Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-15 13:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
zeek/testing/btest/Baseline/core.tunnels.vxlan/conn.log
Tim Wojtulewicz f7e3556a67 Store a single map of Sessions instead of split maps of Connections. 
This commit also includes:
- Storing the transport protocol in ConnID and ConnIDKey to allow tcp and
  udp connections from the same IP/Port combinations. This happens in the
  core.cisco-fabric-path test, for example.
- Lots of test updates. The reasons for these are two fold. First, with
  the change to only store a single map means that TCP, UDP, and ICMP
  connections are now mixed. When Zeek drains the map at shutdown, it drains
  each of those protocols together instead of separately. The second is
  because of how Sessions are stored in the map. We're now storing them
  keyed by the hash of the key stored by the Session objects, which causes
  them to again be in the map in a different order.
2021-04-29 10:24:45 -07:00

15 lines
1.2 KiB
Text
Raw Blame History

### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path conn
#open XXXX-XX-XX-XX-XX-XX
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 10.0.0.1 8 10.0.0.2 0 icmp - 3.004616 224 224 OTH - - 0 - 4 336 4 336 CUM0KZ3MLUfNB0cl11,C4J4Th3PJpwUYZZ6gc
XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 192.168.56.12 38071 192.168.56.11 4789 udp vxlan 3.004278 424 0 S0 - - 0 D 4 536 0 0 -
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 192.168.56.12 40908 192.168.56.11 4789 udp - - - - S0 - - 0 D 1 78 0 0 -
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 192.168.56.11 39924 192.168.56.12 4789 udp - - - - S0 - - 0 D 1 78 0 0 -
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 192.168.56.11 48134 192.168.56.12 4789 udp vxlan 3.004434 424 0 S0 - - 0 D 4 536 0 0 -
#close XXXX-XX-XX-XX-XX-XX
Reference in a new issue View git blame Copy permalink