Logging: implement get_filter_names and small fixes.
2018-01-17 09:47:20 -08:00
Updating tests for the #start/#end change.
2012-07-19 22:28:55 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Update tests to reflect new error msg.
2019-06-24 09:34:02 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Fix invalid memory free when using Log::default_field_name_map
2018-09-10 19:06:35 -05:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Extending the log writer DoInit() API.
2012-06-21 17:42:33 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Added a non boolean configuration and other changes as suggested by Jon
2019-11-26 21:53:21 -08:00
Added a non boolean configuration and other changes as suggested by Jon
2019-11-26 21:53:21 -08:00
Logging: implement get_filter_names and small fixes.
2018-01-17 09:47:20 -08:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
rename the dbname configuration option to tablename.
2013-10-17 12:24:40 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Enable SQLite shared cache mode.
2016-07-21 12:10:20 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
GH-387: update Broker topic names to use "zeek/" prefix
2019-05-29 15:56:37 -07:00
Parallelize communication tests using btest TEST-PORT
2018-11-04 15:29:59 -06:00
NetControl: add rule exists as state besides added and failure.
2016-03-24 15:06:07 -07:00
BIT-1941: improve unit test stability
2018-07-03 15:00:52 -05:00
GH-387: update Broker topic names to use "zeek/" prefix
2019-05-29 15:56:37 -07:00
NetControl: allow reasons in remove_rule calls.
2016-08-05 10:49:09 -07:00
Rewrite internal handling of rules.
2016-03-09 15:43:47 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Rewrite internal handling of rules.
2016-03-09 15:43:47 -08:00
NetControl: add rule exists as state besides added and failure.
2016-03-24 15:06:07 -07:00
NetControl: add rule exists as state besides added and failure.
2016-03-24 15:06:07 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
NetControl: add rule exists as state besides added and failure.
2016-03-24 15:06:07 -07:00
Rewrite internal handling of rules.
2016-03-09 15:43:47 -08:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
Parallelize communication tests using btest TEST-PORT
2018-11-04 15:29:59 -06:00
Update OpenFlow API and events.
2016-02-11 13:10:40 -08:00
Update OpenFlow API and events.
2016-02-11 13:10:40 -08:00
Improve RecordVal JSON formatting
2019-09-30 19:04:55 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
Use .zeek file suffix in unit tests
2019-04-16 16:08:57 -07:00
GH-281: Improve parsing of Google Pixel user agent
2019-02-25 14:07:53 -06:00
Fix problems with SumStats non-cluster.bro script
2018-01-18 11:14:39 -06:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Updates for SumStats API to deal with high memory stats.
2013-08-02 12:44:33 -04:00
Fix SumStats "last" plugin in cluster mode
2018-11-08 12:27:37 -06:00
Updates for SumStats API to deal with high memory stats.
2013-08-02 12:44:33 -04:00
Updates for SumStats API to deal with high memory stats.
2013-08-02 12:44:33 -04:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Updating tests for HLL merge.
2013-08-31 11:17:49 -07:00
topk for sumstats
2013-04-23 15:19:01 -07:00
add topk cluster test
2013-04-24 15:30:24 -07:00
More bro-to-zeek renaming in the unit tests
2019-05-16 02:27:54 -05:00
GH-488: teach the Version module to parse new version scheme
2019-07-25 23:05:06 -07:00
Add convenient way to access version information to Bro.
2016-09-29 12:45:48 -07:00
Add bad ARP tests
2018-05-18 17:39:53 +02:00
ARP: remove unnecessary variables and add testcase
2016-04-27 06:51:04 -07:00
Add tests for ARP in 802.11 (w & w/o RadioTAP)
2018-05-15 18:15:17 +02:00
Add tests for ARP in 802.11 (w & w/o RadioTAP)
2018-05-15 18:15:17 +02:00
Change IPv6 address/prefix output format to be bracketed.
2012-05-04 11:21:18 -05:00
Fix duplication of new_connection_contents event
2016-05-17 10:32:13 -07:00
Add an example of a GridFTP data channel detection script.
2012-10-01 12:32:24 -05:00
Add duration thresholding to the conn-size analyzer.
2019-08-01 11:57:40 -07:00
Add duration thresholding to the conn-size analyzer.
2019-08-01 11:57:40 -07:00
Fix tracking of DCE-RPC context identifier mappings
2018-08-23 15:11:38 -05:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
GH-541: add test cases for NTLM AV Pair sequence handling
2019-08-26 10:28:46 -07:00
GH-541: add test cases for NTLM AV Pair sequence handling
2019-08-26 10:28:46 -07:00
Rework to the DHCP analyzer.
