mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
2233521de7
BIT-1550 #merged * origin/topic/johanna/netcontrol: (72 commits) Update baselines and news Move prefixtable back to all IPv6 internal handling. NetControl: Add functions to search for rules affecting IPs/subnets Add check_subnet bif that allows exact membership test for subnet tables. Rewrite internal handling of rules. Add bif that allows searching for all matching subnets in table. Add signaling of succesful initialization of plugins to NetControl. Add rule hooks to the acld plugin. Add new logfiles for shunting and drops to netcontrol Extend NetControl logging and fix bugs. Update OpenFlow API and events. small acld plugin fix Revert "introduce &weaken attribute" Fix crash when printing type of recursive structures. Testcase for crash when a record contains a function referencing a record. Rename Pacf to NetControl fix acld plugin to use address instead of subnet (and add functions for conversion) implement quarantine miscelaneous missing bits and pieces Acld implementation for Pacf - Bro side. ...
99 lines
2 KiB
Text
99 lines
2 KiB
Text
##! Debugging plugin for the NetControl framework, providing insight into
|
|
##! executed operations.
|
|
|
|
@load ../plugin
|
|
@load ../main
|
|
|
|
module NetControl;
|
|
|
|
export {
|
|
## Instantiates a debug plugin for the NetControl framework. The debug
|
|
## plugin simply logs the operations it receives.
|
|
##
|
|
## do_something: If true, the plugin will claim it supports all operations; if
|
|
## false, it will indicate it doesn't support any.
|
|
global create_debug: function(do_something: bool) : PluginState;
|
|
}
|
|
|
|
function do_something(p: PluginState) : bool
|
|
{
|
|
return p$config["all"] == "1";
|
|
}
|
|
|
|
function debug_name(p: PluginState) : string
|
|
{
|
|
return fmt("Debug-%s", (do_something(p) ? "All" : "None"));
|
|
}
|
|
|
|
function debug_log(p: PluginState, msg: string)
|
|
{
|
|
print fmt("netcontrol debug (%s): %s", debug_name(p), msg);
|
|
}
|
|
|
|
function debug_init(p: PluginState)
|
|
{
|
|
debug_log(p, "init");
|
|
plugin_activated(p);
|
|
}
|
|
|
|
function debug_done(p: PluginState)
|
|
{
|
|
debug_log(p, "init");
|
|
}
|
|
|
|
function debug_add_rule(p: PluginState, r: Rule) : bool
|
|
{
|
|
local s = fmt("add_rule: %s", r);
|
|
debug_log(p, s);
|
|
|
|
if ( do_something(p) )
|
|
{
|
|
event NetControl::rule_added(r, p);
|
|
return T;
|
|
}
|
|
|
|
return F;
|
|
}
|
|
|
|
function debug_remove_rule(p: PluginState, r: Rule) : bool
|
|
{
|
|
local s = fmt("remove_rule: %s", r);
|
|
debug_log(p, s);
|
|
|
|
event NetControl::rule_removed(r, p);
|
|
return T;
|
|
}
|
|
|
|
function debug_transaction_begin(p: PluginState)
|
|
{
|
|
debug_log(p, "transaction_begin");
|
|
}
|
|
|
|
function debug_transaction_end(p: PluginState)
|
|
{
|
|
debug_log(p, "transaction_end");
|
|
}
|
|
|
|
global debug_plugin = Plugin(
|
|
$name=debug_name,
|
|
$can_expire = F,
|
|
$init = debug_init,
|
|
$done = debug_done,
|
|
$add_rule = debug_add_rule,
|
|
$remove_rule = debug_remove_rule,
|
|
$transaction_begin = debug_transaction_begin,
|
|
$transaction_end = debug_transaction_end
|
|
);
|
|
|
|
function create_debug(do_something: bool) : PluginState
|
|
{
|
|
local p: PluginState = [$plugin=debug_plugin];
|
|
|
|
# FIXME: Why's the default not working?
|
|
p$config = table();
|
|
p$config["all"] = (do_something ? "1" : "0");
|
|
|
|
return p;
|
|
}
|
|
|
|
|