bro-aux-0.42/000755 000765 000024 00000000000 13400006401 012731 5ustar00jonstaff000000 000000 bro-aux-0.42/.update-changes.cfg000644 000765 000024 00000000202 13400006400 016351 0ustar00jonstaff000000 000000 # Automatically adapt version in files. function new_version_hook { version=$1 replace_version_in_rst README $version } bro-aux-0.42/CMakeLists.txt000644 000765 000024 00000006500 13400006400 015471 0ustar00jonstaff000000 000000 project(BroAux C CXX) cmake_minimum_required(VERSION 2.8 FATAL_ERROR) include(cmake/CommonCMakeConfig.cmake) ######################################################################## ## Dependency Configuration include(FindRequiredPackage) FindRequiredPackage(FLEX) FindRequiredPackage(PCAP) FindRequiredPackage(BIND) FindRequiredPackage(OpenSSL) if (MISSING_PREREQS) foreach (prereq ${MISSING_PREREQ_DESCS}) message(SEND_ERROR ${prereq}) endforeach () message(FATAL_ERROR "Configuration aborted due to missing prerequisites") endif () include_directories(BEFORE ${BIND_INCLUDE_DIR} ${PCAP_INCLUDE_DIR} ${OPENSSL_INCLUDE_DIR} ) ######################################################################## ## System Introspection include(CheckHeaders) include(CheckFunctions) include(CheckNameserCompat) include(MiscTests) configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config.h.in ${CMAKE_CURRENT_BINARY_DIR}/config.h) include_directories(BEFORE ${CMAKE_CURRENT_BINARY_DIR}) ######################################################################## ## Recurse on sub-directories # For binary packaging or if this is the main CMake project, go through # the regular install target, else use a custom target so programs # have to be explicitly installed by the user via "make install-aux" macro(AddAuxInstallTarget _target) if (BINARY_PACKAGING_MODE OR "${CMAKE_SOURCE_DIR}" STREQUAL "${PROJECT_SOURCE_DIR}") install(TARGETS ${_target} DESTINATION bin) else () add_custom_target(install-${_target} COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_INSTALL_PREFIX}/bin COMMAND ${CMAKE_COMMAND} -E copy $ ${CMAKE_INSTALL_PREFIX}/bin) add_dependencies(install-${_target} ${_target}) set(AUX_TARGETS install-${_target};${AUX_TARGETS}) set(AUX_TARGETS ${AUX_TARGETS} PARENT_SCOPE) endif () endmacro(AddAuxInstallTarget) if ( NOT BRO_MAN_INSTALL_PATH ) set(BRO_MAN_INSTALL_PATH ${CMAKE_INSTALL_PREFIX}/share/man) endif () add_subdirectory(adtrace) add_subdirectory(bro-cut) add_subdirectory(rst) if (NOT (BINARY_PACKAGING_MODE OR "${CMAKE_SOURCE_DIR}" STREQUAL "${PROJECT_SOURCE_DIR}") ) add_custom_target(install-aux COMMENT "Bro auxiliary tools installed to ${CMAKE_INSTALL_PREFIX}/bin") add_dependencies(install-aux ${AUX_TARGETS}) endif () install(PROGRAMS ${CMAKE_CURRENT_BINARY_DIR}/bro-cut/bro-cut DESTINATION bin) ######################################################################## ## Build Summary if (CMAKE_BUILD_TYPE) string(TOUPPER ${CMAKE_BUILD_TYPE} BuildType) endif () message( "\n==================| Bro-Aux Build Summary |===================" "\n" "\nInstall prefix: ${CMAKE_INSTALL_PREFIX}" "\nDebug mode: ${ENABLE_DEBUG}" "\n" "\nCC: ${CMAKE_C_COMPILER}" "\nCFLAGS: ${CMAKE_C_FLAGS} ${CMAKE_C_FLAGS_${BuildType}}" "\nCXX: ${CMAKE_CXX_COMPILER}" "\nCXXFLAGS: ${CMAKE_CXX_FLAGS} ${CMAKE_CXX_FLAGS_${BuildType}}" "\nCPP: ${CMAKE_CXX_COMPILER}" "\n" "\n================================================================\n" ) include(UserChangedWarning) bro-aux-0.42/cmake/000755 000765 000024 00000000000 13400006401 014011 5ustar00jonstaff000000 000000 bro-aux-0.42/plugin-support/000755 000765 000024 00000000000 13400006400 015740 5ustar00jonstaff000000 000000 bro-aux-0.42/configure000755 000765 000024 00000006506 13400006400 014646 0ustar00jonstaff000000 000000 #!/bin/sh # Convenience wrapper for easily viewing/setting options that # the project's CMake scripts will recognize set -e command="$0 $*" # check for `cmake` command type cmake > /dev/null 2>&1 || { echo "\ This package requires CMake, please install it first, then you may use this configure script to access CMake equivalent functionality.\ " >&2; exit 1; } usage="\ Usage: $0 [OPTION]... [VAR=VALUE]... Build Directory: --builddir=DIR place build files in directory [build] Installation Directories: --prefix=PREFIX installation directory [/usr/local/bro] Optional Features: --enable-debug compile in debugging mode Required Packages in Non-Standard Locations: --with-openssl=PATH path to OpenSSL install root --with-bind=PATH path to BIND install root --with-pcap=PATH path to libpcap install root --with-flex=PATH path to flex executable Influential Environment Variables (only on first invocation per build directory): CC C compiler command CFLAGS C compiler flags CXX C++ compiler command CXXFLAGS C++ compiler flags " sourcedir="$( cd "$( dirname "$0" )" && pwd )" # Function to append a CMake cache entry definition to the # CMakeCacheEntries variable # $1 is the cache entry variable name # $2 is the cache entry variable type # $3 is the cache entry variable value append_cache_entry () { CMakeCacheEntries="$CMakeCacheEntries -D $1:$2=$3" } # set defaults builddir=build CMakeCacheEntries="" append_cache_entry CMAKE_INSTALL_PREFIX PATH /usr/local/bro append_cache_entry ENABLE_DEBUG BOOL false # parse arguments while [ $# -ne 0 ]; do case "$1" in -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; *) optarg= ;; esac case "$1" in --help|-h) echo "${usage}" 1>&2 exit 1 ;; --builddir=*) builddir=$optarg ;; --prefix=*) append_cache_entry CMAKE_INSTALL_PREFIX PATH $optarg ;; --enable-debug) append_cache_entry ENABLE_DEBUG BOOL true ;; --with-openssl=*) append_cache_entry OPENSSL_ROOT_DIR PATH $optarg ;; --with-bind=*) append_cache_entry BIND_ROOT_DIR PATH $optarg ;; --with-pcap=*) append_cache_entry PCAP_ROOT_DIR PATH $optarg ;; --with-flex=*) append_cache_entry FLEX_EXECUTABLE PATH $optarg ;; *) echo "Invalid option '$1'. Try $0 --help to see available options." exit 1 ;; esac shift done if [ -d $builddir ]; then # If build directory exists, check if it has a CMake cache if [ -f $builddir/CMakeCache.txt ]; then # If the CMake cache exists, delete it so that this configuration # is not tainted by a previous one rm -f $builddir/CMakeCache.txt fi else # Create build directory mkdir -p $builddir fi echo "Build Directory : $builddir" echo "Source Directory: $sourcedir" cd $builddir cmake $CMakeCacheEntries $sourcedir echo "# This is the command used to configure this build" > config.status echo $command >> config.status chmod u+x config.status bro-aux-0.42/Makefile000644 000765 000024 00000003332 13400006400 014371 0ustar00jonstaff000000 000000 # # A simple static wrapper for a number of standard Makefile targets, # mostly just forwarding to build/Makefile. This is provided only for # convenience and supports only a subset of what CMake's Makefile # to offer. For more, execute that one directly. # BUILD=build REPO=$$(cd $(CURDIR) && basename $$(git config --get remote.origin.url | sed 's/^[^:]*://g')) VERSION_FULL=$(REPO)-$$(cd $(CURDIR) && cat VERSION) VERSION_MIN=$(REPO)-$$(cd $(CURDIR) && cat VERSION)-minimal GITDIR=$$(test -f .git && echo $$(cut -d" " -f2 .git) || echo .git) all: configured $(MAKE) -C $(BUILD) $@ install: configured $(MAKE) -C $(BUILD) $@ clean: configured $(MAKE) -C $(BUILD) $@ dist: @test -e ../$(VERSION_FULL) && rm -ri ../$(VERSION_FULL) || true @cp -R . ../$(VERSION_FULL) @for i in . $$(git submodule foreach -q --recursive realpath --relative-to=$$(pwd) .); do ((cd ../$(VERSION_FULL)/$$i && test -f .git && cp -R $(GITDIR) .gitnew && rm -f .git && mv .gitnew .git && sed -i.bak -e 's#[[:space:]]*worktree[[:space:]]*=[[:space:]]*.*##g' .git/config) || true); done @for i in . $$(git submodule foreach -q --recursive realpath --relative-to=$$(pwd) .); do (cd ../$(VERSION_FULL)/$$i && git reset -q --hard && git clean -ffdxq); done @(cd ../$(VERSION_FULL) && find . -name \.git\* | xargs rm -rf) @mv ../$(VERSION_FULL) . @tar -czf $(VERSION_FULL).tar.gz $(VERSION_FULL) @echo Package: $(VERSION_FULL).tar.gz @rm -rf $(VERSION_FULL) distclean: rm -rf $(BUILD) .PHONY : test test: @make -C testing .PHONY : configured configured: @test -d $(BUILD) || ( echo "Error: No build/ directory found. Did you run configure?" && exit 1 ) @test -e $(BUILD)/Makefile || ( echo "Error: No build/Makefile found. Did you run configure?" && exit 1 ) bro-aux-0.42/CHANGES000644 000765 000024 00000037752 13400006400 013741 0ustar00jonstaff000000 000000 0.42 | 2018-11-14 17:09:06 -0600 * Release 0.42. 0.41-12 | 2018-11-14 17:07:14 -0600 * Remove the version number from show-plugin btest skeleton. With 2.7, the additional .patch version will break bro-pkg tests during the transition from previous versions. (Michael Dopheide) * use ${bro_dist} instead of ${bro} in get-bro-env since bro is undefined as of fdd1f55 (Foster McLane) 0.41-8 | 2018-10-12 12:44:40 -0400 * Fix comments in scripts skeleton files. (Robin Sommer, Corelight) * Remove init.bro from plugin skeleton. (Robin Sommer, Corelight) * Update the plugin skeleton. (Robin Sommer, Corelight) - Add top-level .gitignore file - Add bro-pkg.meta template - Don't skip .gitignore files when creating skeleton - Update btest configuration to no longer require a source tree. 0.41-3 | 2018-10-05 14:22:04 -0500 * Update plugin configure script to automatically add debug flags Addresses bro/bro#184 (Jon Siwek, Corelight) 0.41-2 | 2018-09-19 09:52:48 -0500 * Remove some unused code in the update-changes script (Daniel Thayer) 0.41 | 2018-09-18 15:03:00 -0500 * Fix update-changes to allow beta version tags w/o patch number (Jon Siwek, Corelight) 0.40 | 2018-08-31 15:24:30 -0500 * Improve `make dist` (Jon Siwek, Corelight) 0.39-34 | 2018-07-24 16:35:27 -0500 * Teach plugin configure script about bro-config's broker/caf/binpac dirs (Jon Siwek, Corelight) 0.39-32 | 2018-07-24 01:47:55 +0000 * Update plugin configure skeleton to allow independence from --bro-dist. (Jon Siwek, Corelight) 0.39-30 | 2018-07-16 16:11:02 -0500 * Change how update-changes formats Corelight credit (Jon Siwek, Corelight) 0.39-29 | 2018-07-16 10:02:20 -0500 * Add author re-writing logic to update-changes Any commits authored by an @corelight.com email address will use "Corelight" as the author name in CHANGES entries. (Corelight) 0.39-27 | 2018-05-15 15:38:29 +0000 * Updating submodules. 0.39-24 | 2018-03-15 14:55:39 -0700 * Configure Travis CI email recipients and build branches. (Daniel Thayer) 0.39-21 | 2018-02-05 15:03:13 -0800 * Add a .travis.yml file (Daniel Thayer) 0.39-19 | 2018-01-26 11:27:08 -0600 * Add PATH to bro-cut in btest.cfg, allows building bro-cut and running unit tests without needing entire bro repo. (Daniel Thayer) * Improve portability of the update-changes script (Daniel Thayer) * Improve code comments in the update-changes file (Daniel Thayer) 0.39-15 | 2018-01-16 12:55:57 -0600 * Improvements to documentation of bro-cut (Daniel Thayer) * Improve bro-cut tests (Daniel Thayer) * Faster bro-cut timestamp conversion (Daniel Thayer) 0.39-7 | 2017-12-05 11:17:43 -0600 * Use bro-config for plugin configure if available. (Jan Grashoefer) 0.39-4 | 2017-07-29 07:43:25 -0700 * Add script to generate certificate transparency list file. (Johanna Amann) * Two updates for update-changes. (Johanna Amann) - Betas accept versions in the 1.2.3 format, not just 1.2. - When searching for the last version tag, upgate-changes now specifically only searches for tags starting with "v", for example ignoring release tags. 0.39 | 2017-05-26 08:26:51 -0500 * Release 0.39. * Update plugin skeleton's CMakeLists.txt. The project name is now derived from the actual plugin name instead of just "Plugin" and it now sets up CPack packaging (e.g. RPM/DEB) to be available via "make package" in the build dir. (Jon Siwek) * Remove superfluous spaces from line endings. (Johanna Amann) * Small update to plugin-support to use override instead of virtual (Johanna Amann) 0.38 | 2016-11-14 09:19:05 -0800 * Robustness fix for check-release script. (Robin Sommer) 0.37 | 2016-10-27 14:42:01 -0700 * Release 0.37. * Reverting fix to build plugins on OS X; no longer necessary because plugins do no longer have to pull in OpenSSL. (Johanna Amann) 0.36 | 2016-08-12 13:12:49 -0700 * Release 0.36. * Update gen-mozilla-ca-list.rb to use a file instead of accessing the Mozilla server. (Johanna Amann) * Fix compiler warning. (Robin Sommer) * Removing nftools. (Robin Sommer) * Fix coverity warning (memory leak) in bro-cut (Daniel Thayer) 0.35-27 | 2016-06-21 18:31:33 -0700 * Fix bro-cut to allow unset or zero time values. (Daniel Thayer) * Fix failure to build plugins on OS X 10.11 with init-plugin. (Daniel Thayer) 0.35-18 | 2016-03-04 12:38:16 -0800 * Update for new CMake OpenSSL script. (Johanna Amann) 0.35-15 | 2016-02-01 12:37:46 -0800 * Fix the init-plugin script to be more portable. (Daniel Thayer) 0.35-8 | 2015-08-10 14:56:24 -0700 * Plugin skeletons now include a __preload__.bro that pulls in types.bro for defining types. (Robin Sommer) 0.35-7 | 2015-08-10 12:58:35 -0700 * Fix a test for large time values that fails on some systems. (Daniel Thayer) 0.35-6 | 2015-08-06 22:29:36 -0400 * Improved handling of malformed input, avoiding crashes. (Justin Azoff and Daniel Thayer) * Remove unused code and fix initialization of long_opts. (Daniel Thayer) 0.35-4 | 2015-07-21 09:38:58 -0700 * Bringing back the ``--help`` option for bro-cut. (Justin Azoff) 0.35-2 | 2015-07-10 07:14:52 -0700 * Add more documentation for bro-cut. (Daniel Thayer) 0.35 | 2015-06-03 09:02:49 -0700 * Release 0.35. 0.34-5 | 2015-06-03 09:02:10 -0700 * Fix replace_version_in_rst function in update-changes script to cope with "beta" in version string. (Daniel Thayer) * Portability fix for plugin configure script. (Daniel Thayer) * Fix minor typo in init-plugin error message. (Daniel Thayer) 0.34 | 2015-05-07 20:30:43 -0700 * Release 0.34. * Change make-release to assume sign-file is in path (Johanna Amann) 0.33-76 | 2015-04-27 08:23:18 -0700 * Fix sed regex for replacing version in header file. (Jon Siwek) 0.33-74 | 2015-04-23 06:58:37 -0700 * Correct a few typos in update-changes script. (Daniel Thayer) * Adding function to update-changes that updates version in a C header file. (Robin Sommer) * Fix plugin configure skeletons to work on more shells. (Jon Siwek) 0.33-68 | 2015-02-23 11:26:14 -0600 * Plugin skeleton updates. (Robin Sommer) - Updating plugin skeleton license. - Removing the plugin MAINTAINER skeleton file. - Adding hooks to configure script so that plugins can add options without modifying the scripts itself. - BIT-1302: Extending plugin skeleton Makefile to reload cached CMake variables when Bro has been reconfigured. (Robin Sommer) - Removing bdist and sdist make targets. The former is superseded by the new build process which always creates a binary distribution tarball. The latter is easy enough to do manually now that all dynamic stuff is in build/ - Added a VERSION file; content goes into name of the binary tarball - Move README.edit-me to README. - Allowing relative paths for --bro-dist * Changing init-plugin to take an additional parameter specifying the directory where to create the plugin skeleton. (Robin Sommer) 0.33-58 | 2015-02-12 12:15:39 -0600 * Fix bro-cut compile warning on FreeBSD (Johanna Amann) 0.33-56 | 2015-01-08 13:06:36 -0600 * Increase minimum required CMake version to 2.8. (Jon Siwek) 0.33-55 | 2014-12-08 13:49:37 -0800 * Add man page for bro-cut. (Raúl Benencia) * Add --install-root to plugin skeleton's configure. (Robin Sommer) * Fix get-bro-env script to use sh equality operator. (Jon Siwek) * Add an option to update-changes that prevents it from adding author names to entries. (Robin Sommer) 0.33-45 | 2014-08-21 15:47:29 -0500 * Various tweaks to the plugin skeleton. (Robin Sommer) 0.33-38 | 2014-08-01 14:03:49 -0700 * bro-cut has been rewritten in C, and is hence much faster. (Daniel Thayer, based on an initial version by Justin Azoff). 