2018-03-01 08:36:32 -08:00
GH-485: fix cases where DHCP log omits MAC field
2019-07-26 20:05:15 -07:00
Rework to the DHCP analyzer.
2018-03-01 08:36:32 -08:00
Rework to the DHCP analyzer.
2018-03-01 08:36:32 -08:00
Merge branch '001-dhcp-options' of https://github.com/jrwren/zeek
2019-05-24 18:08:34 -07:00
Rework to the DHCP analyzer.
2018-03-01 08:36:32 -08:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Update &check'd fields in various protocol parsers
2018-04-18 18:16:34 -05:00
Add DNS tests for huge TLL and CAA
2016-04-25 15:43:20 -07:00
Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7
2018-09-21 16:40:41 -05:00
Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7
2018-09-21 16:40:41 -05:00
Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7
2018-09-21 16:40:41 -05:00
Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7
2018-09-21 16:40:41 -05:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Add DNS tests for huge TLL and CAA
2016-04-25 15:43:20 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7
2018-09-21 16:40:41 -05:00
Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7
2018-09-21 16:40:41 -05:00
Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7
2018-09-21 16:40:41 -05:00
DNS: Add support for SPF response records
2019-06-14 10:18:37 -05:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
added 'g' $history character for content gaps
2019-04-17 14:20:48 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Add tests for {http,mime}_all_headers events
2019-08-13 11:28:00 -07:00
Merge branch 'Fix_http_build_url' of ssh://github.com/Olerdrive/zeek
2019-10-28 09:32:32 +00:00
Fix file analysis placement of data after gap in HTTP Content-Range.
2014-09-11 12:25:43 -05:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Duplicate TCP segment should trigger tcp_multiple_retransmissions
2019-07-28 15:15:40 -06:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
Add support of getting server capabilities to IMAP parser.
2015-07-23 11:15:57 -07:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Duplicate TCP segment should trigger tcp_multiple_retransmissions
2019-07-28 15:15:40 -06:00
Merge branch 'master' of https://github.com/marktayl/bro
2016-02-12 18:55:25 -08:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
KRB: do not set authentication info to nouser.
2018-06-01 12:32:34 -07:00
Add krb unit test
2018-05-10 10:14:30 -04:00
KRB: do not set keytab by default.
2018-06-01 12:46:26 -07:00
Added and verified correct test results
2017-09-17 21:25:59 +00:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Add some documentation for modbus data types.
2016-06-18 01:46:07 -04:00
Add some documentation for modbus data types.
2016-06-18 01:46:07 -04:00
Remove variable content from weird names
2019-04-01 18:30:11 -07:00
Remove variable content from weird names
2019-04-01 18:30:11 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Convert some BinPAC &check expressions to &enforce
2018-04-19 14:07:40 -05:00
Merge remote-tracking branch 'origin/topic/jsiwek/gh-684-fix-rpc-parsing'
2019-11-21 08:50:28 -08:00
GH-474: add MQTT::max_payload_size option
2019-08-02 14:28:55 -07:00
GH-474: add MQTT::max_payload_size option
2019-08-02 14:28:55 -07:00
GH-474: change MQTT::max_payload_size to be a runtime option
2019-08-05 18:11:54 -07:00
Fixes for MySQL and SMB protocol parsers
2018-05-18 10:31:36 -05:00
Add a test with an encrypted MySQL connection
2018-10-29 15:58:06 -05:00
Fixes for MySQL and SMB protocol parsers
2018-05-18 10:31:36 -05:00
Migrate NCP analyzer to use latest analyzer API
2018-05-22 16:27:07 -05:00
Add NCP::max_frame_size tuning option
2018-05-22 18:27:52 -05:00
Merge remote-tracking branch 'origin/topic/jsiwek/gh-684-fix-rpc-parsing'
2019-11-21 08:50:28 -08:00
Merge branch 'ntp-rewrite' of https://github.com/mauropalumbo75/zeek
2019-06-15 19:11:34 -07:00
Merge branch 'ntp-rewrite' of https://github.com/mauropalumbo75/zeek
2019-06-15 19:11:34 -07:00
Merge branch 'ntp-rewrite' of https://github.com/mauropalumbo75/zeek
2019-06-15 19:11:34 -07:00
Merge branch 'ntp-rewrite' of https://github.com/mauropalumbo75/zeek
2019-06-15 19:11:34 -07:00
Merge branch 'ntp-rewrite' of https://github.com/mauropalumbo75/zeek
