zeek/src/types.bif

##! Declaration of various types that the Bro core uses internally.

enum dce_rpc_ptype %{
	DCE_RPC_REQUEST,
	DCE_RPC_PING,
	DCE_RPC_RESPONSE,
	DCE_RPC_FAULT,
	DCE_RPC_WORKING,
	DCE_RPC_NOCALL,
	DCE_RPC_REJECT,
	DCE_RPC_ACK,
	DCE_RPC_CL_CANCEL,
	DCE_RPC_FACK,
	DCE_RPC_CANCEL_ACK,
	DCE_RPC_BIND,
	DCE_RPC_BIND_ACK,
	DCE_RPC_BIND_NAK,
	DCE_RPC_ALTER_CONTEXT,
	DCE_RPC_ALTER_CONTEXT_RESP,
	DCE_RPC_SHUTDOWN,
	DCE_RPC_CO_CANCEL,
	DCE_RPC_ORPHANED,
%}

enum dce_rpc_if_id %{
	DCE_RPC_unknown_if,
	DCE_RPC_epmapper,
	DCE_RPC_lsarpc,
	DCE_RPC_lsa_ds,
	DCE_RPC_mgmt,
	DCE_RPC_netlogon,
	DCE_RPC_samr,
	DCE_RPC_srvsvc,
	DCE_RPC_spoolss,
	DCE_RPC_drs,
	DCE_RPC_winspipe,
	DCE_RPC_wkssvc,
	DCE_RPC_oxid,
	DCE_RPC_ISCMActivator,
%}

enum rpc_status %{
	RPC_SUCCESS,
	RPC_PROG_UNAVAIL,
	RPC_PROG_MISMATCH,
	RPC_PROC_UNAVAIL,
	RPC_GARBAGE_ARGS,
	RPC_SYSTEM_ERR,
	RPC_TIMEOUT,
	RPC_VERS_MISMATCH,
	RPC_AUTH_ERROR,
	RPC_UNKNOWN_ERROR,
%}

module NFS3;

enum proc_t %{	# NFSv3 procedures
	PROC_NULL     = 0,	# done
	PROC_GETATTR  = 1,	# done
	PROC_SETATTR  = 2,	# not implemented
	PROC_LOOKUP   = 3,	# done
	PROC_ACCESS   = 4,	# not implemented
	PROC_READLINK = 5,	# done
	PROC_READ     = 6,	# done
	PROC_WRITE    = 7,	# done
	PROC_CREATE   = 8,	# partial
	PROC_MKDIR    = 9,	# partial
	PROC_SYMLINK  = 10,	# not implemented
	PROC_MKNOD    = 11,	# not implemented
	PROC_REMOVE   = 12,	# done
	PROC_RMDIR    = 13,	# done
	PROC_RENAME   = 14,	# not implemented
	PROC_LINK     = 15,	# not implemented
	PROC_READDIR  = 16,	# done
	PROC_READDIRPLUS  = 17,	# done
	PROC_FSSTAT   = 18,	# not implemented
	PROC_FSINFO   = 19,	# not implemented
	PROC_PATHCONF = 20,	# not implemented
	PROC_COMMIT   = 21,	# not implemented
	PROC_END_OF_PROCS = 22,	# not implemented
%}

enum status_t %{	# NFSv3 return status
	NFS3ERR_OK          = 0,
	NFS3ERR_PERM        = 1,
	NFS3ERR_NOENT       = 2,
	NFS3ERR_IO          = 5,
	NFS3ERR_NXIO        = 6,
	NFS3ERR_ACCES       = 13,
	NFS3ERR_EXIST       = 17,
	NFS3ERR_XDEV        = 18,
	NFS3ERR_NODEV       = 19,
	NFS3ERR_NOTDIR      = 20,
	NFS3ERR_ISDIR       = 21,
	NFS3ERR_INVAL       = 22,
	NFS3ERR_FBIG        = 27,
	NFS3ERR_NOSPC       = 28,
	NFS3ERR_ROFS        = 30,
	NFS3ERR_MLINK       = 31,
	NFS3ERR_NAMETOOLONG = 63,
	NFS3ERR_NOTEMPTY    = 66,
	NFS3ERR_DQUOT       = 69,
	NFS3ERR_STALE       = 70,
	NFS3ERR_REMOTE      = 71,
	NFS3ERR_BADHANDLE   = 10001,
	NFS3ERR_NOT_SYNC    = 10002,
	NFS3ERR_BAD_COOKIE  = 10003,
	NFS3ERR_NOTSUPP     = 10004,
	NFS3ERR_TOOSMALL    = 10005,
	NFS3ERR_SERVERFAULT = 10006,
	NFS3ERR_BADTYPE     = 10007,
	NFS3ERR_JUKEBOX     = 10008,
	NFS3ERR_UNKNOWN     = 0xffffffff,
%}

enum file_type_t %{
	FTYPE_REG   = 1,
	FTYPE_DIR   = 2,
	FTYPE_BLK   = 3,
	FTYPE_CHR   = 4,
	FTYPE_LNK   = 5,
	FTYPE_SOCK  = 6,
	FTYPE_FIFO  = 7,
%}

enum stable_how_t %{
	UNSTABLE = 0,
	DATA_SYNC = 1,
	FILE_SYNC = 2,
%}

enum createmode_t %{
	UNCHECKED = 0,
	GUARDED = 1,
	EXCLUSIVE = 2,
%}

# Declare record types that we want to access from the event engine. These are
# defined in init-bare.bro.
type info_t: record;
type fattr_t: record;
type diropargs_t: record;
type lookup_reply_t: record;
type readargs_t: record;
type read_reply_t: record;
type readlink_reply_t: record;
type writeargs_t: record;
type wcc_attr_t: record;
type write_reply_t: record;
type newobj_reply_t: record;
type delobj_reply_t: record;
type readdirargs_t: record;
type direntry_t: record;
type direntry_vec_t: vector;
type readdir_reply_t: record;

type fsstat_t: record;

module Log;

enum Writer %{
	WRITER_DEFAULT,
	WRITER_NONE,
	WRITER_ASCII,
	WRITER_DATASERIES,
%}

enum ID %{
	Unknown,
%}

module GLOBAL;