0.33-26 | 2014-07-30 15:51:42 -0500 * Remove a superfluous file from plugin skeleton. (Jon Siwek) * init-plugin now creates a Plugin.h as well. (Robin Sommer) * Adding a basic btest setup to the plugin skeleton. (Robin Sommer) * Updating plugin skeleton to new API. (Robin Sommer) * Updates to the init-plugin script/skeleton. (Robin Sommer) * A script to setup a skeleton for a new dynamic plugin. (Robin Sommer) 0.33-11 | 2014-07-08 20:42:32 -0700 * Add more tests of bro-cut. (Daniel Thayer) * Fix bug in bro-cut when duplicate fields are specified. (Daniel Thayer) * Fix bug in bro-cut when log file has missing field. (Daniel Thayer) * Fix bug in bro-cut output of "#types" header line. (Daniel Thayer) * Fix bug in bro-cut when separator is not hexadecimal. (Daniel Thayer) * Adding test target to top-level Makefile. (Robin Sommer) 0.33-4 | 2014-06-26 17:31:25 -0700 * Test-suite for bro-cut. (Daniel Thayer) 0.33-2 | 2014-06-26 17:27:09 -0700 * Change bro-cut UTC options to not always override local time. (Daniel Thayer). * Updated the bro-cut usage message to make it more clear that the BRO_CUT_TIMEFMT environment variable affects only the -u and -d options. (Daniel Thayer). 0.33 | 2014-05-08 16:27:10 -0700 * Release 0.33. 0.32-5 | 2014-05-08 16:25:55 -0700 * Adding git-move-submodules scriptm, which moves all submodules to the head of a given branch and adapts parent modules correspondingly. (Robin Sommer) 0.32-4 | 2014-04-22 21:34:23 -0700 * A git hook script to prevent pushs when the external test suite has new commits pending. (Robin Sommer) 0.32 | 2013-11-01 05:24:56 -0700 * Extending Mozialla cert script to include source URL and copyright in output. (Robin Sommer) 0.31 | 2013-10-14 09:24:54 -0700 * Release. 0.3-5 | 2013-10-07 17:19:14 -0700 * Fix for release script. (Robin Sommer) * Updating copyright notice. (Robin Sommer) 0.3-3 | 2013-09-28 11:17:42 -0700 * Don't show error message in bro-cut when gawk not found, which could appear on some systems. (Daniel Thayer) 0.3-1 | 2013-09-24 13:41:02 -0700 * Fix for setting REPO in Makefile, and some tweaks to release scripts. (Robin Sommer) 0.3 | 2013-09-23 14:42:56 -0500 * Update 'make dist' target. (Jon Siwek) * Change submodules to fixed URL. (Jon Siwek) * make-release nows ignores modules that aren't tagged for release or beta. (Robin Sommer) * Prettyfing check-release output. (Robin Sommer) * Update gen-mozilla-ca-list.rb to retrieve the Mozilla root CA list from a current url. (Johanna Amann) 0.26-25 | 2013-09-18 14:44:35 -0700 * A set of README updates, including installation instructions and description of bro-cut. (Daniel Thayer) * Switching to relative submodule paths. (Robin Sommer) 0.26-21 | 2013-08-19 11:21:11 -0700 * Fixing git-show-fastpath handling of non-existing fastpath branches. (Robin Sommer) 0.26-19 | 2013-07-31 20:09:52 -0700 * Making git-show-fastpath save against repositories that don't have a fastpath. (Robin Sommer) 0.26-16 | 2013-05-17 07:45:24 -0700 * A negate option -n for bro-cut printing all fields *except* those listed on the command-line. (Robin Sommer) 0.26-14 | 2013-03-22 12:17:54 -0700 * Fixing bro-cut to work with older gawk versions. (Chris Kanich) * s/bro-ids.org/bro.org/g (Robin Sommer) 0.26-5 | 2012-11-01 14:24:25 -0700 * Portability fix: removing interface option on non-Linux. (Robin Sommer) 0.26-4 | 2012-10-31 14:39:03 -0700 * rst learns a new option "-i " to set the interface to use. (Vlad Grigorescu). 0.26 | 2012-08-24 15:10:04 -0700 * Fixing update-changes, which could pick the wrong control file. (Robin Sommer) * Fixing GPG signing script. (Robin Sommer) 0.25 | 2012-08-01 13:55:46 -0500 * Fix configure script to exit with non-zero status on error (Jon Siwek) 0.24 | 2012-07-05 12:50:43 -0700 * Raise minimum required CMake version to 2.6.3 (Jon Siwek) * Adding script to delete old fully-merged branches. (Robin Sommer) 0.23-2 | 2012-01-25 13:24:01 -0800 * Fix a bro-cut error message. (Daniel Thayer) 0.23 | 2012-01-11 12:16:11 -0800 * Tweaks to release scripts, plus a new one for signing files. (Robin Sommer) 0.22 | 2012-01-10 16:45:19 -0800 * Tweaks for OpenBSD support. (Jon Siwek) * bro-cut extensions and fixes. (Robin Sommer) - If no field names are given on the command line, we now pass through all fields. Adresses #657. - Removing some GNUism from awk script. Addresses #653. - Added option for time output in UTC. Addresses #668. - Added output field separator option -F. Addresses #649. - Fixing option -c: only some header lines were passed through rather than all. (Robin Sommer) * Fix parallel make portability. (Jon Siwek) 0.21-9 | 2011-11-07 05:44:14 -0800 * Fixing compiler warnings. Addresses #388. (Jon Siwek) 0.21-2 | 2011-11-02 18:12:13 -0700 * Fix for misnaming temp file in update-changes script. (Robin Sommer) 0.21-1 | 2011-11-02 18:10:39 -0700 * Little fix for make-release script, which could pick out the wrong tag. (Robin Sommer) 0.21 | 2011-10-27 17:40:45 -0700 * Fixing bro-cut's usage message and argument error handling. (Robin Sommer) * Bugfix in update-changes script. (Robin Sommer) * update-changes now ignores commits it did itself. (Robin Sommer) * Fix a bug in the update-changes script. (Robin Sommer) * bro-cut now always installs to $prefix/bin by `make install`. (Jon Siwek) * Options to adjust time format for bro-cut. (Robin Sommer) The default with -d is now ISO format. The new option "-D " specifies a custom strftime()-style format string. Alternatively, the environment variable BRO_CUT_TIMEFMT can set the format as well. * bro-cut now understands the field separator header. (Robin Sommer) * Renaming options -h/-H -> -c/-C, and doing some general cleanup. 0.2 | 2011-10-25 19:53:57 -0700 * Adding support for replacing version string in a setup.py. (Robin Sommer) * Change generated root cert DN indices format for RFC2253 compliance. (Jon Siwek) * New tool devel-tools/check-release to run before making releases. (Robin Sommer) * devel-tools/update-changes gets a new option -a to amend to previous commit if possible. Default is now not to (used to be the opposite). (Robin Sommer) * Change Mozilla trust root generation to index certs by subject DN. (Jon Siwek) * Change distclean to only remove build dir. (Jon Siwek) * Make dist now cleans the copied source (Jon Siwek) * Small tweak to make-release for forced git-clean. (Jon Siwek) * Fix to not let updates scripts loose their executable permissions. (Robin Sommer) * devel-tools/update-changes now looks for a 'release' tag to idenfify the stable version, and 'beta' for the beta versions. (Robin Sommer). * Distribution cleanup. (Robin Sommer) * New script devel-tools/make-release to create source tar balls. (Robin Sommer) * Removing bdcat. With the new log format, this isn't very useful anymore. (Robin Sommer) * Adding script that shows all pending git fastpath commits. (Robin Sommer) * Script to measure CPU time by loading an increasing set of scripts. (Robin Sommer) * extract-conn script now deals wit *.gz files. (Robin Sommer) * Tiny update to output a valid CA list file for SSL cert validation. (Seth Hall) * Adding "install-aux" target. Addresses #622. (Jon Siwek) * Distribution cleanup. (Jon Siwek and Robin Sommer) * FindPCAP now links against thread library when necessary (e.g. PF_RING's libpcap) (Jon Siwek) * Install binaries with an RPATH (Jon Siwek) * Workaround for FreeBSD CMake port missing debug flags (Jon Siwek) * Rewrite of the update-changes script. (Robin Sommer) 0.1-1 | 2011-06-14 21:12:41 -0700 * Add a script for generating Mozilla's CA list for the SSL analyzer. (Seth Hall) 0.1 | 2011-04-01 16:28:22 -0700 * Converting build process to CMake. (Jon Siwek) * Removing cf/hf/ca-* from distribution. The README has a note where to find them now. (Robin Sommer) * General cleanup. (Robin Sommer) * Initial import of bro/aux from SVN r7088. (Jon Siwek) bro-aux-0.42/devel-tools/000755 000765 000024 00000000000 13400006400 015165 5ustar00jonstaff000000 000000 bro-aux-0.42/rst/000755 000765 000024 00000000000 13400006400 013540 5ustar00jonstaff000000 000000 bro-aux-0.42/bro-cut/000755 000765 000024 00000000000 13400006400 014303 5ustar00jonstaff000000 000000 bro-aux-0.42/config.h.in000644 000765 000024 00000001332 13400006400 014752 0ustar00jonstaff000000 000000 /* These autoconf variables are obsolete; it's portable to assume C89 and signal handlers that return void */ #define RETSIGTYPE void #define RETSIGVAL /* Define if you have the `sigaction' function. */ #cmakedefine HAVE_SIGACTION /* Define if you have the `sigset' function. */ #cmakedefine HAVE_SIGSET /* Define if you have the header file. */ #cmakedefine HAVE_MEMORY_H /* Define if you have the `strerror' function. */ #cmakedefine HAVE_STRERROR /* should explicitly declare socket() and friends */ #cmakedefine DO_SOCK_DECL /* Compatibility for Darwin */ #cmakedefine NEED_NAMESER_COMPAT_H /* have os-proto.h */ #cmakedefine HAVE_OS_PROTO_H /* have sin_len field in sockaddr_in */ #cmakedefine SIN_LEN bro-aux-0.42/README000644 000765 000024 00000005725 13400006400 013621 0ustar00jonstaff000000 000000 .. -*- mode: rst; -*- .. .. Version number is filled in automatically. .. |version| replace:: 0.42 ====================== Bro Auxiliary Programs ====================== .. contents:: :Version: |version| Handy auxiliary programs related to the use of the Bro Network Security Monitor (http://www.bro.org). Installation ============ Installation is simple and standard:: ./configure make make install adtrace ======= The "adtrace" utility is used to compute the network address that compose the internal and extern nets that bro is monitoring. This program just reads a pcap (tcpdump) file and writes out the src MAC, dst MAC, src IP, dst IP for each packet seen in the file. bro-cut ======= The "bro-cut" utility reads ASCII Bro logs on standard input and outputs them to standard output with only the specified columns (the column names can be found in each log file in the "#fields" header line). If no column names are specified, then "bro-cut" simply outputs all columns. There are several command-line options available to modify the output (run "bro-cut -h" to see a list of all options). There are options to convert timestamps into human-readable format, and options to specify whether or not to include the format header lines in the output (by default, they're not included). For example, the following command will output the three specified columns from conn.log with the timestamps from the "ts" column being converted to human-readable format:: cat conn.log | bro-cut -d ts id.orig_h id.orig_p The specified order of the column names determines the output order of the columns (i.e., "bro-cut" can reorder the columns). The "bro-cut" utility can read the concatenation of one or more uncompressed ASCII log files (however, JSON format is not supported) produced by Bro version 2.0 or newer, as long as each log file contains format header lines (these are the lines at the beginning of the file starting with "#"). In fact, "bro-cut" can process the concatenation of multiple ASCII log files that have different column layouts. To read a compressed log file, a tool such as "zcat" must be used to uncompress the file. For example, "bro-cut" can read a group of compressed conn.log files with a command like this:: zcat conn.*.log.gz | bro-cut devel-tools =========== A set of scripts used commonly for Bro development. Note that none of these scripts are installed by 'make install'. extract-conn-by-uid Extracts a connection from a trace file based on its UID found in Bro's conn.log gen-mozilla-ca-list.rb Generates list of Mozilla SSL root certificates in a format readable by Bro. update-changes A script to maintain the CHANGES and VERSION files. git-show-fastpath Show commits to the fastpath branch not yet merged into master. cpu-bench-with-trace Run a number of Bro benchmarks on a trace file. rst === The "rst" utility can be invoked by a Bro script to terminate an established TCP connection by forging RST tear-down packets. bro-aux-0.42/testing/000755 000765 000024 00000000000 13400006401 014406 5ustar00jonstaff000000 000000 bro-aux-0.42/COPYING000644 000765 000024 00000003457 13400006400 013774 0ustar00jonstaff000000 000000 Copyright (c) 1995-2013, The Regents of the University of California through the Lawrence Berkeley National Laboratory and the International Computer Science Institute. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: (1) Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. (2) Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. (3) Neither the name of the University of California, Lawrence Berkeley National Laboratory, U.S. Dept. of Energy, International Computer Science Institute, nor the names of contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Note that some files in the distribution may carry their own copyright notices. bro-aux-0.42/setup.py000644 000765 000024 00000000000 13400006400 014430 0ustar00jonstaff000000 000000 bro-aux-0.42/VERSION000644 000765 000024 00000000005 13400006400 013773 0ustar00jonstaff000000 000000 0.42 bro-aux-0.42/btest000644 000765 000024 00000000000 13400006400 013762 0ustar00jonstaff000000 000000 bro-aux-0.42/adtrace/000755 000765 000024 00000000000 13400006400 014333 5ustar00jonstaff000000 000000 bro-aux-0.42/README.rst000755 000765 000024 00000000000 13400006400 015270 2READMEustar00jonstaff000000 000000 bro-aux-0.42/.travis.yml000644 000765 000024 00000000531 13400006400 015040 0ustar00jonstaff000000 000000 language: c compiler: - gcc - clang addons: apt: packages: - libpcap-dev branches: only: - master notifications: email: recipients: - bro-commits-internal@bro.org before_install: pip install --user btest install: ./configure && make script: make test BTEST=`which btest` after_failure: cat testing/diag.log bro-aux-0.42/adtrace/CMakeLists.txt000644 000765 000024 00000000315 13400006400 017072 0ustar00jonstaff000000 000000 set(adtrace_SRCS adtrace.c ether.h ethertype.h ip.h ) add_executable(adtrace ${adtrace_SRCS}) target_link_libraries(adtrace ${PCAP_LIBRARY} ${BIND_LIBRARY}) AddAuxInstallTarget(adtrace) bro-aux-0.42/adtrace/adtrace.c000644 000765 000024 00000003605 13400006400 016106 0ustar00jonstaff000000 000000 #include #include #include #include #include #include #include #include #include "ip.h" #include "ether.h" #include "ethertype.h" pcap_t *p; const u_char* printEAddr(const u_char* pkt, u_char* endp){ const struct ether_header *ep; int i=0; ep = (const struct ether_header*) pkt; if (pkt+ETHER_HDRLEN > endp || ntohs(ep->ether_type) != ETHERTYPE_IP){ return 0; } for (i = 0; i0) putchar(':'); printf("%02x", ep->ether_shost[i]); } putchar (' '); for (i = 0; i0) putchar(':'); printf("%02x", ep->ether_dhost[i]); } putchar(' '); return (pkt+ETHER_HDRLEN); } void printIPAddr(const u_char* pkt, u_char* endp){ const struct ip* iph; if (pkt+sizeof(struct ip) > endp) return; iph = (const struct ip*) pkt; fputs ((char*) inet_ntoa(iph->ip_src), stdout); putchar(' '); puts ((char*) inet_ntoa(iph->ip_dst)); } void handler(u_char *user, const struct pcap_pkthdr *head, const u_char *packet){ u_char* endp; endp =(u_char*) packet + head->caplen; packet = printEAddr(packet, endp); if (packet) printIPAddr(packet, endp); } void usage(char *av[]) { fprintf(stderr,"usage: %s filename \n", av[0]); exit(1); } int main (int argc, char *argv[]) { char *file; char errbuf[PCAP_ERRBUF_SIZE]; u_char* pkt, endp; struct pcap_pkthdr *head; if ( argc != 2 ) usage(argv); file = argv[1]; p = pcap_open_offline(file, errbuf); if(p==NULL){ fprintf (stderr, "cannot open %s: %s\n", file, errbuf); exit(2); } if (pcap_datalink(p) != DLT_EN10MB){ fputs ("sorry, currently only ethernet links supported\n", stderr); exit(1); //if it is not ethernet we are watching we won't have MACs } pcap_loop(p, -1, handler, NULL); pcap_close(p); return(0); } bro-aux-0.42/adtrace/ethertype.h000644 000765 000024 00000006650 13400006400 016524 0ustar00jonstaff000000 000000 /* * Copyright (c) 1993, 1994, 1996 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that: (1) source code distributions * retain the above copyright notice and this paragraph in its entirety, (2) * distributions including binary code include the above copyright notice and * this paragraph in its entirety in the documentation or other materials * provided with the distribution, and (3) all advertising materials mentioning * features or use of this software display the following acknowledgement: * ``This product includes software developed by the University of California, * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of * the University nor the names of its contributors may be used to endorse * or promote products derived from this software without