Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/testing/btest/language/sizeof.bro
Jon Siwek b3f1f45082 Remove --enable-brov6 flag, IPv6 now supported by default. 
Internally, all BROv6 preprocessor switches were removed and
addr/subnet representations wrapped in the new IPAddr/IPPrefix classes.

Some script-layer changes of note:

- dns_AAAA_reply event signature changed: the string representation
  of an IPv6 addr is easily derived from the addr value, it doesn't
  need to be another parameter.  This event also now generated directly
  by the DNS analyzer instead of being "faked" into a dns_A_reply event.

- removed addr_to_count BIF.  It used to return the host-order
  count representation of IPv4 addresses only.  To make it more
  generic, we might later add a BIF to return a vector of counts
  in order to support IPv6.

- changed the result of enclosing addr variables in vertical pipes
  (e.g. |my_addr|) to return the bit-width of the address type which
  is 128 for IPv6 and 32 for IPv4.  It used to function the same
  way as addr_to_count mentioned above.

- remove bro_has_ipv6 BIF
2012-02-03 16:46:58 -06:00

117 lines
3.2 KiB
Text
Raw Blame History

# @TEST-EXEC: bro %INPUT >output 2>&1
# @TEST-EXEC: btest-diff output
# Demo policy for the sizeof operator "|x|".
# ------------------------------------------
#
# This script creates various types and values and shows the result of the
# sizeof operator on these values.
#
# For any types not covered in this script, the sizeof operator's semantics
# are not defined and its application returns a count of 0. At the moment
# the only type where this should happen is string patterns.
type example_enum: enum { ENUM1, ENUM2, ENUM3 };
type example_record: record {
i: int &optional;
j: int &optional;
k: int &optional;
};
global a: addr = 1.2.3.4;
global a6: addr = ::1;
global b: bool = T;
global c: count = 10;
global d: double = -1.23;
global f: file = open_log_file("sizeof_demo");
global i: int = -10;
global iv: interval = -5sec;
global p: port = 80/tcp;
global r: example_record [ $i = 10 ];
global si: set[int];
global s: string = "Hello";
global sn: subnet = 192.168.0.0/24;
global t: table[string] of string;
global ti: time = current_time();
global v: vector of string;
# Additional initialization
#
print f, "12345678901234567890";
add si[1];
add si[10];
add si[100];
t["foo"] = "Hello";
t["bar"] = "World";
v[0] = "Hello";
v[4] = "World";
# Print out the sizes of the various vals:
#-----------------------------------------
# Size of addr: returns number of bits required to represent the address
# which is 32 for IPv4 or 128 for IPv6
print fmt("IPv4 Address %s: %d", a, |a|);
print fmt("IPv6 Address %s: %d", a6, |a6|);
# Size of boolean: returns 1 or 0.
print fmt("Boolean %s: %d", b, |b|);
# Size of count: identity.
print fmt("Count %s: %d", c, |c|);
# Size of double: returns absolute value.
print fmt("Double %s: %f", d, |d|);
# Size of enum: returns numeric value of enum constant.
print fmt("Enum %s: %d", ENUM3, |ENUM3|);
# Size of file: returns current file size.
# Note that this is a double so that file sizes >> 4GB
# can be expressed.
print fmt("File %f", |f|);
# Size of function: returns number of arguments.
print fmt("Function add_interface: %d", |add_interface|);
# Size of integer: returns absolute value.
print fmt("Integer %s: %d", i, |i|);
# Size of interval: returns double representation of the interval
print fmt("Interval %s: %f", iv, |iv|);
# Size of port: returns port number as a count.
print fmt("Port %s: %d", p, |p|);
# Size of record: returns number of fields (assigned + unassigned)
print fmt("Record %s: %d", r, |r|);
# Size of set: returns number of elements in set.
# Don't print the set, as its order depends on the seeding of the hash
# fnction, and it's not worth the trouble to normalize it.
print fmt("Set: %d", |si|);
# Size of string: returns string length.
print fmt("String '%s': %d", s, |s|);
# Size of subnet: returns size of net as a double
# (so that 2^32 can be expressed too).
print fmt("Subnet %s: %f", sn, |sn|);
# Size of table: returns number of elements in table
print fmt("Table %d", |t|);
# Size of time: returns double representation of the time
# print fmt("Time %s: %f", ti, |ti|);
# Size of vector: returns largest assigned index.
# Note that this is not the number of assigned values.
# The following prints "5":
#
print fmt("Vector %s: %d", v, |v|);
close(f);
Reference in a new issue View git blame Copy permalink