zeek/scripts/base/frameworks/netcontrol at eeb8c0cbb01e17fafea64a30e33e55a1679c74dd - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 22:58:20 +00:00

History

Johanna Amann 4ad5d9073a NetControl: add catch and release event when IPs are forgotten. This adds an event that is raised once Catch & Release ceases the block management for an IP address because the IP has not been seen in traffic during the watch interval. This allows users who use their own logic on the top of catch and release know when they will have to start re-blocking the IP if it occurs in traffic again.		2016-07-28 16:28:07 -04:00
..
plugins	Write NetControl framework documentation.	2016-06-22 16:02:48 -07:00
__load__.bro	Add new logfiles for shunting and drops to netcontrol	2016-02-17 12:48:16 -08:00
catch-and-release.bro	NetControl: add catch and release event when IPs are forgotten.	2016-07-28 16:28:07 -04:00
cluster.bro	NetControl: rewrite catch and release and small fixes.	2016-05-23 16:16:21 -07:00
drop.bro	NetControl: rewrite catch and release and small fixes.	2016-05-23 16:16:21 -07:00
main.bro	Merge remote-tracking branch 'origin/topic/johanna/netcontrol-improvements'	2016-06-30 17:34:44 -07:00
non-cluster.bro	NetControl: add rule exists as state besides added and failure.	2016-03-24 15:06:07 -07:00
plugin.bro	Write NetControl framework documentation.	2016-06-22 16:02:48 -07:00
README	NetControl: add predicates to broker plugin	2016-03-14 18:48:49 -07:00
shunt.bro	Merge remote-tracking branch 'origin/topic/johanna/netcontrol'	2016-03-11 14:29:23 -08:00
types.bro	Write NetControl framework documentation.	2016-06-22 16:02:48 -07:00

README

The NetControl framework provides a way for Bro to interact with networking
hard- and software, e.g. for dropping and shunting IP addresses/connections,
etc.