specific prior * written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * * @(#) $Header$ (LBL) */ /* * Ethernet types. * * We wrap the declarations with #ifdef, so that if a file includes * , which may declare some of these, we don't * get a bunch of complaints from the C compiler about redefinitions * of these values. * * We declare all of them here so that no file has to include * if all it needs are ETHERTYPE_ values. */ #ifndef ETHERTYPE_PUP #define ETHERTYPE_PUP 0x0200 /* PUP protocol */ #endif #ifndef ETHERTYPE_IP #define ETHERTYPE_IP 0x0800 /* IP protocol */ #endif #ifndef ETHERTYPE_ARP #define ETHERTYPE_ARP 0x0806 /* Addr. resolution protocol */ #endif #ifndef ETHERTYPE_REVARP #define ETHERTYPE_REVARP 0x8035 /* reverse Addr. resolution protocol */ #endif #ifndef ETHERTYPE_NS #define ETHERTYPE_NS 0x0600 #endif #ifndef ETHERTYPE_SPRITE #define ETHERTYPE_SPRITE 0x0500 #endif #ifndef ETHERTYPE_TRAIL #define ETHERTYPE_TRAIL 0x1000 #endif #ifndef ETHERTYPE_MOPDL #define ETHERTYPE_MOPDL 0x6001 #endif #ifndef ETHERTYPE_MOPRC #define ETHERTYPE_MOPRC 0x6002 #endif #ifndef ETHERTYPE_DN #define ETHERTYPE_DN 0x6003 #endif #ifndef ETHERTYPE_LAT #define ETHERTYPE_LAT 0x6004 #endif #ifndef ETHERTYPE_SCA #define ETHERTYPE_SCA 0x6007 #endif #ifndef ETHERTYPE_REVARP #define ETHERTYPE_REVARP 0x8035 #endif #ifndef ETHERTYPE_LANBRIDGE #define ETHERTYPE_LANBRIDGE 0x8038 #endif #ifndef ETHERTYPE_DECDNS #define ETHERTYPE_DECDNS 0x803c #endif #ifndef ETHERTYPE_DECDTS #define ETHERTYPE_DECDTS 0x803e #endif #ifndef ETHERTYPE_VEXP #define ETHERTYPE_VEXP 0x805b #endif #ifndef ETHERTYPE_VPROD #define ETHERTYPE_VPROD 0x805c #endif #ifndef ETHERTYPE_ATALK #define ETHERTYPE_ATALK 0x809b #endif #ifndef ETHERTYPE_AARP #define ETHERTYPE_AARP 0x80f3 #endif #ifndef ETHERTYPE_8021Q #define ETHERTYPE_8021Q 0x8100 #endif #ifndef ETHERTYPE_IPX #define ETHERTYPE_IPX 0x8137 #endif #ifndef ETHERTYPE_IPV6 #define ETHERTYPE_IPV6 0x86dd #endif #ifndef ETHERTYPE_PPP #define ETHERTYPE_PPP 0x880b #endif #ifndef ETHERTYPE_MPLS #define ETHERTYPE_MPLS 0x8847 #endif #ifndef ETHERTYPE_MPLS_MULTI #define ETHERTYPE_MPLS_MULTI 0x8848 #endif #ifndef ETHERTYPE_PPPOED #define ETHERTYPE_PPPOED 0x8863 #endif #ifndef ETHERTYPE_PPPOES #define ETHERTYPE_PPPOES 0x8864 #endif #ifndef ETHERTYPE_LOOPBACK #define ETHERTYPE_LOOPBACK 0x9000 #endif bro-aux-0.42/adtrace/ip.h000644 000765 000024 00000013044 13400006400 015116 0ustar00jonstaff000000 000000 /* @(#) $Header$ (LBL) */ /* * Copyright (c) 1982, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)ip.h 8.2 (Berkeley) 6/1/94 */ /* * Definitions for internet protocol version 4. * Per RFC 791, September 1981. */ #define IPVERSION 4 /* * Structure of an internet header, naked of options. * * We declare ip_len and ip_off to be short, rather than u_short * pragmatically since otherwise unsigned comparisons can result * against negative integers quite easily, and fail in subtle ways. */ struct ip { u_int8_t ip_vhl; /* header length, version */ #define IP_V(ip) (((ip)->ip_vhl & 0xf0) >> 4) #define IP_HL(ip) ((ip)->ip_vhl & 0x0f) u_int8_t ip_tos; /* type of service */ u_int16_t ip_len; /* total length */ u_int16_t ip_id; /* identification */ u_int16_t ip_off; /* fragment offset field */ #define IP_DF 0x4000 /* dont fragment flag */ #define IP_MF 0x2000 /* more fragments flag */ #define IP_OFFMASK 0x1fff /* mask for fragmenting bits */ u_int8_t ip_ttl; /* time to live */ u_int8_t ip_p; /* protocol */ u_int16_t ip_sum; /* checksum */ struct in_addr ip_src,ip_dst; /* source and dest address */ }; #define IP_MAXPACKET 65535 /* maximum packet size */ /* * Definitions for IP type of service (ip_tos) */ #define IPTOS_LOWDELAY 0x10 #define IPTOS_THROUGHPUT 0x08 #define IPTOS_RELIABILITY 0x04 /* * Definitions for IP precedence (also in ip_tos) (hopefully unused) */ #define IPTOS_PREC_NETCONTROL 0xe0 #define IPTOS_PREC_INTERNETCONTROL 0xc0 #define IPTOS_PREC_CRITIC_ECP 0xa0 #define IPTOS_PREC_FLASHOVERRIDE 0x80 #define IPTOS_PREC_FLASH 0x60 #define IPTOS_PREC_IMMEDIATE 0x40 #define IPTOS_PREC_PRIORITY 0x20 #define IPTOS_PREC_ROUTINE 0x00 /* * Definitions for options. */ #define IPOPT_COPIED(o) ((o)&0x80) #define IPOPT_CLASS(o) ((o)&0x60) #define IPOPT_NUMBER(o) ((o)&0x1f) #define IPOPT_CONTROL 0x00 #define IPOPT_RESERVED1 0x20 #define IPOPT_DEBMEAS 0x40 #define IPOPT_RESERVED2 0x60 #define IPOPT_EOL 0 /* end of option list */ #define IPOPT_NOP 1 /* no operation */ #define IPOPT_RR 7 /* record packet route */ #define IPOPT_TS 68 /* timestamp */ #define IPOPT_SECURITY 130 /* provide s,c,h,tcc */ #define IPOPT_LSRR 131 /* loose source route */ #define IPOPT_SATID 136 /* satnet id */ #define IPOPT_SSRR 137 /* strict source route */ /* * Offsets to fields in options other than EOL and NOP. */ #define IPOPT_OPTVAL 0 /* option ID */ #define IPOPT_OLEN 1 /* option length */ #define IPOPT_OFFSET 2 /* offset within option */ #define IPOPT_MINOFF 4 /* min value of above */ /* * Time stamp option structure. */ struct ip_timestamp { u_int8_t ipt_code; /* IPOPT_TS */ u_int8_t ipt_len; /* size of structure (variable) */ u_int8_t ipt_ptr; /* index of current entry */ u_int8_t ipt_oflwflg; /* flags, overflow counter */ #define IPTS_OFLW(ip) (((ipt)->ipt_oflwflg & 0xf0) >> 4) #define IPTS_FLG(ip) ((ipt)->ipt_oflwflg & 0x0f) union ipt_timestamp { u_int32_t ipt_time[1]; struct ipt_ta { struct in_addr ipt_addr; u_int32_t ipt_time; } ipt_ta[1]; } ipt_timestamp; }; /* flag bits for ipt_flg */ #define IPOPT_TS_TSONLY 0 /* timestamps only */ #define IPOPT_TS_TSANDADDR 1 /* timestamps and addresses */ #define IPOPT_TS_PRESPEC 3 /* specified modules only */ /* bits for security (not byte swapped) */ #define IPOPT_SECUR_UNCLASS 0x0000 #define IPOPT_SECUR_CONFID 0xf135 #define IPOPT_SECUR_EFTO 0x789a #define IPOPT_SECUR_MMMM 0xbc4d #define IPOPT_SECUR_RESTR 0xaf13 #define IPOPT_SECUR_SECRET 0xd788 #define IPOPT_SECUR_TOPSECRET 0x6bc5 /* * Internet implementation parameters. */ #define MAXTTL 255 /* maximum time to live (seconds) */ #define IPDEFTTL 64 /* default ttl, from RFC 1340 */ #define IPFRAGTTL 60 /* time to live for frags, slowhz */ #define IPTTLDEC 1 /* subtracted when forwarding */ #define IP_MSS 576 /* default maximum segment size */ bro-aux-0.42/adtrace/ether.h000644 000765 000024 00000004644 13400006400 015623 0ustar00jonstaff000000 000000 /* @(#) $Header$ (LBL) */ /* * Copyright (c) 1982, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)if_ether.h 8.3 (Berkeley) 5/2/95 */ #define ETHERMTU 1500 /* * The number of bytes in an ethernet (MAC) address. */ #define ETHER_ADDR_LEN 6 /* * Structure of a DEC/Intel/Xerox or 802.3 Ethernet header. */ struct ether_header { u_int8_t ether_dhost[ETHER_ADDR_LEN]; u_int8_t ether_shost[ETHER_ADDR_LEN]; u_int16_t ether_type; }; /* * Length of a DEC/Intel/Xerox or 802.3 Ethernet header; note that some * compilers may pad "struct ether_header" to a multiple of 4 bytes, * for example, so "sizeof (struct ether_header)" may not give the right * answer. */ #define ETHER_HDRLEN 14 bro-aux-0.42/testing/btest.cfg000644 000765 000024 00000000630 13400006400 016206 0ustar00jonstaff000000 000000 [btest] TestDirs = bro-cut TmpDir = %(testbase)s/.tmp BaselineDir = %(testbase)s/Baseline IgnoreDirs = .svn CVS .tmp IgnoreFiles = *.tmp *.swp #* *.trace .DS_Store [environment] TZ=PST+8 LC_ALL=C PATH=%(testbase)s/../../../build/aux/bro-aux/bro-cut:%(testbase)s/../build/bro-cut:%(testbase)s/../../btest:%(default_path)s LOGS=%(testbase)s/Logs TMPDIR=%(testbase)s/.tmp SCRIPTS=%(testbase)s/Scripts bro-aux-0.42/testing/Makefile000644 000765 000024 00000000500 13400006400 016040 0ustar00jonstaff000000 000000 DIAG=diag.log BTEST=../../btest/btest all: cleanup btest-verbose # Showing all tests. btest-verbose: @$(BTEST) -j -f $(DIAG) brief: cleanup btest-brief # Brief output showing only failed tests. btest-brief: @$(BTEST) -j -b -f $(DIAG) cleanup: @rm -f $(DIAG) .PHONY: all btest-verbose brief btest-brief cleanup bro-aux-0.42/testing/bro-cut/000755 000765 000024 00000000000 13400006400 015760 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/000755 000765 000024 00000000000 13400006400 016127 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Logs/000755 000765 000024 00000000000 13400006400 015311 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Scripts/000755 000765 000024 00000000000 13400006400 016034 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Scripts/diff-time-zone000755 000765 000024 00000000517 13400006400 020602 0ustar00jonstaff000000 000000 #! /usr/bin/env bash # # Replace the time zone with "+0000". This is needed for any bro-cut tests # that convert UTC timestamps and show the time zone, because strftime # with the "%z" format string behaves differently on OS X (it just always # shows the local time zone instead of "+0000"). sed 's/[+-][0-9][0-9][0-9][0-9]/+0000/g' bro-aux-0.42/testing/Logs/multiple-times.log000644 000765 000024 00000000521 13400006400 020764 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path test #open 2014-04-01-23-16-29 #fields ts1 proto ts2 #types time enum time 1329843175.736107 tcp 1329843185.736107 1329843179.871641 udp 1329843179.982531 1329843194.151526 tcp 1329843204.151526 1329843204.987656 tcp 1329843255.123456 #close 2014-04-01-23-16-29 bro-aux-0.42/testing/Logs/missing-separator.log000644 000765 000024 00000000031 13400006400 021455 0ustar00jonstaff000000 000000 #separator #fields a hi bro-aux-0.42/testing/Logs/zerotime.log000644 000765 000024 00000001461 13400006400 017654 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path test #open 2014-04-01-23-15-51 #fields ts uid id.orig_h id.orig_p id.resp_h #types time string addr port addr 0000000000.000000 CjhGID4nQcgTWjvg4c 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 1329327786.524332 CCvvfg3TEfuqmmG4bh 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 1329327787.289095 CsRx2w45OKnoww6xl4 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 1329327795.571921 CRJuHdVW0XPVINV8a 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 1329327777.822004 CXWv6p3arKYeMETxOg 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 1329327800.017649 CPbrpk1qSsw6ESzHV4 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e #close 2014-04-01-23-15-51 bro-aux-0.42/testing/Logs/conn-tsv.log000644 000765 000024 00000001625 13400006400 017567 0ustar00jonstaff000000 000000 ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents 1329843175.736107 CHUSyo3gjtvVLqrHGk 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 1329843179.871641 CWMUpO2OZ5t5tLk6Hk 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 1329843194.151526 CtII2N2AidtNJlD9f7 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 1329843161.968492 CQyLvn3Dh4UDubXFRh 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) 1329843197.783443 CuFJh714tTrtlGOxl7 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) bro-aux-0.42/testing/Logs/time-optional.log000644 000765 000024 00000001173 13400006400 020577 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path kerberos #open 2015-04-21-19-22-29 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p request_type client service success error_msg from till cipher forwardable renewable client_cert_subject client_cert_fuid server_cert_subject server_cert_fuid #types time string addr port addr port string string string bool string time time string bool bool string string string string 1429583645.478441 CXWv6p3arKYeMETxOg 192.168.1.31 64889 192.168.1.32 88 TGS user/TEST.NET krbtgt/TEST.NET T - - 0.000000 aes256-cts-hmac-sha1-96 T F - - - - #close 2015-04-21-19-22-29 bro-aux-0.42/testing/Logs/test.log000644 000765 000024 00000001461 13400006400 016775 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path test #open 2014-04-01-23-15-51 #fields ts uid id.orig_h id.orig_p id.resp_h #types time string addr port addr 1329327783.316897 CjhGID4nQcgTWjvg4c 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 1329327786.524332 CCvvfg3TEfuqmmG4bh 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 1329327787.289095 CsRx2w45OKnoww6xl4 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 1329327795.571921 CRJuHdVW0XPVINV8a 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 1329327777.822004 CXWv6p3arKYeMETxOg 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 1329327800.017649 CPbrpk1qSsw6ESzHV4 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e #close 2014-04-01-23-15-51 bro-aux-0.42/testing/Logs/conn.log000644 000765 000024 00000002246 13400006400 016755 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents #types time string addr port addr port enum string interval count count string bool count string count count count count set[string] 1329843175.736107 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 1329843179.871641 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 1329843194.151526 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 1329843197.783443 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 1329843161.968492 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) #close 2014-04-01-23-15-49 bro-aux-0.42/testing/Logs/unset-field.log000644 000765 000024 00000001310 13400006400 020226 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field (unset_test) #path kerberos #open 2015-04-21-19-22-29 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p request_type client service success error_msg from till cipher forwardable renewable client_cert_subject client_cert_fuid server_cert_subject server_cert_fuid #types time string addr port addr port string string string bool string time time string bool bool string string string string 1429583645.478441 CXWv6p3arKYeMETxOg 192.168.1.31 64889 192.168.1.32 88 TGS user/TEST.NET krbtgt/TEST.NET T (unset_test) (unset_test) 0.000000 aes256-cts-hmac-sha1-96 T F (unset_test) (unset_test) (unset_test) (unset_test) #close 2015-04-21-19-22-29 bro-aux-0.42/testing/Logs/conntimelast.log000644 000765 000024 00000002256 13400006400 020521 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conntimelast #open 2014-04-01-23-15-49 #fields uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents ts #types string addr port addr port enum string interval count count string bool count string count count count count set[string] time CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 1329843175.736107 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 1329843179.871641 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 1329843194.151526 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 1329843197.783443 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) 1329843161.968492 #close 2014-04-01-23-15-49 bro-aux-0.42/testing/Logs/invalid-time.log000644 000765 000024 00000000141 13400006400 020372 0ustar00jonstaff000000 000000 #fields ts test #types time string hello a -12345.123456 b 77777777777777777777 c d 123456789 e bro-aux-0.42/testing/Logs/null-separator.log000644 000765 000024 00000000035 13400006400 020762 0ustar00jonstaff000000 000000 #separator \x00 #fields a hi bro-aux-0.42/testing/Logs/onecolumn.log000644 000765 000024 00000000266 13400006400 020017 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path onecolumn #open 2014-04-01-23-15-59 #fields id.orig_h #types addr 79.26.245.236 #close 2014-04-01-23-15-59 bro-aux-0.42/testing/Logs/conncomma.log000644 000765 000024 00000002243 13400006400 017767 0ustar00jonstaff000000 000000 #separator , #set_separator,, #empty_field,(empty) #unset_field,- #path,conn #open,2014-06-30-16-10-54 #fields,ts,uid,id.orig_h,id.orig_p,id.resp_h,id.resp_p,proto,service,duration,orig_bytes,resp_bytes,conn_state,local_orig,missed_bytes,history,orig_pkts,orig_ip_bytes,resp_pkts,resp_ip_bytes,tunnel_parents #types,time,string,addr,port,addr,port,enum,string,interval,count,count,string,bool,count,string,count,count,count,count,set[string] 1329843175.736107,CNbXUV0IZ29or3MK6,141.142.220.235,37604,199.233.217.249,56666,tcp,ftp-data,0.112432,0,342,SF,-,0,ShAdfFa,4,216,4,562,(empty) 1329843179.871641,CJ8woc3c6CfBLdiyp5,141.142.220.235,59378,199.233.217.249,56667,tcp,ftp-data,0.111218,0,77,SF,-,0,ShAdfFa,4,216,4,297,(empty) 1329843194.151526,CXlgj54ftP8Yc2GSnb,199.233.217.249,61920,141.142.220.235,33582,tcp,ftp-data,0.056211,342,0,SF,-,0,ShADaFf,5,614,3,164,(empty) 1329843161.968492,Czw8Gd1zEVn3Xz5x7i,141.142.220.235,50003,199.233.217.249,21,tcp,ftp,38.055625,180,3146,SF,-,0,ShAdDfFa,38,2164,25,4458,(empty) 