mirror of
https://github.com/zeek/zeek.git
synced 2025-10-15 04:58:21 +00:00
64aa5e3025
* origin/topic/awelzel/4605-conn-id-context:
NEWS: Adapt for conn_id$ctx introduction
conn_key/fivetuple: Drop support for non conn_id records
Conn: Move conn_id init and flip to IPBasedConnKey
IPBasedConnKey: Add GetTransportProto() helper
input/Manager: Ignore empty record types
external: Bump commit hashes for external suites
ip/vlan_fivetuple: Populate nested conn_id_context, not conn_id
ConnKey: Extend DoPopulateConnIdVal() with ctx
btest: Update tests and baselines after adding ctx to conn_id
init-bare: Add conn_id_ctx to conn_id
(cherry picked from commit 388cbcee48)
54 lines
2 KiB
Text
54 lines
2 KiB
Text
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
|
[zeek, -b, <...>/record-fields.zeek]
|
|
connection {
|
|
* dpd: record DPD::Info, log=F, optional=T
|
|
DPD::Info {
|
|
* analyzer: string, log=T, optional=F
|
|
* failure_reason: string, log=T, optional=F
|
|
* id: record conn_id, log=T, optional=F
|
|
conn_id {
|
|
* ctx: record conn_id_ctx, log=T, optional=T
|
|
conn_id_ctx {
|
|
}
|
|
* orig_h: addr, log=T, optional=F
|
|
* orig_p: port, log=T, optional=F
|
|
* resp_h: addr, log=T, optional=F
|
|
* resp_p: port, log=T, optional=F
|
|
}
|
|
* proto: enum transport_proto, log=T, optional=F
|
|
* ts: time, log=T, optional=F
|
|
* uid: string, log=T, optional=F
|
|
}
|
|
* dpd_state: record DPD::State, log=F, optional=T
|
|
DPD::State {
|
|
* violations: table[count] of count, log=F, optional=F
|
|
}
|
|
* duration: interval, log=F, optional=F
|
|
* history: string, log=F, optional=F
|
|
* id: record conn_id, log=F, optional=F
|
|
conn_id { ... }
|
|
* inner_vlan: int, log=F, optional=T
|
|
* orig: record endpoint, log=F, optional=F
|
|
endpoint {
|
|
* flow_label: count, log=F, optional=F
|
|
* l2_addr: string, log=F, optional=T
|
|
* num_bytes_ip: count, log=F, optional=T
|
|
* num_pkts: count, log=F, optional=T
|
|
* size: count, log=F, optional=F
|
|
* state: count, log=F, optional=F
|
|
}
|
|
* resp: record endpoint, log=F, optional=F
|
|
endpoint { ... }
|
|
* service: set[string], log=F, optional=F
|
|
* service_violation: set[string], log=F, optional=T
|
|
* start_time: time, log=F, optional=F
|
|
* tunnel: vector of record Tunnel::EncapsulatingConn, log=F, optional=T
|
|
Tunnel::EncapsulatingConn {
|
|
* cid: record conn_id, log=T, optional=F
|
|
conn_id { ... }
|
|
* tunnel_type: enum Tunnel::Type, log=T, optional=F
|
|
* uid: string, log=T, optional=T
|
|
}
|
|
* uid: string, log=F, optional=F
|
|
* vlan: int, log=F, optional=T
|
|
}
|