mirror of
https://github.com/zeek/zeek.git
synced 2025-10-07 00:58:19 +00:00
589952f4d9
Conflicts: src/FileAnalyzer.cc testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
228 lines
4.5 KiB
Text
228 lines
4.5 KiB
Text
##! Declaration of various types that the Bro core uses internally.
|
|
|
|
enum dce_rpc_ptype %{
|
|
DCE_RPC_REQUEST,
|
|
DCE_RPC_PING,
|
|
DCE_RPC_RESPONSE,
|
|
DCE_RPC_FAULT,
|
|
DCE_RPC_WORKING,
|
|
DCE_RPC_NOCALL,
|
|
DCE_RPC_REJECT,
|
|
DCE_RPC_ACK,
|
|
DCE_RPC_CL_CANCEL,
|
|
DCE_RPC_FACK,
|
|
DCE_RPC_CANCEL_ACK,
|
|
DCE_RPC_BIND,
|
|
DCE_RPC_BIND_ACK,
|
|
DCE_RPC_BIND_NAK,
|
|
DCE_RPC_ALTER_CONTEXT,
|
|
DCE_RPC_ALTER_CONTEXT_RESP,
|
|
DCE_RPC_SHUTDOWN,
|
|
DCE_RPC_CO_CANCEL,
|
|
DCE_RPC_ORPHANED,
|
|
%}
|
|
|
|
enum dce_rpc_if_id %{
|
|
DCE_RPC_unknown_if,
|
|
DCE_RPC_epmapper,
|
|
DCE_RPC_lsarpc,
|
|
DCE_RPC_lsa_ds,
|
|
DCE_RPC_mgmt,
|
|
DCE_RPC_netlogon,
|
|
DCE_RPC_samr,
|
|
DCE_RPC_srvsvc,
|
|
DCE_RPC_spoolss,
|
|
DCE_RPC_drs,
|
|
DCE_RPC_winspipe,
|
|
DCE_RPC_wkssvc,
|
|
DCE_RPC_oxid,
|
|
DCE_RPC_ISCMActivator,
|
|
%}
|
|
|
|
enum rpc_status %{
|
|
RPC_SUCCESS,
|
|
RPC_PROG_UNAVAIL,
|
|
RPC_PROG_MISMATCH,
|
|
RPC_PROC_UNAVAIL,
|
|
RPC_GARBAGE_ARGS,
|
|
RPC_SYSTEM_ERR,
|
|
RPC_TIMEOUT,
|
|
RPC_VERS_MISMATCH,
|
|
RPC_AUTH_ERROR,
|
|
RPC_UNKNOWN_ERROR,
|
|
%}
|
|
|
|
module NFS3;
|
|
|
|
enum proc_t %{ # NFSv3 procedures
|
|
PROC_NULL = 0, # done
|
|
PROC_GETATTR = 1, # done
|
|
PROC_SETATTR = 2, # not implemented
|
|
PROC_LOOKUP = 3, # done
|
|
PROC_ACCESS = 4, # not implemented
|
|
PROC_READLINK = 5, # done
|
|
PROC_READ = 6, # done
|
|
PROC_WRITE = 7, # done
|
|
PROC_CREATE = 8, # partial
|
|
PROC_MKDIR = 9, # partial
|
|
PROC_SYMLINK = 10, # not implemented
|
|
PROC_MKNOD = 11, # not implemented
|
|
PROC_REMOVE = 12, # done
|
|
PROC_RMDIR = 13, # done
|
|
PROC_RENAME = 14, # not implemented
|
|
PROC_LINK = 15, # not implemented
|
|
PROC_READDIR = 16, # done
|
|
PROC_READDIRPLUS = 17, # done
|
|
PROC_FSSTAT = 18, # not implemented
|
|
PROC_FSINFO = 19, # not implemented
|
|
PROC_PATHCONF = 20, # not implemented
|
|
PROC_COMMIT = 21, # not implemented
|
|
PROC_END_OF_PROCS = 22, # not implemented
|
|
%}
|
|
|
|
enum status_t %{ # NFSv3 return status
|
|
NFS3ERR_OK = 0,
|
|
NFS3ERR_PERM = 1,
|
|
NFS3ERR_NOENT = 2,
|
|
NFS3ERR_IO = 5,
|
|
NFS3ERR_NXIO = 6,
|
|
NFS3ERR_ACCES = 13,
|
|
NFS3ERR_EXIST = 17,
|
|
NFS3ERR_XDEV = 18,
|
|
NFS3ERR_NODEV = 19,
|
|
NFS3ERR_NOTDIR = 20,
|
|
NFS3ERR_ISDIR = 21,
|
|
NFS3ERR_INVAL = 22,
|
|
NFS3ERR_FBIG = 27,
|
|
NFS3ERR_NOSPC = 28,
|
|
NFS3ERR_ROFS = 30,
|
|
NFS3ERR_MLINK = 31,
|
|
NFS3ERR_NAMETOOLONG = 63,
|
|
NFS3ERR_NOTEMPTY = 66,
|
|
NFS3ERR_DQUOT = 69,