1329843197.783443,Cys4aQ15qDqHzsIk3l,199.233.217.249,61918,141.142.220.235,37835,tcp,ftp-data,0.056005,77,0,SF,-,0,ShADaFf,5,349,3,164,(empty) #close,2014-06-30-16-10-55 bro-aux-0.42/testing/Baseline/bro-cut.not-columns/000755 000765 000024 00000000000 13400006400 021757 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.time-bad-logs/000755 000765 000024 00000000000 13400006400 022125 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.show-header/000755 000765 000024 00000000000 13400006400 021707 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.ofs/000755 000765 000024 00000000000 13400006400 020270 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.time-fmt/000755 000765 000024 00000000000 13400006400 021223 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.columns/000755 000765 000024 00000000000 13400006400 021161 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.help/000755 000765 000024 00000000000 13400006400 020431 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.time-header/000755 000765 000024 00000000000 13400006400 021665 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/000755 000765 000024 00000000000 13400006400 022622 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.bad-logs/000755 000765 000024 00000000000 13400006400 021171 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.no-options/000755 000765 000024 00000000000 13400006400 021606 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.time-fmt-env/000755 000765 000024 00000000000 13400006400 022011 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.time-optional/000755 000765 000024 00000000000 13400006400 022262 5ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.time-optional/out000644 000765 000024 00000000264 13400006400 023016 0ustar00jonstaff000000 000000 2015-04-21T02:34:05+0000 CXWv6p3arKYeMETxOg 192.168.1.31 64889 192.168.1.32 88 TGS user/TEST.NET krbtgt/TEST.NET T - - 1970-01-01T00:00:00+0000 aes256-cts-hmac-sha1-96 T F - - - - bro-aux-0.42/testing/Baseline/bro-cut.time-optional/out2000644 000765 000024 00000000366 13400006400 023103 0ustar00jonstaff000000 000000 2015-04-21T02:34:05+0000 CXWv6p3arKYeMETxOg 192.168.1.31 64889 192.168.1.32 88 TGS user/TEST.NET krbtgt/TEST.NET T (unset_test) (unset_test) 1970-01-01T00:00:00+0000 aes256-cts-hmac-sha1-96 T F (unset_test) (unset_test) (unset_test) (unset_test) bro-aux-0.42/testing/Baseline/bro-cut.time-fmt-env/env-utc000644 000765 000024 00000001260 13400006400 023314 0ustar00jonstaff000000 000000 1652_120221 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 1652_120221 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 1653_120221 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 1653_120221 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 1652_120221 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-fmt-env/env-local-fmt000644 000765 000024 00000001277 13400006400 024407 0ustar00jonstaff000000 000000 08 52 12 02 21 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 08 52 12 02 21 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 08 53 12 02 21 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 08 53 12 02 21 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 08 52 12 02 21 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-fmt-env/env-local000644 000765 000024 00000001260 13400006400 023613 0ustar00jonstaff000000 000000 0852_120221 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 0852_120221 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 0853_120221 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 0853_120221 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 0852_120221 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-fmt-env/env-utc-fmt000644 000765 000024 00000001277 13400006400 024110 0ustar00jonstaff000000 000000 16 52 12 02 21 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 16 52 12 02 21 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 16 53 12 02 21 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 16 53 12 02 21 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 16 52 12 02 21 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.no-options/tsv000644 000765 000024 00000000006 13400006400 022341 0ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.no-options/no-opts000644 000765 000024 00000001316 13400006400 023131 0ustar00jonstaff000000 000000 1329843175.736107 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 1329843179.871641 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 1329843194.151526 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 1329843197.783443 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 1329843161.968492 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.bad-logs/no-header-column000644 000765 000024 00000000005 13400006400 024244 0ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.bad-logs/missing-sep-header000644 000765 000024 00000000162 13400006400 024577 0ustar00jonstaff000000 000000 CjhGID4nQcgTWjvg4c tcp CCvvfg3TEfuqmmG4bh tcp CsRx2w45OKnoww6xl4 tcp CRJuHdVW0XPVINV8a tcp CXWv6p3arKYeMETxOg tcp bro-aux-0.42/testing/Baseline/bro-cut.bad-logs/missing-fields-header000644 000765 000024 00000000057 13400006400 025261 0ustar00jonstaff000000 000000 bro-cut: bad log header (missing #fields line) bro-aux-0.42/testing/Baseline/bro-cut.bad-logs/missing-separator000644 000765 000024 00000000062 13400006400 024561 0ustar00jonstaff000000 000000 bro-cut: bad log header (invalid #separator line) bro-aux-0.42/testing/Baseline/bro-cut.bad-logs/no-header-show000644 000765 000024 00000000005 13400006400 023727 0ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.bad-logs/no-header-not-column000644 000765 000024 00000000005 13400006400 025042 0ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.bad-logs/null-separator000644 000765 000024 00000000062 13400006400 024062 0ustar00jonstaff000000 000000 bro-cut: bad log header (invalid #separator line) bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/multiple-times000644 000765 000024 00000000330 13400006400 025513 0ustar00jonstaff000000 000000 2012-02-21T08:52:55-0800 tcp 2012-02-21T08:53:05-0800 2012-02-21T08:52:59-0800 udp 2012-02-21T08:52:59-0800 2012-02-21T08:53:14-0800 tcp 2012-02-21T08:53:24-0800 2012-02-21T08:53:24-0800 tcp 2012-02-21T08:54:15-0800 bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/both-2000644 000765 000024 00000001361 13400006400 023641 0ustar00jonstaff000000 000000 2012-02-21T08:52:55-0800 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 2012-02-21T08:52:59-0800 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 2012-02-21T08:53:14-0800 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 2012-02-21T08:53:17-0800 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 2012-02-21T08:52:41-0800 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/missing-header000644 000765 000024 00000000005 13400006400 025437 0ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/local000644 000765 000024 00000001361 13400006400 023640 0ustar00jonstaff000000 000000 2012-02-21T08:52:55-0800 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 2012-02-21T08:52:59-0800 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 2012-02-21T08:53:14-0800 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 2012-02-21T08:53:17-0800 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 2012-02-21T08:52:41-0800 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/different-col-order000644 000765 000024 00000002742 13400006400 026404 0ustar00jonstaff000000 000000 2012-02-21T08:52:55-0800 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 2012-02-21T08:52:59-0800 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 2012-02-21T08:53:14-0800 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 2012-02-21T08:53:17-0800 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 2012-02-21T08:52:41-0800 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 2012-02-21T08:52:55-0800 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 2012-02-21T08:52:59-0800 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 2012-02-21T08:53:14-0800 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 2012-02-21T08:53:17-0800 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) 2012-02-21T08:52:41-0800 bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/zero000644 000765 000024 00000001207 13400006400 023524 0ustar00jonstaff000000 000000 1970-01-01T00:00:00-0800 CjhGID4nQcgTWjvg4c 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 2012-02-15T17:43:06-0800 CCvvfg3TEfuqmmG4bh 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 2012-02-15T17:43:07-0800 CsRx2w45OKnoww6xl4 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 2012-02-15T17:43:15-0800 CRJuHdVW0XPVINV8a 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 2012-02-15T17:42:57-0800 CXWv6p3arKYeMETxOg 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 2012-02-15T17:43:20-0800 CPbrpk1qSsw6ESzHV4 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/no-timestamps000644 000765 000024 00000000016 13400006400 025342 0ustar00jonstaff000000 000000 79.26.245.236 bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/both-1000644 000765 000024 00000001361 13400006400 023640 0ustar00jonstaff000000 000000 2012-02-21T16:52:55+0000 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 2012-02-21T16:52:59+0000 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 2012-02-21T16:53:14+0000 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 2012-02-21T16:53:17+0000 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 2012-02-21T16:52:41+0000 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/time-last-col000644 000765 000024 00000001361 13400006400 025220 0ustar00jonstaff000000 000000 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 2012-02-21T08:52:55-0800 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 2012-02-21T08:52:59-0800 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 2012-02-21T08:53:14-0800 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 2012-02-21T08:53:17-0800 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) 2012-02-21T08:52:41-0800 bro-aux-0.42/testing/Baseline/bro-cut.time-conversion/utc000644 000765 000024 00000001361 13400006400 023341 0ustar00jonstaff000000 000000 2012-02-21T16:52:55+0000 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 2012-02-21T16:52:59+0000 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 2012-02-21T16:53:14+0000 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 2012-02-21T16:53:17+0000 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 2012-02-21T16:52:41+0000 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-header/multiple-times000644 000765 000024 00000000615 13400006400 024564 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path test #open 2014-04-01-23-16-29 #fields proto ts2 ts1 #types enum string string tcp 2012-02-21T08:53:05-0800 2012-02-21T08:52:55-0800 udp 2012-02-21T08:52:59-0800 2012-02-21T08:52:59-0800 tcp 2012-02-21T08:53:24-0800 2012-02-21T08:53:14-0800 tcp 2012-02-21T08:54:15-0800 2012-02-21T08:53:24-0800 #close 2014-04-01-23-16-29 bro-aux-0.42/testing/Baseline/bro-cut.time-header/different-col-order000644 000765 000024 00000001472 13400006400 025446 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields proto ts id.orig_h #types enum string addr tcp 2012-02-21T08:52:55-0800 141.142.220.235 tcp 2012-02-21T08:52:59-0800 141.142.220.235 tcp 2012-02-21T08:53:14-0800 199.233.217.249 tcp 2012-02-21T08:53:17-0800 199.233.217.249 tcp 2012-02-21T08:52:41-0800 141.142.220.235 #close 2014-04-01-23-15-49 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conntimelast #open 2014-04-01-23-15-49 #fields proto ts id.orig_h #types enum string addr tcp 2012-02-21T08:52:55-0800 141.142.220.235 tcp 2012-02-21T08:52:59-0800 141.142.220.235 tcp 2012-02-21T08:53:14-0800 199.233.217.249 tcp 2012-02-21T08:53:17-0800 199.233.217.249 tcp 2012-02-21T08:52:41-0800 141.142.220.235 #close 2014-04-01-23-15-49 bro-aux-0.42/testing/Baseline/bro-cut.time-header/missing-ts-one-file000644 000765 000024 00000001063 13400006400 025401 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields ts id.orig_h #types string addr 2012-02-21T08:52:55-0800 141.142.220.235 2012-02-21T08:52:59-0800 141.142.220.235 2012-02-21T08:53:14-0800 199.233.217.249 2012-02-21T08:53:17-0800 199.233.217.249 2012-02-21T08:52:41-0800 141.142.220.235 #close 2014-04-01-23-15-49 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path onecolumn #open 2014-04-01-23-15-59 #fields id.orig_h #types addr 79.26.245.236 #close 2014-04-01-23-15-59 bro-aux-0.42/testing/Baseline/bro-cut.time-header/different-field-separator000644 000765 000024 00000001457 13400006400 026644 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields proto ts id.orig_h #types enum string addr tcp 2012-02-21T08:52:55-0800 141.142.220.235 tcp 2012-02-21T08:52:59-0800 141.142.220.235 tcp 2012-02-21T08:53:14-0800 199.233.217.249 tcp 2012-02-21T08:53:17-0800 199.233.217.249 tcp 2012-02-21T08:52:41-0800 141.142.220.235 #close 2014-04-01-23-15-49 #separator , #set_separator,, #empty_field,(empty) #unset_field,- #path,conn #open,2014-06-30-16-10-54 #fields,proto,ts,id.orig_h #types,enum,string,addr tcp,2012-02-21T08:52:55-0800,141.142.220.235 tcp,2012-02-21T08:52:59-0800,141.142.220.235 tcp,2012-02-21T08:53:14-0800,199.233.217.249 tcp,2012-02-21T08:52:41-0800,141.142.220.235 tcp,2012-02-21T08:53:17-0800,199.233.217.249 #close,2014-06-30-16-10-55 bro-aux-0.42/testing/Baseline/bro-cut.time-header/nondefault-separator000644 000765 000024 00000000626 13400006400 025751 0ustar00jonstaff000000 000000 #separator , #set_separator,, #empty_field,(empty) #unset_field,- #path,conn #open,2014-06-30-16-10-54 #fields,proto,ts,id.orig_h #types,enum,string,addr tcp,2012-02-21T08:52:55-0800,141.142.220.235 tcp,2012-02-21T08:52:59-0800,141.142.220.235 tcp,2012-02-21T08:53:14-0800,199.233.217.249 tcp,2012-02-21T08:52:41-0800,141.142.220.235 tcp,2012-02-21T08:53:17-0800,199.233.217.249 #close,2014-06-30-16-10-55 bro-aux-0.42/testing/Baseline/bro-cut.time-header/ts-twice000644 000765 000024 00000001001 13400006400 023337 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields ts id.orig_h ts #types string addr string 2012-02-21T08:52:55-0800 141.142.220.235 2012-02-21T08:52:55-0800 2012-02-21T08:52:59-0800 141.142.220.235 2012-02-21T08:52:59-0800 2012-02-21T08:53:14-0800 199.233.217.249 2012-02-21T08:53:14-0800 2012-02-21T08:53:17-0800 199.233.217.249 2012-02-21T08:53:17-0800 2012-02-21T08:52:41-0800 141.142.220.235 2012-02-21T08:52:41-0800 #close 2014-04-01-23-15-49 bro-aux-0.42/testing/Baseline/bro-cut.time-header/utc-fmt000644 000765 000024 00000001441 13400006400 023167 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path test #open 2014-04-01-23-15-51 #fields ts uid id.orig_h id.orig_p id.resp_h #types string string addr port addr 17 43 12 02 15 CjhGID4nQcgTWjvg4c 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 17 43 12 02 15 CCvvfg3TEfuqmmG4bh 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 17 43 12 02 15 CsRx2w45OKnoww6xl4 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 17 43 12 02 15 CRJuHdVW0XPVINV8a 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 17 42 12 02 15 CXWv6p3arKYeMETxOg 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 17 43 12 02 15 CPbrpk1qSsw6ESzHV4 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e #close 2014-04-01-23-15-51 bro-aux-0.42/testing/Baseline/bro-cut.help/show-help000644 000765 000024 00000001743 13400006400 022267 0ustar00jonstaff000000 000000 bro-cut [options] [] Extracts the given columns from ASCII Bro logs on standard input, and outputs them to standard output. If no columns are given, all are selected. By default, bro-cut does not include format header blocks in the output. Example: cat conn.log | bro-cut -d ts id.orig_h id.orig_p -c Include the first format header block in the output. -C Include all format header blocks in the output. -d Convert time values into human-readable format. -D Like -d, but specify format for time (see strftime(3) for syntax). -F Sets a different output field separator character. -h Show help. -n Print all fields *except* those specified. -u Like -d, but print timestamps in UTC