2019-06-15 19:11:34 -07:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
GH-684: Fix parsing of RPC calls with non-AUTH_UNIX flavors
2019-11-13 13:14:14 -08:00
GH-209: replace "remote_ip" field of radius.log with "tunnel_client"
2019-06-05 11:11:49 -07:00
GH-209: replace "remote_ip" field of radius.log with "tunnel_client"
2019-06-05 11:11:49 -07:00
Merge branch 'rdp_client_cluster_data' of https://github.com/neslog/zeek
2019-06-20 20:41:16 -07:00
Merge branch 'rdp_client_security' of https://github.com/neslog/zeek
2019-06-06 16:53:48 -07:00
Merge branch 'master' of https://github.com/anthonykasza/zeek
2019-06-06 17:22:49 -07:00
RDP: Update existing baselines with new client_channels field
2019-05-28 09:31:32 -05:00
RDP: Update existing baselines with new client_channels field
2019-05-28 09:31:32 -05:00
RDP: Update existing baselines with new client_channels field
2019-05-28 09:31:32 -05:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
GH-320: Improve RFB (VNC) protocol parsing
2019-04-03 13:59:03 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Including a test for raw NTLM in SMB
2016-10-26 10:41:08 -04:00
Merge remote-tracking branch 'origin/master' into topic/seth/smb
2016-08-08 15:46:49 -04:00
Merge remote-tracking branch 'origin/master' into topic/seth/smb
2016-08-08 15:46:49 -04:00
add test for smb1_com_transaction_request event changes
2018-01-12 13:00:05 +01:00
add test for smb1_com_transaction_response event changes
2018-01-19 14:29:31 +01:00
add test for smb1_com_transaction_secondary_request event changes
2018-01-19 14:29:09 +01:00
add test for smb1_com_transaction2_request event changes
2018-01-19 14:29:20 +01:00
add test for smb1_com_transaction2_secondary_request event changes
2018-01-19 14:29:26 +01:00
Add unit tests for new SMB2 event -- smb2_file_sattr.
2018-04-04 16:55:10 -04:00
Merge branch 'smb2-fix' of https://github.com/mauropalumbo75/zeek
2019-03-20 18:01:35 -07:00
Merge branch 'smb2_write_response' of https://github.com/mauropalumbo75/zeek
2019-04-12 10:13:41 -07:00
clean up, test and pcap for transform_header added
2019-02-21 12:01:02 +01:00
Merge branch '555-smb3-negotiate-context-fix' of https://github.com/mad/zeek
2019-08-27 10:08:42 -07:00
Merge branch 'smb3-negotiate-response' of https://github.com/mauropalumbo75/zeek
2019-03-21 14:13:21 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Add tests for {http,mime}_all_headers events
2019-08-13 11:28:00 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Correct endianness of IP addresses in SNMP.
2016-07-26 15:02:11 -07:00
Correct endianness of IP addresses in SNMP.
2016-07-26 15:02:11 -07:00
Add SNMP datagram parsing support.
2014-02-18 14:41:32 -06:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Do not log SOCKS passwords by default.
2017-12-01 14:36:57 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Changing the start/end markers in logs to open/close now reflecting
2012-07-27 12:15:21 -07:00
Update btest baselines for fix in 46f727a6fa
2018-10-23 10:49:53 -05:00
Update baselines for SSH capabilities fix
2018-10-16 10:33:52 -05:00
Merge remote-tracking branch 'origin/topic/vladg/bit-1641'
2016-10-18 21:57:27 -04:00
GH-566: fix cases where ssh_encrypted_packet event wasn't raised
2019-09-03 17:34:24 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Do not log common name by default (it is most interesting for scripts)
2015-03-03 16:38:25 -08:00
Add compression methods to ssl_client_hello event.
2017-02-03 11:48:55 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
SSL: update dpd signature for TLS1.3
2017-04-05 08:58:08 -07:00
Make parsing of ServerKeyExchange work for D(TLS) < 1.2.
2017-11-30 12:20:45 -08:00
Update DTLS error handling
2019-04-04 12:27:42 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Introduce ssl_plaintext_data event.
2017-02-03 13:58:26 -08:00
Include all data of the server-hello random
2019-04-29 15:25:47 -04:00
Fix small OCSP parser bug.
2017-09-11 09:26:33 -07:00
Fix small OCSP parser bug.
2017-09-11 09:26:33 -07:00
Fix small OCSP parser bug.
2017-09-11 09:26:33 -07:00
Fix small OCSP parser bug.
2017-09-11 09:26:33 -07:00
Fix small OCSP parser bug.
2017-09-11 09:26:33 -07:00
Implement verification of OCSP replies.
