mirror of
https://github.com/zeek/zeek.git
synced 2025-10-08 01:28:20 +00:00
3642ecc73e
- Add a timeout flag to file_analysis.log so it's easy to tell what has had at least one timeout trigger happen. - Fix ftp-data service tag not being set for reused connections. - Fix HTTP::Incorrect_File_Type because mime types returned by FAF have the charset still in them, but the HTTP::mime_types_extensions table does not and it requires an exact string match. (still ugly) - Add TRIGGER_NEW_CONN to track files going over multiple connections. - Add an initial file/mime type guess for non-linear file transfers. - Fix a case where file/mime type detection would never be attempted if the start of the file was a content gap. - Improve mime type tracking of HTTP byte-range/partial-content, even if the requests are pipelined or over multiple connections. - I changed the modbus.events test because having the baseline output be 80+ MB is nuts and it was sensitive to connection record redefs. |
||
|---|---|---|
| .. | ||
| cluster | ||
| communication | ||
| control | ||
| dpd | ||
| file-analysis | ||
| input | ||
| intel | ||
| logging | ||
| metrics | ||
| notice | ||
| packet-filter | ||
| reporter | ||
| signatures | ||
| software | ||
| tunnels | ||