instead of local time. -U Like -D, but print timestamps in UTC instead of local time. For time conversion option -d or -u, the format string can be specified by setting an environment variable BRO_CUT_TIMEFMT. bro-aux-0.42/testing/Baseline/bro-cut.columns/all000644 000765 000024 00000001135 13400006400 021654 0ustar00jonstaff000000 000000 1329327783.316897 CjhGID4nQcgTWjvg4c 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 1329327786.524332 CCvvfg3TEfuqmmG4bh 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 1329327787.289095 CsRx2w45OKnoww6xl4 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 1329327795.571921 CRJuHdVW0XPVINV8a 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 1329327777.822004 CXWv6p3arKYeMETxOg 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 1329327800.017649 CPbrpk1qSsw6ESzHV4 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e bro-aux-0.42/testing/Baseline/bro-cut.columns/one-nonexistent-1000644 000765 000024 00000000351 13400006400 024376 0ustar00jonstaff000000 000000 CjhGID4nQcgTWjvg4c tcp CCvvfg3TEfuqmmG4bh tcp CsRx2w45OKnoww6xl4 tcp CRJuHdVW0XPVINV8a tcp CXWv6p3arKYeMETxOg tcp CjhGID4nQcgTWjvg4c CCvvfg3TEfuqmmG4bh CsRx2w45OKnoww6xl4 CRJuHdVW0XPVINV8a CXWv6p3arKYeMETxOg CPbrpk1qSsw6ESzHV4 bro-aux-0.42/testing/Baseline/bro-cut.columns/different-col-order000644 000765 000024 00000000560 13400006400 024737 0ustar00jonstaff000000 000000 1329843175.736107 CjhGID4nQcgTWjvg4c 1329843179.871641 CCvvfg3TEfuqmmG4bh 1329843194.151526 CsRx2w45OKnoww6xl4 1329843197.783443 CRJuHdVW0XPVINV8a 1329843161.968492 CXWv6p3arKYeMETxOg 1329843175.736107 CjhGID4nQcgTWjvg4c 1329843179.871641 CCvvfg3TEfuqmmG4bh 1329843194.151526 CsRx2w45OKnoww6xl4 1329843197.783443 CRJuHdVW0XPVINV8a 1329843161.968492 CXWv6p3arKYeMETxOg bro-aux-0.42/testing/Baseline/bro-cut.columns/nondefault-separator000644 000765 000024 00000000344 13400006400 025242 0ustar00jonstaff000000 000000 tcp CjhGID4nQcgTWjvg4c tcp CCvvfg3TEfuqmmG4bh tcp CsRx2w45OKnoww6xl4 tcp CRJuHdVW0XPVINV8a tcp CXWv6p3arKYeMETxOg tcp,CNbXUV0IZ29or3MK6 tcp,CJ8woc3c6CfBLdiyp5 tcp,CXlgj54ftP8Yc2GSnb tcp,Czw8Gd1zEVn3Xz5x7i tcp,Cys4aQ15qDqHzsIk3l bro-aux-0.42/testing/Baseline/bro-cut.columns/one000644 000765 000024 00000000136 13400006400 021665 0ustar00jonstaff000000 000000 CjhGID4nQcgTWjvg4c CCvvfg3TEfuqmmG4bh CsRx2w45OKnoww6xl4 CRJuHdVW0XPVINV8a CXWv6p3arKYeMETxOg bro-aux-0.42/testing/Baseline/bro-cut.columns/only000644 000765 000024 00000000016 13400006400 022062 0ustar00jonstaff000000 000000 79.26.245.236 bro-aux-0.42/testing/Baseline/bro-cut.columns/one-nonexistent-2000644 000765 000024 00000000351 13400006400 024377 0ustar00jonstaff000000 000000 CjhGID4nQcgTWjvg4c CCvvfg3TEfuqmmG4bh CsRx2w45OKnoww6xl4 CRJuHdVW0XPVINV8a CXWv6p3arKYeMETxOg CPbrpk1qSsw6ESzHV4 CjhGID4nQcgTWjvg4c tcp CCvvfg3TEfuqmmG4bh tcp CsRx2w45OKnoww6xl4 tcp CRJuHdVW0XPVINV8a tcp CXWv6p3arKYeMETxOg tcp bro-aux-0.42/testing/Baseline/bro-cut.columns/swap-order000644 000765 000024 00000000162 13400006400 023166 0ustar00jonstaff000000 000000 tcp CjhGID4nQcgTWjvg4c tcp CCvvfg3TEfuqmmG4bh tcp CsRx2w45OKnoww6xl4 tcp CRJuHdVW0XPVINV8a tcp CXWv6p3arKYeMETxOg bro-aux-0.42/testing/Baseline/bro-cut.time-fmt/local-fmt000644 000765 000024 00000001277 13400006400 023033 0ustar00jonstaff000000 000000 08 52 12 02 21 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 08 52 12 02 21 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 08 53 12 02 21 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 08 53 12 02 21 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 08 52 12 02 21 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-fmt/local-fmt-utc000644 000765 000024 00000001277 13400006400 023624 0ustar00jonstaff000000 000000 16 52 12 02 21 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 16 52 12 02 21 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 16 53 12 02 21 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 16 53 12 02 21 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 16 52 12 02 21 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-fmt/utc-fmt-local000644 000765 000024 00000001277 13400006400 023624 0ustar00jonstaff000000 000000 08 52 12 02 21 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 08 52 12 02 21 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 08 53 12 02 21 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 08 53 12 02 21 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 08 52 12 02 21 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-fmt/local-utc-fmt000644 000765 000024 00000001277 13400006400 023624 0ustar00jonstaff000000 000000 16 52 12 02 21 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 16 52 12 02 21 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 16 53 12 02 21 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 16 53 12 02 21 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 16 52 12 02 21 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-fmt/utc-fmt000644 000765 000024 00000001277 13400006400 022534 0ustar00jonstaff000000 000000 16 52 12 02 21 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 16 52 12 02 21 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 16 53 12 02 21 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 16 53 12 02 21 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 16 52 12 02 21 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-fmt/utc-local-fmt000644 000765 000024 00000001277 13400006400 023624 0ustar00jonstaff000000 000000 08 52 12 02 21 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 08 52 12 02 21 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 08 53 12 02 21 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 08 53 12 02 21 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 08 52 12 02 21 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.ofs/some-columns000644 000765 000024 00000000270 13400006400 022633 0ustar00jonstaff000000 000000 CjhGID4nQcgTWjvg4c,1329843175.736107 CCvvfg3TEfuqmmG4bh,1329843179.871641 CsRx2w45OKnoww6xl4,1329843194.151526 CRJuHdVW0XPVINV8a,1329843197.783443 CXWv6p3arKYeMETxOg,1329843161.968492 bro-aux-0.42/testing/Baseline/bro-cut.ofs/nondefault-separator000644 000765 000024 00000000344 13400006400 024351 0ustar00jonstaff000000 000000 tcp:CjhGID4nQcgTWjvg4c tcp:CCvvfg3TEfuqmmG4bh tcp:CsRx2w45OKnoww6xl4 tcp:CRJuHdVW0XPVINV8a tcp:CXWv6p3arKYeMETxOg tcp:CNbXUV0IZ29or3MK6 tcp:CJ8woc3c6CfBLdiyp5 tcp:CXlgj54ftP8Yc2GSnb tcp:Czw8Gd1zEVn3Xz5x7i tcp:Cys4aQ15qDqHzsIk3l bro-aux-0.42/testing/Baseline/bro-cut.ofs/only-column000644 000765 000024 00000000016 13400006400 022464 0ustar00jonstaff000000 000000 79.26.245.236 bro-aux-0.42/testing/Baseline/bro-cut.ofs/show-header000644 000765 000024 00000002213 13400006400 022417 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields.ts.uid.id.orig_h.id.orig_p.id.resp_h.id.resp_p.proto.service.duration.orig_bytes.resp_bytes.conn_state.local_orig.missed_bytes.history.orig_pkts.orig_ip_bytes.resp_pkts.resp_ip_bytes.tunnel_parents #types.time.string.addr.port.addr.port.enum.string.interval.count.count.string.bool.count.string.count.count.count.count.set[string] 1329843175.736107.CjhGID4nQcgTWjvg4c.141.142.220.235.37604.199.233.217.249.56666.tcp.ftp-data.0.112432.0.342.SF.-.0.ShAdfFa.4.216.4.562.(empty) 1329843179.871641.CCvvfg3TEfuqmmG4bh.141.142.220.235.59378.199.233.217.249.56667.tcp.ftp-data.0.111218.0.77.SF.-.0.ShAdfFa.4.216.4.297.(empty) 1329843194.151526.CsRx2w45OKnoww6xl4.199.233.217.249.61920.141.142.220.235.33582.tcp.ftp-data.0.056211.342.0.SF.-.0.ShADaFf.5.614.3.164.(empty) 1329843197.783443.CRJuHdVW0XPVINV8a.199.233.217.249.61918.141.142.220.235.37835.tcp.ftp-data.0.056005.77.0.SF.-.0.ShADaFf.5.349.3.164.(empty) 1329843161.968492.CXWv6p3arKYeMETxOg.141.142.220.235.50003.199.233.217.249.21.tcp.ftp.38.055625.180.3146.SF.-.0.ShAdDfFa.38.2164.25.4458.(empty) bro-aux-0.42/testing/Baseline/bro-cut.show-header/different-col-order-some000644 000765 000024 00000001306 13400006400 026425 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields ts uid #types time string 1329843175.736107 CjhGID4nQcgTWjvg4c 1329843179.871641 CCvvfg3TEfuqmmG4bh 1329843194.151526 CsRx2w45OKnoww6xl4 1329843197.783443 CRJuHdVW0XPVINV8a 1329843161.968492 CXWv6p3arKYeMETxOg #close 2014-04-01-23-15-49 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conntimelast #open 2014-04-01-23-15-49 #fields ts uid #types time string 1329843175.736107 CjhGID4nQcgTWjvg4c 1329843179.871641 CCvvfg3TEfuqmmG4bh 1329843194.151526 CsRx2w45OKnoww6xl4 1329843197.783443 CRJuHdVW0XPVINV8a 1329843161.968492 CXWv6p3arKYeMETxOg #close 2014-04-01-23-15-49 bro-aux-0.42/testing/Baseline/bro-cut.show-header/two-1st-withcols000644 000765 000024 00000001041 13400006400 024776 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields uid ts #types string time CjhGID4nQcgTWjvg4c 1329843175.736107 CCvvfg3TEfuqmmG4bh 1329843179.871641 CsRx2w45OKnoww6xl4 1329843194.151526 CRJuHdVW0XPVINV8a 1329843197.783443 CXWv6p3arKYeMETxOg 1329843161.968492 CjhGID4nQcgTWjvg4c 1329327783.316897 CCvvfg3TEfuqmmG4bh 1329327786.524332 CsRx2w45OKnoww6xl4 1329327787.289095 CRJuHdVW0XPVINV8a 1329327795.571921 CXWv6p3arKYeMETxOg 1329327777.822004 CPbrpk1qSsw6ESzHV4 1329327800.017649 bro-aux-0.42/testing/Baseline/bro-cut.show-header/one-all-nocols000644 000765 000024 00000002246 13400006400 024460 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents #types time string addr port addr port enum string interval count count string bool count string count count count count set[string] 1329843175.736107 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 1329843179.871641 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 1329843194.151526 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 1329843197.783443 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 1329843161.968492 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) #close 2014-04-01-23-15-49 bro-aux-0.42/testing/Baseline/bro-cut.show-header/both-c-opts-all000644 000765 000024 00000001343 13400006400 024540 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields uid ts #types string time CjhGID4nQcgTWjvg4c 1329843175.736107 CCvvfg3TEfuqmmG4bh 1329843179.871641 CsRx2w45OKnoww6xl4 1329843194.151526 CRJuHdVW0XPVINV8a 1329843197.783443 CXWv6p3arKYeMETxOg 1329843161.968492 #close 2014-04-01-23-15-49 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path test #open 2014-04-01-23-15-51 #fields uid ts #types string time CjhGID4nQcgTWjvg4c 1329327783.316897 CCvvfg3TEfuqmmG4bh 1329327786.524332 CsRx2w45OKnoww6xl4 1329327787.289095 CRJuHdVW0XPVINV8a 1329327795.571921 CXWv6p3arKYeMETxOg 1329327777.822004 CPbrpk1qSsw6ESzHV4 1329327800.017649 #close 2014-04-01-23-15-51 bro-aux-0.42/testing/Baseline/bro-cut.show-header/both-c-opts-one000644 000765 000024 00000001041 13400006400 024544 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields uid ts #types string time CjhGID4nQcgTWjvg4c 1329843175.736107 CCvvfg3TEfuqmmG4bh 1329843179.871641 CsRx2w45OKnoww6xl4 1329843194.151526 CRJuHdVW0XPVINV8a 1329843197.783443 CXWv6p3arKYeMETxOg 1329843161.968492 CjhGID4nQcgTWjvg4c 1329327783.316897 CCvvfg3TEfuqmmG4bh 1329327786.524332 CsRx2w45OKnoww6xl4 1329327787.289095 CRJuHdVW0XPVINV8a 1329327795.571921 CXWv6p3arKYeMETxOg 1329327777.822004 CPbrpk1qSsw6ESzHV4 1329327800.017649 bro-aux-0.42/testing/Baseline/bro-cut.show-header/two-all-withcols000644 000765 000024 00000001343 13400006400 025044 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields uid ts #types string time CjhGID4nQcgTWjvg4c 1329843175.736107 CCvvfg3TEfuqmmG4bh 1329843179.871641 CsRx2w45OKnoww6xl4 1329843194.151526 CRJuHdVW0XPVINV8a 1329843197.783443 CXWv6p3arKYeMETxOg 1329843161.968492 #close 2014-04-01-23-15-49 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path test #open 2014-04-01-23-15-51 #fields uid ts #types string time CjhGID4nQcgTWjvg4c 1329327783.316897 CCvvfg3TEfuqmmG4bh 1329327786.524332 CsRx2w45OKnoww6xl4 1329327787.289095 CRJuHdVW0XPVINV8a 1329327795.571921 CXWv6p3arKYeMETxOg 1329327777.822004 CPbrpk1qSsw6ESzHV4 1329327800.017649 #close 2014-04-01-23-15-51 bro-aux-0.42/testing/Baseline/bro-cut.show-header/different-col-order000644 000765 000024 00000004524 13400006400 025471 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents #types time string addr port addr port enum string interval count count string bool count string count count count count set[string] 1329843175.736107 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 1329843179.871641 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 1329843194.151526 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 1329843197.783443 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 1329843161.968492 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) #close 2014-04-01-23-15-49 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conntimelast #open 2014-04-01-23-15-49 #fields uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents ts #types string addr port addr port enum string interval count count string bool count string count count count count set[string] time CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 1329843175.736107 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 1329843179.871641 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 1329843194.151526 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 1329843197.783443 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) 1329843161.968492 #close 2014-04-01-23-15-49 bro-aux-0.42/testing/Baseline/bro-cut.show-header/nondefault-separator000644 000765 000024 00000001065 13400006400 025771 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields proto uid #types enum string tcp CjhGID4nQcgTWjvg4c tcp CCvvfg3TEfuqmmG4bh tcp CsRx2w45OKnoww6xl4 tcp CRJuHdVW0XPVINV8a tcp CXWv6p3arKYeMETxOg #close 2014-04-01-23-15-49 #separator , #set_separator,, #empty_field,(empty) #unset_field,- #path,conn #open,2014-06-30-16-10-54 #fields,proto,uid #types,enum,string tcp,CNbXUV0IZ29or3MK6 tcp,CJ8woc3c6CfBLdiyp5 tcp,CXlgj54ftP8Yc2GSnb tcp,Czw8Gd1zEVn3Xz5x7i tcp,Cys4aQ15qDqHzsIk3l #close,2014-06-30-16-10-55 bro-aux-0.42/testing/Baseline/bro-cut.show-header/one-1st-nocols000644 000765 000024 00000002213 13400006400 024411 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2014-04-01-23-15-49 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents #types time string addr port addr port enum string interval count count string bool count string count count count count set[string] 1329843175.736107 CjhGID4nQcgTWjvg4c 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 1329843179.871641 CCvvfg3TEfuqmmG4bh 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 1329843194.151526 CsRx2w45OKnoww6xl4 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 1329843197.783443 CRJuHdVW0XPVINV8a 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 1329843161.968492 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.time-bad-logs/no-header-time000644 000765 000024 00000000005 13400006400 024641 0ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.time-bad-logs/missing-types-header000644 000765 000024 00000000056 13400006400 026112 0ustar00jonstaff000000 000000 bro-cut: bad log header (missing #types line) bro-aux-0.42/testing/Baseline/bro-cut.time-bad-logs/invalid-time-field.err000644 000765 000024 00000000336 13400006400 026304 0ustar00jonstaff000000 000000 bro-cut: time field is not valid: hello bro-cut: time value out-of-range: -12345.123456 bro-cut: time value out-of-range: 77777777777777777777 bro-cut: time field is not valid: bro-cut: time field is not valid: 123456789 bro-aux-0.42/testing/Baseline/bro-cut.time-bad-logs/invalid-time-field000644 000765 000024 00000000076 13400006400 025516 0ustar00jonstaff000000 000000 hello a -12345.123456 b 77777777777777777777 c d 123456789 e bro-aux-0.42/testing/Baseline/bro-cut.not-columns/not-all000644 000765 000024 00000000006 13400006400 023244 0ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.not-columns/not-one-show-header000644 000765 000024 00000001232 13400006400 025463 0ustar00jonstaff000000 000000 #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path test #open 2014-04-01-23-15-51 #fields ts id.orig_h id.orig_p id.resp_h #types time addr port addr 1329327783.316897 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 1329327786.524332 