2014-05-16 10:32:08 -07:00
Make parsing of ServerKeyExchange work for D(TLS) < 1.2.
2017-11-30 12:20:45 -08:00
SSL: test updates for record_layer version
2018-08-28 11:02:20 -07:00
Change ciphers in changes ciphers from a set to a vector.
2013-12-04 11:38:15 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Include all data of the server-hello random
2019-04-29 15:25:47 -04:00
Parse pre-shared-key extension.
2019-04-22 23:02:39 +02:00
Make parsing of ServerKeyExchange work for D(TLS) < 1.2.
2017-11-30 12:20:45 -08:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Recognize TLS 1.3 negotiation correctly.
2018-03-27 14:58:06 -07:00
support the newer TLS 1.3 key_share extension.
2019-06-03 14:40:33 +10:00
Fix read at invalid address in X509 extension parser.
2018-06-04 12:05:56 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Make Syslog analyzer accept messages that omit Priority
2019-03-14 18:47:32 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Fix behavior of connection_pending event
2016-07-26 15:49:51 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
GH-340: Improve IPv4/IPv6 regexes, extraction, and validity functions
2019-04-18 19:04:39 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
extract_filename_from_content_disposition is still hacky but more closely aligns with RFC5987
2013-07-09 14:05:36 -04:00
Merge topic/actor-system throug a squashed commit.
2018-05-18 22:39:23 +00:00
Merge remote-tracking branch 'origin/topic/timw/595-json-perf'
2019-10-01 16:42:59 -07:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Fixed the measurement "sample" plugin.
2013-04-02 00:19:06 -04:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Changing what's escaped when printing.
2015-04-15 16:59:50 -07:00
Updates for the urls.bro script. Fixes BIT-1404.
2015-06-01 11:38:26 -04:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
Change default value of peer_description "zeek"
2019-06-06 19:49:30 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
GH-646: add new "successful_connection_remove" event
2019-11-11 19:52:59 -08:00
GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.
2019-05-01 21:43:45 +00:00
Add rate-limiting sampling mechanism for weird events
2018-07-26 19:57:36 -05:00
update tests
2019-07-31 15:48:30 +02:00
update tests
2019-07-31 15:48:30 +02:00
Merge branch 'known_services_multiprotocols' of https://github.com/mauropalumbo75/zeek
2019-08-09 10:47:34 -07:00
Fix unit tests for new ordering from NetSessions::Drain
2019-08-21 09:24:02 -04:00
Merge branch 'topic/jgras/dpd-late-match' of https://github.com/J-Gras/zeek
2019-09-17 11:17:41 -07:00
update tests
2019-07-31 15:48:30 +02:00
Adding tests for Flash version parsing and plugin detection.
2015-07-30 07:23:14 -07:00
Merge branch 'patch-1' of https://github.com/neu5ron/bro
2019-03-13 13:49:17 -07:00
I missed one test I needed to update for the kerberos commit that I just pushed.
2017-02-22 00:02:51 -05:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
Finishing touches of the x509 file analyzer.
2014-03-13 15:21:30 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Fix x509 certificate Version (the +1 was missing...).
2014-03-19 21:46:19 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
Baseline updates after hash function change.
2016-07-13 10:11:37 -07:00
SCT: Add signed certificate timestamp validation script.
2017-03-29 09:17:30 -07:00
GH-379: move catch-and-release and unified2 scripts to policy/
2019-06-05 13:33:45 -07:00
Update test baseline.
2019-07-18 14:06:34 -07:00
Test-suite passes.
2013-03-26 15:40:23 -07:00
Fix a couple of problems with signature matching.
2016-10-19 14:23:43 -07:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Make tunnel_parents in conn.log optional.
2018-01-12 13:46:00 -08:00
Update tests to reflect new error msg.
2019-06-24 09:34:02 -07:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Fix signatures that use identifiers of type table.
2013-09-05 13:01:40 -05:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Fix assignments to event arguments becoming visible to subsequent
2017-10-27 13:28:48 -07:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
Add IPv6 support to signature header conditions.
2012-10-17 11:11:51 -05:00
GH-173: Support ranges of values for value_list elements in the signature parser
2019-05-23 10:58:04 -07:00
GH-664: fix signature matching for payload-carrying SYN packets
2019-10-29 17:20:08 -07:00
GH-353: Add /<re>/i case-insensitive signature syntax
2019-05-06 14:22:12 -07:00
Sorting test output for stability.
2015-04-09 15:22:59 -07:00
Fix a couple of problems with signature matching.
2016-10-19 14:23:43 -07:00
