mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
0fa1ecce8f
This commit renames the `service_violation` column that can be added via a policy script to `failed_service`. This expresses the intent of it better - the column contains services that failed and were removed after confirmation. Furthermore, the script is fixed so it actually does this - before it would sometimes add services to the list that were not actually removed. In the course of this, the type of the column was changed from a vector to an ordered set. Due to the column rename, the policy script itself is also renamed. Also adds a NEWS entry for the DPD changes.
7 lines
263 B
Text
7 lines
263 B
Text
# @TEST-DOC: Check if DPD options on violations work.
|
|
# @TEST-EXEC: zeek -r $TRACES/ftp/ftp-invalid-reply-code.pcap %INPUT
|
|
# @TEST-EXEC: btest-diff conn.log
|
|
|
|
@load policy/protocols/conn/failed-service-logging
|
|
|
|
redef DPD::track_removed_services_in_connection = T;
|