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 1329327787.289095 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 1329327795.571921 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 1329327777.822004 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 1329327800.017649 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e bro-aux-0.42/testing/Baseline/bro-cut.not-columns/not-none000644 000765 000024 00000001135 13400006400 023437 0ustar00jonstaff000000 000000 1329327783.316897 CjhGID4nQcgTWjvg4c 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 1329327786.524332 CCvvfg3TEfuqmmG4bh 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 1329327787.289095 CsRx2w45OKnoww6xl4 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 1329327795.571921 CRJuHdVW0XPVINV8a 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 1329327777.822004 CXWv6p3arKYeMETxOg 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 1329327800.017649 CPbrpk1qSsw6ESzHV4 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e bro-aux-0.42/testing/Baseline/bro-cut.not-columns/not-two-swapped000644 000765 000024 00000000516 13400006400 024754 0ustar00jonstaff000000 000000 1329327783.316897 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 1329327786.524332 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 1329327787.289095 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 1329327795.571921 2001:470:4867:99::21 55785 1329327777.822004 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 1329327800.017649 2001:470:4867:99::21 55647 bro-aux-0.42/testing/Baseline/bro-cut.not-columns/not-only000644 000765 000024 00000000001 13400006400 023450 0ustar00jonstaff000000 000000 bro-aux-0.42/testing/Baseline/bro-cut.not-columns/different-col-order000644 000765 000024 00000002054 13400006400 025535 0ustar00jonstaff000000 000000 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) 141.142.220.235 37604 199.233.217.249 56666 tcp ftp-data 0.112432 0 342 SF - 0 ShAdfFa 4 216 4 562 (empty) 141.142.220.235 59378 199.233.217.249 56667 tcp ftp-data 0.111218 0 77 SF - 0 ShAdfFa 4 216 4 297 (empty) 199.233.217.249 61920 141.142.220.235 33582 tcp ftp-data 0.056211 342 0 SF - 0 ShADaFf 5 614 3 164 (empty) 199.233.217.249 61918 141.142.220.235 37835 tcp ftp-data 0.056005 77 0 SF - 0 ShADaFf 5 349 3 164 (empty) 141.142.220.235 50003 199.233.217.249 21 tcp ftp 38.055625 180 3146 SF - 0 ShAdDfFa 38 2164 25 4458 (empty) bro-aux-0.42/testing/Baseline/bro-cut.not-columns/not-one-twice000644 000765 000024 00000000754 13400006400 024400 0ustar00jonstaff000000 000000 1329327783.316897 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 1329327786.524332 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 1329327787.289095 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 1329327795.571921 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 1329327777.822004 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 1329327800.017649 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e bro-aux-0.42/testing/Baseline/bro-cut.not-columns/not-one-nonexistent000644 000765 000024 00000000754 13400006400 025643 0ustar00jonstaff000000 000000 1329327783.316897 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 1329327786.524332 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 1329327787.289095 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 1329327795.571921 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 1329327777.822004 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 1329327800.017649 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e bro-aux-0.42/testing/Baseline/bro-cut.not-columns/not-one000644 000765 000024 00000000754 13400006400 023267 0ustar00jonstaff000000 000000 1329327783.316897 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49186 2001:470:4867:99::21 1329327786.524332 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49187 2001:470:4867:99::21 1329327787.289095 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49188 2001:470:4867:99::21 1329327795.571921 2001:470:4867:99::21 55785 2001:470:1f11:81f:c999:d94:aa7c:2e3e 1329327777.822004 2001:470:1f11:81f:c999:d94:aa7c:2e3e 49185 2001:470:4867:99::21 1329327800.017649 2001:470:4867:99::21 55647 2001:470:1f11:81f:c999:d94:aa7c:2e3e bro-aux-0.42/testing/bro-cut/bad-logs.test000644 000765 000024 00000002332 13400006400 020351 0ustar00jonstaff000000 000000 # Test bro-cut with invalid log files. # # The "#separator" log header line is missing. # @TEST-EXEC: grep -v '^#separator' $LOGS/conn.log | bro-cut uid proto > missing-sep-header # @TEST-EXEC: btest-diff missing-sep-header # The "#fields" log header line is missing (show header). # @TEST-EXEC-FAIL: grep -v '^#fields' $LOGS/conn.log | bro-cut -C 2> missing-fields-header # @TEST-EXEC: btest-diff missing-fields-header # All log header lines are missing (show header). # @TEST-EXEC: grep -v '^#' $LOGS/conn.log | bro-cut -c > no-header-show # @TEST-EXEC: btest-diff no-header-show # All log header lines are missing (select column to show). # @TEST-EXEC: grep -v '^#' $LOGS/conn.log | bro-cut uid > no-header-column # @TEST-EXEC: btest-diff no-header-column # All log header lines are missing (select column to not show). # @TEST-EXEC: grep -v '^#' $LOGS/conn.log | bro-cut -n uid > no-header-not-column # @TEST-EXEC: btest-diff no-header-not-column # Separator is missing # @TEST-EXEC-FAIL: cat $LOGS/missing-separator.log | bro-cut 2> missing-separator # @TEST-EXEC: btest-diff missing-separator # Separator is \x00 # @TEST-EXEC-FAIL: cat $LOGS/null-separator.log | bro-cut 2> null-separator # @TEST-EXEC: btest-diff null-separator bro-aux-0.42/testing/bro-cut/columns.test000644 000765 000024 00000002504 13400006400 020342 0ustar00jonstaff000000 000000 # Test bro-cut with column names, but no other options. # # Select one column. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut uid > one # @TEST-EXEC: btest-diff one # Log file has only one column. # @TEST-EXEC: cat $LOGS/onecolumn.log | bro-cut id.orig_h > only # @TEST-EXEC: btest-diff only # Swap the order of two columns. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut proto uid > swap-order # @TEST-EXEC: btest-diff swap-order # Specify all columns in the log file. # @TEST-EXEC: cat $LOGS/test.log | bro-cut ts uid id.orig_h id.orig_p id.resp_h > all # @TEST-EXEC: btest-diff all # Log files use different field separators. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conncomma.log | bro-cut proto uid > nondefault-separator # @TEST-EXEC: btest-diff nondefault-separator # Column order changes between two log files. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conntimelast.log | bro-cut ts uid > different-col-order # @TEST-EXEC: btest-diff different-col-order # Specify a column name that exists only in the first log file. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/test.log | bro-cut uid proto > one-nonexistent-1 # @TEST-EXEC: btest-diff one-nonexistent-1 # Specify a column name that exists only in the second log file. # @TEST-EXEC: cat $LOGS/test.log $LOGS/conn.log | bro-cut uid proto > one-nonexistent-2 # @TEST-EXEC: btest-diff one-nonexistent-2 bro-aux-0.42/testing/bro-cut/time-conversion.test000644 000765 000024 00000003051 13400006400 022001 0ustar00jonstaff000000 000000 # Test bro-cut with time conversion options (-d/-u). # # Test -d option. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -d > local # @TEST-EXEC: btest-diff local # Test -u option. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -u > utc # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-time-zone btest-diff utc # Test that -u can override -d. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -d -u > both-1 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-time-zone btest-diff both-1 # Test that -d can override -u. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -u -d > both-2 # @TEST-EXEC: btest-diff both-2 # First time value is zero. # @TEST-EXEC: cat $LOGS/zerotime.log | bro-cut -u > zero # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-time-zone btest-diff zero # File has timestamp, but not in the first column. # @TEST-EXEC: cat $LOGS/conntimelast.log | bro-cut -d > time-last-col # @TEST-EXEC: btest-diff time-last-col # File has more than one time column, and some timestamps are duplicates. # @TEST-EXEC: cat $LOGS/multiple-times.log | bro-cut -d > multiple-times # @TEST-EXEC: btest-diff multiple-times # Column order changes between two log files. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conntimelast.log | bro-cut -d > different-col-order # @TEST-EXEC: btest-diff different-col-order # File has no timestamps. # @TEST-EXEC: cat $LOGS/onecolumn.log | bro-cut -d > no-timestamps # @TEST-EXEC: btest-diff no-timestamps # Input is missing the log header lines. # @TEST-EXEC: grep -v '^#' $LOGS/conn.log | bro-cut -d > missing-header # @TEST-EXEC: btest-diff missing-header bro-aux-0.42/testing/bro-cut/time-fmt-env.test000644 000765 000024 00000001427 13400006400 021175 0ustar00jonstaff000000 000000 # Test bro-cut with BRO_CUT_TIMEFMT environment variable. # # Output local time with format from environment. # @TEST-EXEC: cat $LOGS/conn.log | BRO_CUT_TIMEFMT="%H%M_%y%m%d" bro-cut -d > env-local # @TEST-EXEC: btest-diff env-local # Output UTC with format from environment. # @TEST-EXEC: cat $LOGS/conn.log | BRO_CUT_TIMEFMT="%H%M_%y%m%d" bro-cut -u > env-utc # @TEST-EXEC: btest-diff env-utc # The "-D" option overrides environment variable. # @TEST-EXEC: cat $LOGS/conn.log | BRO_CUT_TIMEFMT="%H%M_%y%m%d" bro-cut -D "%H %M %y %m %d" > env-local-fmt # @TEST-EXEC: btest-diff env-local-fmt # The "-U" option overrides environment variable. # @TEST-EXEC: cat $LOGS/conn.log | BRO_CUT_TIMEFMT="%H%M_%y%m%d" bro-cut -U "%H %M %y %m %d" > env-utc-fmt # @TEST-EXEC: btest-diff env-utc-fmt bro-aux-0.42/testing/bro-cut/not-columns.test000644 000765 000024 00000002730 13400006400 021141 0ustar00jonstaff000000 000000 # Test bro-cut with the -n option. # # Show all columns but one. # @TEST-EXEC: cat $LOGS/test.log | bro-cut -n uid > not-one # @TEST-EXEC: btest-diff not-one # Show all columns but two (and specify them in swapped order). # @TEST-EXEC: cat $LOGS/test.log | bro-cut -n id.resp_h uid > not-two-swapped # @TEST-EXEC: btest-diff not-two-swapped # Show all columns but one, but specify the same column twice. # @TEST-EXEC: cat $LOGS/test.log | bro-cut -n uid uid > not-one-twice # @TEST-EXEC: btest-diff not-one-twice # Column order changes between two log files. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conntimelast.log | bro-cut -n ts uid > different-col-order # @TEST-EXEC: btest-diff different-col-order # Don't show any columns. # @TEST-EXEC: cat $LOGS/test.log | bro-cut -n ts uid id.orig_h id.orig_p id.resp_h > not-all # @TEST-EXEC: btest-diff not-all # Don't show the only column in the log. # @TEST-EXEC: cat $LOGS/onecolumn.log | bro-cut -n id.orig_h > not-only # @TEST-EXEC: btest-diff not-only # Don't exclude any columns. # @TEST-EXEC: cat $LOGS/test.log | bro-cut -n > not-none # @TEST-EXEC: btest-diff not-none # Show all columns but one, and also specify a nonexistent column name. # @TEST-EXEC: cat $LOGS/test.log | bro-cut -n uid proto > not-one-nonexistent # @TEST-EXEC: btest-diff not-one-nonexistent # Show that the -n option also affects the header. # @TEST-EXEC: cat $LOGS/test.log | bro-cut -c -n uid > not-one-show-header # @TEST-EXEC: btest-diff not-one-show-header bro-aux-0.42/testing/bro-cut/time-header.test000644 000765 000024 00000002503 13400006400 021045 0ustar00jonstaff000000 000000 # Test bro-cut with both time conversion and show header options. # # Time format string does not affect the header timestamps. # @TEST-EXEC: cat $LOGS/test.log | bro-cut -C -U "%H %M %y %m %d" > utc-fmt # @TEST-EXEC: btest-diff utc-fmt # Log file uses non-default field separator. # @TEST-EXEC: cat $LOGS/conncomma.log | bro-cut -C -d proto ts id.orig_h > nondefault-separator # @TEST-EXEC: btest-diff nondefault-separator # Field separator changes between two log files. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conncomma.log | bro-cut -C -d proto ts id.orig_h > different-field-separator # @TEST-EXEC: btest-diff different-field-separator # Column order changes between two log files. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conntimelast.log | bro-cut -C -d proto ts id.orig_h > different-col-order # @TEST-EXEC: btest-diff different-col-order # One file has timestamps and one file does not. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/onecolumn.log | bro-cut -C -d ts id.orig_h > missing-ts-one-file # @TEST-EXEC: btest-diff missing-ts-one-file # Specify ts twice. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -C -d ts id.orig_h ts > ts-twice # @TEST-EXEC: btest-diff ts-twice # File has more than one time column. # @TEST-EXEC: cat $LOGS/multiple-times.log | bro-cut -C -d proto ts2 ts1 > multiple-times # @TEST-EXEC: btest-diff multiple-times bro-aux-0.42/testing/bro-cut/help.test000644 000765 000024 00000000156 13400006400 017613 0ustar00jonstaff000000 000000 # Test bro-cut with -h option. # # @TEST-EXEC-FAIL: bro-cut -h > show-help # @TEST-EXEC: btest-diff show-help bro-aux-0.42/testing/bro-cut/time-fmt.test000644 000765 000024 00000001721 13400006400 020404 0ustar00jonstaff000000 000000 # Test bro-cut with time conversion options (-D/-U). # # Test -D option. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -D "%H %M %y %m %d" > local-fmt # @TEST-EXEC: btest-diff local-fmt # Test -U option. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -U "%H %M %y %m %d" > utc-fmt # @TEST-EXEC: btest-diff utc-fmt # Output local time (-D overrides -u). # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -u -D "%H %M %y %m %d" > utc-local-fmt # @TEST-EXEC: btest-diff utc-local-fmt # Output UTC time, but with format string from -D. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -D "%H %M %y %m %d" -u > local-fmt-utc # @TEST-EXEC: btest-diff local-fmt-utc # Output UTC time (-U overrides -d). # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -d -U "%H %M %y %m %d" > local-utc-fmt # @TEST-EXEC: btest-diff local-utc-fmt # Output local time, but with format string from -U. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -U "%H %M %y %m %d" -d > utc-fmt-local # @TEST-EXEC: btest-diff utc-fmt-local bro-aux-0.42/testing/bro-cut/time-optional.test000644 000765 000024 00000000642 13400006400 021444 0ustar00jonstaff000000 000000 # Test bro-cut with time conversion when a time field is optional and no value # is set. # # @TEST-EXEC: cat $LOGS/time-optional.log | bro-cut -u > out 2>&1 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-time-zone btest-diff out # File has a non-default unset field string. # @TEST-EXEC: cat $LOGS/unset-field.log | bro-cut -u > out2 2>&1 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-time-zone btest-diff out2 bro-aux-0.42/testing/bro-cut/no-options.test000644 000765 000024 00000000420 13400006400 020762 0ustar00jonstaff000000 000000 # Test bro-cut without any command-line options. # # @TEST-EXEC: cat $LOGS/conn.log | bro-cut > no-opts # @TEST-EXEC: btest-diff no-opts # Log file in "tsv" (tab-separated-values) format. # @TEST-EXEC: cat $LOGS/conn-tsv.log | bro-cut > tsv # @TEST-EXEC: btest-diff tsv bro-aux-0.42/testing/bro-cut/time-bad-logs.test000644 000765 000024 00000001153 13400006400 021305 0ustar00jonstaff000000 000000 # Test bro-cut time conversion with invalid log files. # # The "#types" log header line is missing. # @TEST-EXEC-FAIL: grep -v '^#types' $LOGS/conn.log | bro-cut -d 2> missing-types-header # @TEST-EXEC: btest-diff missing-types-header # All log header lines are missing. # @TEST-EXEC: grep -v '^#' $LOGS/conn.log | bro-cut -d > no-header-time # @TEST-EXEC: btest-diff no-header-time # Time field is invalid or out of range # @TEST-EXEC: cat $LOGS/invalid-time.log | bro-cut -d > invalid-time-field 2> invalid-time-field.err # @TEST-EXEC: btest-diff invalid-time-field # @TEST-EXEC: btest-diff invalid-time-field.err bro-aux-0.42/testing/bro-cut/show-header.test000644 000765 000024 00000003134 13400006400 021070 0ustar00jonstaff000000 000000 # Test bro-cut with -c and -C options. # # Show first header for one log file. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -c > one-1st-nocols # @TEST-EXEC: btest-diff one-1st-nocols # Show all headers for one log file. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -C > one-all-nocols # @TEST-EXEC: btest-diff one-all-nocols # Show first header for two log files. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/test.log | bro-cut -c uid ts > two-1st-withcols # @TEST-EXEC: btest-diff two-1st-withcols # Show all headers for two log files. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/test.log | bro-cut -C uid ts > two-all-withcols # @TEST-EXEC: btest-diff two-all-withcols # Show all headers for two logs (-C overrides -c). # @TEST-EXEC: cat $LOGS/conn.log $LOGS/test.log | bro-cut -c -C uid ts > both-c-opts-all # @TEST-EXEC: btest-diff both-c-opts-all # Show first header for two logs (-c overrides -C). # @TEST-EXEC: cat $LOGS/conn.log $LOGS/test.log | bro-cut -C -c uid ts > both-c-opts-one # @TEST-EXEC: btest-diff both-c-opts-one # Log files use different field separators. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conncomma.log | bro-cut -C proto uid > nondefault-separator # @TEST-EXEC: btest-diff nondefault-separator # Column order changes between two log files. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conntimelast.log | bro-cut -C > different-col-order # @TEST-EXEC: btest-diff different-col-order # Column order changes between two log files (and don't show all columns). # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conntimelast.log | bro-cut -C ts uid > different-col-order-some # @TEST-EXEC: btest-diff different-col-order-some bro-aux-0.42/testing/bro-cut/ofs.test000644 000765 000024 00000001350 13400006400 017447 0ustar00jonstaff000000 000000 # Test bro-cut with -F option. # # Use a different field separator on two columns. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -F , uid ts > some-columns # @TEST-EXEC: btest-diff some-columns # Show that -F option is used even when field separator in log files changes. # @TEST-EXEC: cat $LOGS/conn.log $LOGS/conncomma.log | bro-cut -F : proto uid > nondefault-separator # @TEST-EXEC: btest-diff nondefault-separator # Field separator is not relevant because log has only one column. # @TEST-EXEC: cat $LOGS/onecolumn.log | bro-cut -F , > only-column # @TEST-EXEC: btest-diff only-column # Show header and use a different field separator. # @TEST-EXEC: cat $LOGS/conn.log | bro-cut -F . -c > show-header # @TEST-EXEC: btest-diff show-header bro-aux-0.42/bro-cut/bro-cut.c000644 000765 000024 00000043012 13400006400 016022 0ustar00jonstaff000000 000000 // See the file "COPYING" in the main distribution directory for copyright. #include #include #include // define required for FreeBSD #define _WITH_GETLINE #include #include #include #include /* The maximum length of converted timestamp that bro-cut can handle. */ #define MAX_TIMESTAMP_LEN 100 /* User-specified options that stay constant during a run of bro-cut. */ struct useropts { int showhdr; /* show log headers? (0=no, 1=only first, 2=all) */ int negate; /* show all but the specified columns? (0=no, 1=yes) */ int timeconv; /* do time conversion? (0=no, 1=local, 2=UTC) */ char **columns; /* array of user-specified column names */ int num_columns; /* number of user-specified column names */ const char *ofs; /* user-specified output field separator character */ const char *timefmt; /* strftime format string for time conversion */ }; /* Parameters that might change with each log file being processed. */ struct logparams { int *out_indexes; /* array of log file column indices to output */ int num_out_indexes; /* number of elements in "out_indexes" */ int idx_range; /* max. value in "out_indexes" plus one */ int *time_cols; /* array of columns (0=not timestamp, 1=timestamp) */ char **tmp_fields; /* array of pointers to each field on a line */ int num_fields; /* number of fields in log file */ char ifs[2]; /* input field separator character */ char ofs[2]; /* output field separator character */ char *unsetf; /* unset field string */ long prev_ts; /* previous timestamp */ }; int usage(void) { puts("\nbro-cut [options] []\n"); puts("Extracts the given columns from ASCII Bro logs on standard input, and outputs"); puts("them to standard output. If no columns are given, all are selected."); puts("By default, bro-cut does not include format header blocks in the output."); puts("\nExample: cat conn.log | bro-cut -d ts id.orig_h id.orig_p"); puts("\n -c Include the first format header block in the output."); puts(" -C Include all format header blocks in the output."); puts(" -d Convert time values into human-readable format."); puts(" -D Like -d, but specify format for time (see strftime(3) for syntax)."); puts(" -F Sets a different output field separator character."); puts(" -h Show help."); puts(" -n Print all fields *except* those specified."); puts(" -u Like -d, but print timestamps in UTC instead of local time."); puts(" -U Like -D, but print timestamps in UTC instead of local time.\n"); puts("For time conversion option -d or -u, the format string can be specified by"); puts("setting an environment variable BRO_CUT_TIMEFMT.\n"); exit(1); } /* Return the index in "haystack" where "needle" is located (or -1 if not * found). */ int string_index(char *haystack[], int haystack_size, const char *needle) { int i; for (i = 0; i < haystack_size; ++i) { if (!strcmp(haystack[i], needle)) { return i; } } return -1; } /* Return the input field separator from the log's "#separator " header line. */ char parsesep(const char *sepstr) { char ifs; if (!strncmp(sepstr, "\\x", 2)) { long sepval = strtol(sepstr + 2, NULL, 16); ifs = sepval; } else { ifs = sepstr[0]; } return ifs; } /* Determine the columns (if any) where the field is "time". Return 0 for * success, and non-zero otherwise. */ int find_timecol(const char *line, struct logparams *lp) { int i; int *tmpptr; char *copy_of_line; char *field_ptr; char *field; tmpptr = (int *) realloc(lp->time_cols, lp->idx_range * sizeof(int)); if (tmpptr == NULL) { fputs("bro-cut: out of memory\n", stderr); return 1; } lp->time_cols = tmpptr; if ((copy_of_line = strdup(line)) == NULL) { fputs("bro-cut: out of memory\n", stderr); return 1; } field_ptr = copy_of_line; int ret = 0; for (i = 0; i < lp->idx_range; ++i) { if ((field = strsep(&field_ptr, lp->ifs)) == NULL) { fputs("bro-cut: log header does not have enough fields\n", stderr); ret = 1; break; } /* Set value of 1 for each "time" column, or 0 otherwise */ lp->time_cols[i] = strcmp("time", field) ? 0 : 1; } free(copy_of_line); return ret; } /* Allocate memory for "out_indexes" and store index numbers there * corresponding to the columns in "line" that we want to output later. * Set the number of elements in "out_indexes". Also * store in "idx_range" the maximum value contained in "out_indexes" plus one. * Return 0 for success, and non-zero otherwise. */ int find_output_indexes(char *line, struct logparams *lp, struct useropts *bopts) { int idx; int *out_indexes; char *field_ptr; char *copy_of_line = NULL; char *field; /* Get the number of fields */ lp->num_fields = 0; field = line; while ((field = strchr(field, lp->ifs[0])) != NULL) { lp->num_fields++; field++; } lp->num_fields++; char **tmpptr; /* note: size is num_fields+1 because header lines have an extra field */ tmpptr = (char **) realloc(lp->tmp_fields, (lp->num_fields + 1) * sizeof(char *)); if (tmpptr == NULL) { return 1; } lp->tmp_fields = tmpptr; if (bopts->num_columns == 0) { /* No columns specified on cmd-line, so use all the columns */ out_indexes = (int *) realloc(lp->out_indexes, lp->num_fields * sizeof(int)); if (out_indexes == NULL) { return 1; } for (idx = 0; idx < lp->num_fields; ++idx) { out_indexes[idx] = idx; } lp->out_indexes = out_indexes; lp->idx_range = lp->num_fields; lp->num_out_indexes = lp->num_fields; return 0; } /* Set tmp_fields to point to each field on the line */ if ((copy_of_line = strdup(line)) == NULL) { return 1; } field_ptr = copy_of_line; idx = 0; while ((field = strsep(&field_ptr, lp->ifs)) != NULL) { lp->tmp_fields[idx++] = field; } int out_idx = 0; int maxval = 0; if (!bopts->negate) { /* One or more column names were specified on cmd-line */ out_indexes = (int *) realloc(lp->out_indexes, bopts->num_columns * sizeof(int)); if (out_indexes == NULL) { return 1; } for (idx = 0; idx < bopts->num_columns; ++idx) { out_indexes[idx] = string_index(lp->tmp_fields, lp->num_fields, bopts->columns[idx]); if (out_indexes[idx] > maxval) { maxval = out_indexes[idx]; } } out_idx = bopts->num_columns; } else { /* The "-n" option was specified on cmd-line */ out_indexes = (int *) realloc(lp->out_indexes, lp->num_fields * sizeof(int)); if (out_indexes == NULL) { return 1; } for (idx = 0; idx < lp->num_fields; ++idx) { if (string_index(bopts->columns, bopts->num_columns, lp->tmp_fields[idx]) == -1) { out_indexes[out_idx++] = idx; if (idx > maxval) { maxval = idx; } } } } free(copy_of_line); lp->out_indexes = out_indexes; lp->idx_range = maxval + 1; lp->num_out_indexes = out_idx; return 0; } /* * Try to convert a time value to a human-readable timestamp, and then output * the result. A valid time value is one or more digits followed by a decimal * point (everything after the decimal point is ignored). If the time * conversion fails for any reason, then just output the field unmodified. */ void output_time(const char *field, struct logparams *lp, struct useropts *bopts) { /* Buffer is declared static in order to reuse the timestamp string */ static char tbuf[MAX_TIMESTAMP_LEN]; char *tmp; long tl = strtol(field, &tmp, 10); if (tl < 0 || tl == LONG_MAX) { fprintf(stderr, "bro-cut: time value out-of-range: %s\n", field); } else if (*tmp != '.') { if (strcmp(field, lp->unsetf)) { /* field is not a valid value and is not the unset field string */ fprintf(stderr, "bro-cut: time field is not valid: %s\n", field); } } else if (tl == lp->prev_ts) { /* timestamp is same as the previous one, so skip the conversion */ fputs(tbuf, stdout); return; } else { time_t tt = tl; struct tm *tmptr; tmptr = bopts->timeconv == 1 ? localtime(&tt) : gmtime(&tt); if (tmptr) { if (strftime(tbuf, sizeof(tbuf), bopts->timefmt, tmptr)) { /* output the formatted timestamp */ fputs(tbuf, stdout); lp->prev_ts = tl; return; } else { fputs("bro-cut: failed to convert timestamp (try a shorter format string)\n", stderr); } } else { /* the time conversion will fail for large values */ fprintf(stderr, "bro-cut: time value out-of-range: %s\n", field); } } /* failed to convert, so just output the field without modification */ fputs(field, stdout); } /* Output the columns of "line" that the user specified. The value of "hdr" * indicates whether "line" is a header line or not (0=not header, 1=header). */ void output_indexes(int hdr, char *line, struct logparams *lp, struct useropts *bopts) { int i; char *field; int dotimeconv = 0; /* do a time conversion on this line? (0=no, 1=yes) */ int dotimetypeconv = 0; /* change time type on this line? (0=no, 1=yes) */ int idxrange = lp->idx_range + hdr; /* header lines have one extra field */ int firstdone = 0; /* If user selected time conversion and this line is not a header line, * then try to do a time conversion. */ if (bopts->timeconv && !hdr) { dotimeconv = 1; } for (i = 0; i < idxrange; ++i) { if ((field = strsep(&line, lp->ifs)) == NULL) { fputs("bro-cut: skipping log line (not enough fields)\n", stderr); return; } lp->tmp_fields[i] = field; } /* If user selected time conversion and this line is a "#types" header, * then try to change the "time" type field. */ if (bopts->timeconv && hdr && !strcmp(lp->tmp_fields[0], "#types")) { dotimetypeconv = 1; } if (hdr) { /* Output the initial "#" field on the header line */ fputs(lp->tmp_fields[0], stdout); firstdone = 1; } for (i = 0; i < lp->num_out_indexes; ++i) { int idxval = lp->out_indexes[i]; if (firstdone) fputs(lp->ofs, stdout); if (idxval != -1) { if (dotimeconv && lp->time_cols[idxval]) { /* output time field */ output_time(lp->tmp_fields[idxval], lp, bopts); } else if (dotimetypeconv && !strcmp("time", lp->tmp_fields[idxval + hdr])) { /* change the "time" type field to "string" */ fputs("string", stdout); } else { /* output the field without modification */ fputs(lp->tmp_fields[idxval + hdr], stdout); } } /* Note: even when idxval == -1, we still need to set "firstdone" so * that a separator is output. */ firstdone = 1; } putchar('\n'); } /* Reads one or more log files from stdin and outputs them to stdout according * to the options specified in "bopts". Returns 0 on success, and non-zero * otherwise. */ int bro_cut(struct useropts bopts) { int ret = 0; struct logparams lp; /* parameters specific to each log file */ int headers_seen = 0; /* 0=no header blocks seen, 1=one seen, 2=2+ seen */ int prev_line_hdr = 0; /* previous line was a header line? 0=no, 1=yes */ int prev_fields_line = 0; /* previous line was #fields line? 0=no, 1=yes */ ssize_t linelen; size_t linesize = 100000; char *line = (char *) malloc(linesize); if (line == NULL) { fputs("bro-cut: out of memory\n", stderr); return 1; } lp.out_indexes = NULL; lp.num_out_indexes = 0; lp.idx_range = 0; lp.time_cols = NULL; lp.tmp_fields = NULL; lp.num_fields = 0; lp.ofs[0] = '\t'; lp.ofs[1] = '\0'; lp.ifs[0] = '\t'; lp.ifs[1] = '\0'; lp.unsetf = strdup("-"); lp.prev_ts = -1; /* initialize with an invalid time value */ if (lp.unsetf == NULL) { fputs("bro-cut: out of memory\n", stderr); free(line); return 1; } while ((linelen = getline(&line, &linesize, stdin)) > 0) { /* Remove trailing '\n' */ line[linelen - 1] = '\0'; if (prev_fields_line && strncmp(line, "#types", 6)) { fputs("bro-cut: bad log header (missing #types line)\n", stderr); ret = 1; break; } /* Check if this line is a header line or not */ if (line[0] != '#') { prev_line_hdr = 0; output_indexes(0, line, &lp, &bopts); continue; } /* The rest of this loop is for header processing */ if (!prev_line_hdr) { /* Here we are transitioning from non-header to header line */ prev_line_hdr = 1; /* Once we've seen two header blocks, we stop counting them */ if (headers_seen < 2) { headers_seen++; } } if (!strncmp(line, "#separator ", 11)) { char ifs = parsesep(line + 11); if (ifs == '\0') { fputs("bro-cut: bad log header (invalid #separator line)\n", stderr); ret = 1; break; } lp.ifs[0] = ifs; /* If user-specified ofs is set, then use it. Otherwise, just * use the log file's input field separator. */ lp.ofs[0] = bopts.ofs[0] ? bopts.ofs[0] : lp.ifs[0]; } else if (!strncmp(line, "#unset_field", 12)) { if (line[12] && line[13]) { free(lp.unsetf); if ((lp.unsetf = strdup(line + 13)) == NULL) { fputs("bro-cut: out of memory\n", stderr); ret = 1; break; } } else { fputs("bro-cut: bad log header (invalid #unset_field line)\n", stderr); ret = 1; break; } } else if (!strncmp(line, "#fields", 7)) { prev_fields_line = 1; if (find_output_indexes(line + 8, &lp, &bopts)) { fputs("bro-cut: out of memory\n", stderr); ret = 1; break; } } else if (!strncmp(line, "#types", 6)) { if (!prev_fields_line) { fputs("bro-cut: bad log header (missing #fields line)\n", stderr); ret = 1; break; } prev_fields_line = 0; if (bopts.timeconv) { if (find_timecol(line + 7, &lp)) { ret = 1; break; } } } /* Decide if we want to output this header */ if (bopts.showhdr >= headers_seen) { if (!strncmp(line, "#fields", 7) || !strncmp(line, "#types", 6)) { /* Output a modified "#fields" or "#types" header line */ output_indexes(1, line, &lp, &bopts); } else { /* Output the header line with no changes */ puts(line); } } } free(lp.time_cols); free(lp.out_indexes); free(lp.tmp_fields); free(lp.unsetf); free(line); return ret; } int main(int argc, char *argv[]) { int c; char *envtimefmt = getenv("BRO_CUT_TIMEFMT"); struct useropts bopts; bopts.showhdr = 0; bopts.negate = 0; bopts.timeconv = 0; bopts.ofs = ""; bopts.timefmt = envtimefmt ? envtimefmt : "%Y-%m-%dT%H:%M:%S%z"; static struct option long_opts[] = { {"help", no_argument, 0, 'h'}, {0, 0, 0, 0} }; while ((c = getopt_long(argc, argv, "cCnF:duD:U:h", long_opts, NULL)) != -1) { switch (c) { case 'c': bopts.showhdr = 1; break; case 'C': bopts.showhdr = 2; break; case 'n': bopts.negate = 1; break; case 'F': if (strlen(optarg) != 1) { fputs("bro-cut: field separator must be a single character\n", stderr); exit(1); } bopts.ofs = optarg; break; case 'd': bopts.timeconv = 1; break; case 'u': bopts.timeconv = 2; break; case 'D': bopts.timeconv = 1; bopts.timefmt = optarg; break; case 'U': bopts.timeconv = 2; bopts.timefmt = optarg; break; default: usage(); break; } } if (bopts.timeconv && strlen(bopts.timefmt) == 0) { fputs("bro-cut: time format string cannot be empty\n", stderr); exit(1); } bopts.columns = &argv[optind]; bopts.num_columns = argc - optind; return bro_cut(bopts); } bro-aux-0.42/bro-cut/CMakeLists.txt000644 000765 000024 00000000214 13400006400 017040 0ustar00jonstaff000000 000000 set(brocut_SRCS bro-cut.c ) add_executable(bro-cut ${brocut_SRCS}) install(FILES bro-cut.1 DESTINATION ${BRO_MAN_INSTALL_PATH}/man1) bro-aux-0.42/bro-cut/bro-cut.1000644 000765 000024 00000004163 13400006400 015744 0ustar00jonstaff000000 000000 .