mirror of
https://github.com/zeek/zeek.git
synced 2025-10-14 20:48:21 +00:00
65f8222b92
* origin/topic/awelzel/mmdb-fix-and-tests:
base/frameworks/spicy: Do not load base/misc/version
btest/core/mmdb: Basic lookup_autonomous_system / lookup_location tests
btest/files: Add mmdb testing databases and generator code
zeek.bif: Switch mmdb stale check to network_time
Fix mmdb pointer destruction
(cherry picked from commit 44b67894ac)
37 lines
1.4 KiB
Text
37 lines
1.4 KiB
Text
# @TEST-DOC: Change the modification time of the mmdb database on every packet. This triggers reopening of the MMDB database.
|
|
#
|
|
# @TEST-REQUIRES: grep -q "#define USE_GEOIP" $BUILD/zeek-config.h
|
|
#
|
|
# @TEST-EXEC: cp -R $FILES/mmdb ./mmdb
|
|
# @TEST-EXEC: zeek -b -r $TRACES/rotation.trace %INPUT >out
|
|
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out
|
|
# @TEST-EXEC: zeek-cut -m < reporter.log > reporter.log.tmp && mv reporter.log.tmp reporter.log
|
|
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff reporter.log
|
|
|
|
@load base/frameworks/reporter
|
|
|
|
redef mmdb_dir = "./mmdb";
|
|
|
|
global pkt = 0;
|
|
|
|
event new_packet(c: connection, p: pkt_hdr)
|
|
{
|
|
++pkt;
|
|
# Set MMDB's modification time to current network time.
|
|
local asn_fn = safe_shell_quote(mmdb_dir + "/GeoLite2-ASN.mmdb");
|
|
local city_fn = safe_shell_quote(mmdb_dir + "/GeoLite2-City.mmdb");
|
|
|
|
if ( ! piped_exec(fmt("touch -d @%s %s", network_time(), asn_fn), "") )
|
|
exit(1);
|
|
|
|
if ( ! piped_exec(fmt("touch -d @%s %s", network_time(), city_fn), "") )
|
|
exit(1);
|
|
|
|
print network_time(), pkt, 128.3.0.1, "asn", lookup_autonomous_system(128.3.0.1);
|
|
print network_time(), pkt, 128.3.0.1, "location", lookup_location(128.3.0.1);
|
|
print network_time(), pkt, 131.243.0.1, "asn", lookup_autonomous_system(131.243.0.1);
|
|
print network_time(), pkt, 131.243.0.1, "location", lookup_location(131.243.0.1);
|
|
|
|
if ( pkt == 4 )
|
|
terminate();
|
|
}
|