|
|
NFS3ERR_STALE = 70,
|
|
NFS3ERR_REMOTE = 71,
|
|
NFS3ERR_BADHANDLE = 10001,
|
|
NFS3ERR_NOT_SYNC = 10002,
|
|
NFS3ERR_BAD_COOKIE = 10003,
|
|
NFS3ERR_NOTSUPP = 10004,
|
|
NFS3ERR_TOOSMALL = 10005,
|
|
NFS3ERR_SERVERFAULT = 10006,
|
|
NFS3ERR_BADTYPE = 10007,
|
|
NFS3ERR_JUKEBOX = 10008,
|
|
NFS3ERR_UNKNOWN = 0xffffffff,
|
|
%}
|
|
|
|
enum file_type_t %{
|
|
FTYPE_REG = 1,
|
|
FTYPE_DIR = 2,
|
|
FTYPE_BLK = 3,
|
|
FTYPE_CHR = 4,
|
|
FTYPE_LNK = 5,
|
|
FTYPE_SOCK = 6,
|
|
FTYPE_FIFO = 7,
|
|
%}
|
|
|
|
enum stable_how_t %{
|
|
UNSTABLE = 0,
|
|
DATA_SYNC = 1,
|
|
FILE_SYNC = 2,
|
|
%}
|
|
|
|
enum createmode_t %{
|
|
UNCHECKED = 0,
|
|
GUARDED = 1,
|
|
EXCLUSIVE = 2,
|
|
%}
|
|
|
|
# Declare record types that we want to access from the event engine. These are
|
|
# defined in init-bare.bro.
|
|
type info_t: record;
|
|
type fattr_t: record;
|
|
type diropargs_t: record;
|
|
type lookup_reply_t: record;
|
|
type readargs_t: record;
|
|
type read_reply_t: record;
|
|
type readlink_reply_t: record;
|
|
type writeargs_t: record;
|
|
type wcc_attr_t: record;
|
|
type write_reply_t: record;
|
|
type newobj_reply_t: record;
|
|
type delobj_reply_t: record;
|
|
type readdirargs_t: record;
|
|
type direntry_t: record;
|
|
type direntry_vec_t: vector;
|
|
type readdir_reply_t: record;
|
|
|
|
type fsstat_t: record;
|
|
|
|
|
|
module GLOBAL;
|
|
|
|
type ModbusHeaders: record;
|
|
type ModbusCoils: vector;
|
|
type ModbusRegisters: vector;
|
|
|
|
module Log;
|
|
|
|
enum Writer %{
|
|
WRITER_DEFAULT,
|
|
WRITER_NONE,
|
|
WRITER_ASCII,
|
|
WRITER_DATASERIES,
|
|
WRITER_ELASTICSEARCH,
|
|
%}
|
|
|
|
enum ID %{
|
|
Unknown,
|
|
%}
|
|
|
|
module Tunnel;
|
|
enum Type %{
|
|
NONE,
|
|
IP,
|
|
AYIYA,
|
|
TEREDO,
|
|
SOCKS,
|
|
GTPv1,
|
|
%}
|
|
|
|
type EncapsulatingConn: record;
|
|
|
|
module Input;
|
|
|
|
enum Reader %{
|
|
READER_DEFAULT,
|
|
READER_ASCII,
|
|
READER_RAW,
|
|
READER_BENCHMARK,
|
|
READER_BINARY,
|
|
%}
|
|
|
|
enum Event %{
|
|
EVENT_NEW,
|
|
EVENT_CHANGED,
|
|
EVENT_REMOVED,
|
|
%}
|
|
|
|
enum Mode %{
|
|
MANUAL = 0,
|
|
REREAD = 1,
|
|
STREAM = 2,
|
|
%}
|
|
|
|
module GLOBAL;
|
|
|
|
type gtpv1_hdr: record;
|
|
type gtp_create_pdp_ctx_request_elements: record;
|
|
type gtp_create_pdp_ctx_response_elements: record;
|
|
type gtp_update_pdp_ctx_request_elements: record;
|
|
type gtp_update_pdp_ctx_response_elements: record;
|
|
type gtp_delete_pdp_ctx_request_elements: record;
|
|
type gtp_delete_pdp_ctx_response_elements: record;
|
|
|
|
type gtp_end_user_addr: record;
|
|
type gtp_rai: record;
|
|
type gtp_qos_profile: record;
|
|
type gtp_private_extension: record;
|
|
type gtp_gsn_addr: record;
|