mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
00a4865885
Changes during merge - Changed the policy script to use an event handler that behaves for like the base script: &priority=5, msg$opcode != early-out, no record field existence checks - Also extended dns_query_reply event with original_query param - Removed ExtractName overload, and just use default param * 'dns-original-query-case' of https://github.com/rvictory/zeek: Fixed some places where tabs became spaces Stricter checking if we have a dns field on the connection being processed Modified the DNS protocol analyzer to add a new parameter to the dns_request event which includes the DNS query in its original case. Added a policy script that will add the original_case to the dns.log file as well. Created new btests to test both. |
||
|---|---|---|
| .. | ||
| conn | ||
| dhcp | ||
| dns | ||
| ftp | ||
| http | ||
| krb | ||
| modbus | ||
| mqtt | ||
| mysql | ||
| rdp | ||
| smb | ||
| smtp | ||
| ssh | ||
| ssl | ||