mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
0d3296590d
This avoids the earlier problem of not tracking ports correctly in scriptland, while still supporting `port` in EVT files and `%port` in Spicy files. As it turns out we are already following the same approach for file analyzers' MIME types, so I'm applying the same pattern: it's one event per port, without further customization points. That leaves the patch pretty small after all while fixing the original issue.
85 lines
2.6 KiB
Text
85 lines
2.6 KiB
Text
# doc-common-start
|
|
module Spicy;
|
|
|
|
export {
|
|
# doc-functions-start
|
|
## Enable a specific Spicy protocol analyzer if not already active. If this
|
|
## analyzer replaces an standard analyzer, that one will automatically be
|
|
## disabled.
|
|
##
|
|
## tag: analyzer to toggle
|
|
##
|
|
## Returns: true if the operation succeeded
|
|
global enable_protocol_analyzer: function(tag: Analyzer::Tag) : bool;
|
|
|
|
## Disable a specific Spicy protocol analyzer if not already inactive. If
|
|
## this analyzer replaces an standard analyzer, that one will automatically
|
|
## be re-enabled.
|
|
##
|
|
## tag: analyzer to toggle
|
|
##
|
|
## Returns: true if the operation succeeded
|
|
global disable_protocol_analyzer: function(tag: Analyzer::Tag) : bool;
|
|
|
|
|
|
## Enable a specific Spicy file analyzer if not already active. If this
|
|
## analyzer replaces an standard analyzer, that one will automatically be
|
|
## disabled.
|
|
##
|
|
## tag: analyzer to toggle
|
|
##
|
|
## Returns: true if the operation succeeded
|
|
global enable_file_analyzer: function(tag: Files::Tag) : bool;
|
|
|
|
## Disable a specific Spicy file analyzer if not already inactive. If
|
|
## this analyzer replaces an standard analyzer, that one will automatically
|
|
## be re-enabled.
|
|
##
|
|
## tag: analyzer to toggle
|
|
##
|
|
## Returns: true if the operation succeeded
|
|
global disable_file_analyzer: function(tag: Files::Tag) : bool;
|
|
|
|
## Returns current resource usage as reported by the Spicy runtime system.
|
|
global resource_usage: function() : ResourceUsage;
|
|
# doc-functions-end
|
|
}
|
|
|
|
# Marked with &is_used to suppress complaints when there aren't any
|
|
# Spicy file analyzers loaded, and hence this event can't be generated.
|
|
event spicy_analyzer_for_mime_type(a: Files::Tag, mt: string) &is_used
|
|
{
|
|
Files::register_for_mime_type(a, mt);
|
|
}
|
|
|
|
# Marked with &is_used to suppress complaints when there aren't any
|
|
# Spicy protocol analyzers loaded, and hence this event can't be generated.
|
|
event spicy_analyzer_for_port(a: Analyzer::Tag, p: port) &is_used
|
|
{
|
|
Analyzer::register_for_port(a, p);
|
|
}
|
|
|
|
function enable_protocol_analyzer(tag: Analyzer::Tag) : bool
|
|
{
|
|
return Spicy::__toggle_analyzer(tag, T);
|
|
}
|
|
|
|
function disable_protocol_analyzer(tag: Analyzer::Tag) : bool
|
|
{
|
|
return Spicy::__toggle_analyzer(tag, F);
|
|
}
|
|
|
|
function enable_file_analyzer(tag: Files::Tag) : bool
|
|
{
|
|
return Spicy::__toggle_analyzer(tag, T);
|
|
}
|
|
|
|
function disable_file_analyzer(tag: Files::Tag) : bool
|
|
{
|
|
return Spicy::__toggle_analyzer(tag, F);
|
|
}
|
|
|
|
function resource_usage() : ResourceUsage
|
|
{
|
|
return Spicy::__resource_usage();
|
|
}
|