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.46.4. .TH BRO-CUT "1" "November 2014" "bro-cut " "User Commands" .SH NAME bro-cut \- parse Bro logs .SH SYNOPSIS .B bro\-cut [\fIoptions\fR] [\fIcolumns\fR] .SH DESCRIPTION Extracts the given columns from ASCII Bro logs on standard input, and outputs them to standard output. If no field names are given, all are selected. By default, .B bro\-cut does not include format header blocks in the output. .PP Columns are specified as a list of space-separated field names. The order of field names given to \fBbro-cut\fR determines the output order, which means \fBbro-cut\fR can be used to reorder columns. .PP The ASCII Bro logs read on standard input must have intact format header blocks because \fBbro-cut\fR needs this information to correctly interpret the log file format. In fact, \fBbro-cut\fR can process the concatenation of multiple ASCII log files that have different column layouts. .SH OPTIONS .TP \fB\-c\fR Include the first format header block in the output. .TP \fB\-C\fR Include all format header blocks in the output. .TP \fB\-d\fR Convert time values into human\-readable format. .HP \fB\-D\fR Like \fB\-d\fR, but specify format for time (see strftime(3) for syntax). .HP \fB\-F\fR Sets a different output field separator character. .TP \fB\-h\fR Show help. .TP \fB\-n\fR Print all fields except those specified. .TP \fB\-u\fR Like \fB\-d\fR, but print timestamps in UTC instead of local time. .HP \fB\-U\fR Like \fB\-D\fR, but print timestamps in UTC instead of local time. .SH ENVIRONMENT .TP .B BRO_CUT_TIMEFMT For time conversion option \fB\-d\fR or \fB\-u\fR, the format string can be specified by setting this environment variable. .SH EXAMPLES Output three columns and convert time values: .br cat conn.log | bro-cut -d ts id.orig_h id.orig_p .PP Output all columns and convert time values with a custom format string: .br cat conn.log | bro-cut -D "%Y-%m-%d %H:%M:%S" .PP Compressed logs must be uncompressed with another utility: .br zcat conn.log.gz | bro-cut .SH SEE ALSO strftime(3) .SH AUTHOR .B bro-cut was written by The Bro Project . bro-aux-0.42/rst/CMakeLists.txt000644 000765 000024 00000000200 13400006400 016270 0ustar00jonstaff000000 000000 set(rst_SRCS rst.c ) add_executable(rst ${rst_SRCS}) target_link_libraries(rst ${BIND_LIBRARY}) AddAuxInstallTarget(rst) bro-aux-0.42/rst/rst.c000644 000765 000024 00000023576 13400006400 014531 0ustar00jonstaff000000 000000 /* Derived from traceroute, which has the following copyright: * * Copyright (c) 1999, 2002 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that: (1) source code distributions * retain the above copyright notice and this paragraph in its entirety, (2) * distributions including binary code include the above copyright notice and * this paragraph in its entirety in the documentation or other materials * provided with the distribution, and (3) all advertising materials mentioning * features or use of this software display the following acknowledgement: * ``This product includes software developed by the University of California, * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of * the University nor the names of its contributors may be used to endorse * or promote products derived from this software without specific prior * written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1999, 2002\nThe Regents of the University of California. All rights reserved.\n"; #endif /* need this due to linux's funny idea of a tcphdr */ #if defined(__linux__) #define _DEFAULT_SOURCE #define _BSD_SOURCE /* Deprecated, but still needed by older Linux. */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include "config.h" /* Forwards */ void gripe(const char *, const char *); void pgripe(const char *); u_short in_cksum(register u_short *, register int); int ones_complement_checksum(const void *, int, u_int32_t); int tcp_checksum(const struct ip *, const struct tcphdr *, int); void send_pkt(int, struct in_addr, int, u_int32_t, struct in_addr, int, u_int32_t, int, int, int, int, const char *); void terminate(int, const char *, int, u_int32_t, const char *, int, u_int32_t, int, int, int, int, const char *); void usage(void); int main(int, char **); const char *prog_name; void gripe(const char *fmt, const char *arg) { fprintf(stderr, "%s: ", prog_name); fprintf(stderr, fmt, arg); fprintf(stderr, "\n"); } void pgripe(const char *msg) { fprintf(stderr, "%s: %s (%s)\n", prog_name, msg, strerror(errno)); exit(1); } /* * Checksum routine for Internet Protocol family headers (C Version) */ u_short in_cksum(register u_short *addr, register int len) { register int nleft = len; register u_short *w = addr; register u_short answer; register int sum = 0; /* * Our algorithm is simple, using a 32 bit accumulator (sum), * we add sequential 16 bit words to it, and at the end, fold * back all the carry bits from the top 16 bits into the lower * 16 bits. */ while (nleft > 1) { sum += *w++; nleft -= 2; } /* mop up an odd byte, if necessary */ if (nleft == 1) sum += *(u_char *)w; /* * add back carry outs from top 16 bits to low 16 bits */ sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */ sum += (sum >> 16); /* add carry */ answer = ~sum; /* truncate to 16 bits */ return (answer); } // - adapted from tcpdump // Returns the ones-complement checksum of a chunk of b short-aligned bytes. int ones_complement_checksum(const void *p, int b, u_int32_t sum) { const u_short *sp = (u_short *) p; // better be aligned! b /= 2; // convert to count of short's /* No need for endian conversions. */ while ( --b >= 0 ) sum += *sp++; while ( sum > 0xffff ) sum = (sum & 0xffff) + (sum >> 16); return sum; } int tcp_checksum(const struct ip *ip, const struct tcphdr *tp, int len) { int tcp_len = tp->th_off * 4 + len; u_int32_t sum, addl_pseudo; if ( len % 2 == 1 ) // Add in pad byte. sum = htons(((const u_char*) tp)[tcp_len - 1] << 8); else sum = 0; sum = ones_complement_checksum((void*) &ip->ip_src.s_addr, 4, sum); sum = ones_complement_checksum((void*) &ip->ip_dst.s_addr, 4, sum); addl_pseudo = (htons(IPPROTO_TCP) << 16) | htons((unsigned short) tcp_len); sum = ones_complement_checksum((void*) &addl_pseudo, 4, sum); sum = ones_complement_checksum((void*) tp, tcp_len, sum); return sum; } void send_pkt(int s, struct in_addr from, int from_port, u_int32_t from_seq, struct in_addr to, int to_port, u_int32_t to_seq, int size, int redundancy, int delay, int flags, const char *inject) { int cc; int pktlen = 40 + size; const int max_injection_size = 4096; char *pkt = malloc(pktlen + max_injection_size + 1024 /* slop */); struct ip *ip = (struct ip *) pkt; struct tcphdr *tcp = (struct tcphdr *) &pkt[20]; if ( ! pkt ) pgripe("couldn't malloc memory"); if ( inject && *inject ) { size = strlen(inject); if ( size > max_injection_size ) gripe("injection text too large%s", ""); pktlen = 40 + size; } memset(pkt, 0, pktlen); ip->ip_v = IPVERSION; ip->ip_len = pktlen; /* on FreeBSD, don't use htons(); YMMV */ ip->ip_off = 0; ip->ip_src = from; ip->ip_dst = to; ip->ip_hl = 5; ip->ip_p = IPPROTO_TCP; ip->ip_ttl = 255; ip->ip_id = 0; ip->ip_sum = in_cksum((u_short *) ip, sizeof(*ip)); if (ip->ip_sum == 0) ip->ip_sum = 0xffff; tcp->th_sport = htons(from_port); tcp->th_dport = htons(to_port); tcp->th_seq = htonl(from_seq); tcp->th_ack = htonl(to_seq); tcp->th_off = 5; tcp->th_flags = flags; tcp->th_win = 0; tcp->th_urp = 0; tcp->th_sum = 0; if ( inject && *inject ) { char *payload = &pkt[40]; strcpy(payload, inject); } else if ( size > 0 ) { const char *fill_string = (inject && *inject) ? inject : "BRO-RST\n"; char *payload = &pkt[40]; int n = strlen(fill_string); int i; for ( i = size; i > n + 1; i -= n ) { strcpy(payload, fill_string); payload += n; } for ( ; i > 0; --i ) *(payload++) = '\n'; } tcp->th_sum = ~tcp_checksum(ip, tcp, size); while ( redundancy-- > 0 ) { cc = send(s, (char *) ip, pktlen, 0); if (cc < 0 || cc != pktlen) pgripe("problem in sendto()"); usleep(delay * 1000); } free(pkt); } void terminate(int s, const char *from_addr, int from_port, u_int32_t from_seq, const char *to_addr, int to_port, u_int32_t to_seq, int num, int redundancy, int stride, int delay, const char *inject) { struct sockaddr_in where_from, where_to; struct sockaddr_in *from = (struct sockaddr_in *) &where_from; struct sockaddr_in *to = (struct sockaddr_in *) &where_to; memset(from, 0, sizeof(*from)); memset(to, 0, sizeof(*to)); #ifdef SIN_LEN from->sin_len = to->sin_len = sizeof(*to); #endif /* SIN_LEN */ from->sin_family = to->sin_family = AF_INET; if ( inet_aton(from_addr, (struct in_addr *) &from->sin_addr) == 0 ) gripe("bad from address %s", from_addr); if ( inet_aton(to_addr, (struct in_addr *) &to->sin_addr) == 0 ) gripe("bad to address %s", to_addr); if ( connect(s, (struct sockaddr *) &where_to, sizeof(where_to)) < 0 ) pgripe("can't connect"); while ( num-- > 0 ) { send_pkt(s, from->sin_addr, from_port, from_seq, to->sin_addr, to_port, to_seq, 0, redundancy, delay, (*inject ? 0 : TH_RST) | TH_ACK, inject); if ( num > 0 && stride > 1 ) send_pkt(s, from->sin_addr, from_port, from_seq, to->sin_addr, to_port, to_seq, stride, redundancy, delay, TH_ACK, inject); from_seq += stride; } } void usage() { #if defined(__linux__) fprintf(stderr, "%s [-R] [-I text-to-inject] [-i interface] [-d delay-msec] [-n num] [-r redundancy] [-s stride] from_addr from_port from_seq to_addr to_port to_seq\n", prog_name); #else fprintf(stderr, "%s [-R] [-I text-to-inject] [-d delay-msec] [-n num] [-r redundancy] [-s stride] from_addr from_port from_seq to_addr to_port to_seq\n", prog_name); #endif exit(0); } int main(int argc, char **argv) { extern char* optarg; extern int optind, opterr; const char *from_addr, *to_addr; char inject[8192]; int from_port, to_port; u_int32_t from_seq, to_seq; int delay = 0.0; int redundancy = 1; int num = 1; int stride = 1; int reverse = 0; int s; int on = 1; int op; prog_name = argv[0]; opterr = 0; inject[0] = 0; #if defined(__linux__) char *interface = NULL; while ( (op = getopt(argc, argv, "RI:i:d:n:r:s:")) != EOF ) #else while ( (op = getopt(argc, argv, "RI:d:n:r:s:")) != EOF ) #endif switch ( op ) { case 'R': reverse = 1; break; case 'I': { char *ap = optarg; char *ip; for ( ip = inject; *ap; ++ip, ++ap ) { if ( ap[0] == '\\' && ap[1] == 'n' ) *ip = '\n', ++ap; else *ip = *ap; } } break; #if defined(__linux__) case 'i': interface = optarg; break; #endif case 'd': delay = atoi(optarg); break; case 'n': num = atoi(optarg); break; case 'r': redundancy = atoi(optarg); break; case 's': stride = atoi(optarg); break; default: usage(); break; } if ( argc - optind != 6 ) usage(); s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); if ( s < 0 ) pgripe("couldn't create raw socket"); setuid(getuid()); if ( setsockopt(s, 0, IP_HDRINCL, (char *) &on, sizeof(on)) < 0 ) pgripe("can't turn on IP_HDRINCL"); #if defined(__linux__) if ( interface ){ if ( setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, interface, strlen(interface)) < 0 ) pgripe("can't set interface"); } #endif from_addr = argv[optind++]; from_port = atoi(argv[optind++]); from_seq = strtoul(argv[optind++], 0, 10); to_addr = argv[optind++]; to_port = atoi(argv[optind++]); to_seq = strtoul(argv[optind++], 0, 10); if ( reverse ) terminate(s, to_addr, to_port, to_seq, from_addr, from_port, from_seq, num, redundancy, stride, delay, inject); else terminate(s, from_addr, from_port, from_seq, to_addr, to_port, to_seq, num, redundancy, stride, delay, inject); return 0; } bro-aux-0.42/devel-tools/git-show-fastpath000755 000765 000024 00000000634 13400006400 020467 0ustar00jonstaff000000 000000 #! /usr/bin/env bash # # Shows pending fastpath commits for all modules. show="git show-ref -q origin/fastpath && git --no-pager log --format=oneline origin/fastpath ^master || exit 0" ( echo "Entering " && eval $show && git submodule foreach --recursive "$show" ) | awk ' /Entering/ { current = $2; next } { if ( current != "" ) print "==" current; print; current = ""; } ' bro-aux-0.42/devel-tools/gen-mozilla-ca-list.rb000755 000765 000024 00000004373 13400006400 021274 0ustar00jonstaff000000 000000 #!/usr/bin/env ruby tmpcert = "/tmp/tmpcert.der" incert=false intrust=false if ARGV.length != 1 abort "\nPass path to the certdata.txt you want to add as first input argument to this script\n\n"+ "certdata.txt can be retrieved from the newest NSS release." end url = 'http://mxr.mozilla.org/mozilla-central/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1' io = open(ARGV[0]); puts "# Don't edit! This file is automatically generated." puts "# Generated at: #{Time.now}" puts "# Generated from: #{url}" puts "#" puts "# The original source file comes with this licensing statement:" puts "#" puts "# This Source Code Form is subject to the terms of the Mozilla Public" puts "# License, v. 2.0. If a copy of the MPL was not distributed with this" puts "# file, You can obtain one at http://mozilla.org/MPL/2.0/." puts "" puts "@load base/protocols/ssl" puts "module SSL;"; puts "redef root_certs += {"; all_certs = [] all_subjects = [] cert_name = "" cert = "" io.each do |line| line.chomp! if intrust if line =~ /^CKA_TRUST_SERVER_AUTH/ if line =~ /CKT_NSS_TRUSTED_DELEGATOR/ File.open(tmpcert, "wb") do |f| byteArray = cert.split("\\x") max = byteArray.length() - 1 byteArray[1..max].each do | byte | f.print byte.hex.chr end end cert_subj = `openssl x509 -in #{tmpcert} -inform DER -noout -subject -nameopt RFC2253` cert_subj["subject= "]= "" cert_subj.chomp! File.delete(tmpcert) if not all_subjects.include?(cert_subj) puts " [\"#{cert_subj}\"] = \"#{cert}\"," all_subjects << cert_subj end end intrust=false end else if line =~ /^CKA_LABEL/ cert_name = line.sub(/.*\"(.*)\".*/, "\\1") i = 0 while all_certs.include?(cert_name) i+=1 cert_name += " #{i}" end all_certs << cert_name elsif line =~ /^CKA_VALUE MULTILINE_OCTAL/ incert=true cert="" elsif line =~ /^CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST/ intrust=true elsif line =~ /^END/ incert=false elsif incert cert += line.split(/\\/).collect { |x| x.oct.chr.unpack("H2")[0].upcase if x!="" }.join("\\x") end end end puts "};" bro-aux-0.42/devel-tools/sign-file000755 000765 000024 00000000721 13400006400 016770 0ustar00jonstaff000000 000000 #! /usr/bin/env bash # # Signs $1 with the Bro GPG key. Signature will be written to $1.asc. # # GPG agent needs to be running. # # Needs gpg2. GPG=`which gpg2` KEY=F8CB8019 if [ "$GPG" == "" ]; then echo "Can't find gpg2." exit 1 fi if [ "$#" != 1 ]; then echo "usage: `basename $0` " exit 1 fi if ! gpg-agent -q; then echo "GPG agent not running." exit 1 fi FILE=$1 $GPG --detach-sign -a -u $KEY --openpgp -o $FILE.asc $FILE bro-aux-0.42/devel-tools/cpu-bench-with-trace000755 000765 000024 00000001554 13400006400 021031 0ustar00jonstaff000000 000000 #! /usr/bin/env bash # # This runs a number of Bro configurations on trace $2. It # starts with the bare config and then # kept adding the scripts load from init-default.bro and local.bro one # by one, measuring user time for each run (i.e., the measurements are # cumulative). if [ "$2" == "" ]; then echo "usage: `basename $0` " exit 1 fi bro=$1 trace=$2 tmp=/tmp/bench.$$.bro export BROPATH=`$bro/build/bro-path-dev` cat $tmp cat $bro/scripts/base/init-default.bro $bro/scripts/site/local.bro | grep '^ *@load' | while read line; do echo $line >>$tmp script=`echo $line | awk '{print $2}' | sed 's#/#.#g'` output="bench.output.$script.log" ( time -p $bro/build/src/bro -b -r $trace $tmp ) >$output 2>&1 user=`cat $output | grep user | awk '{print $2}'` printf "%40s %s\n" $script $user done rm -f $tmp bro-aux-0.42/devel-tools/git-delete-old-branches000755 000765 000024 00000001425 13400006400 021477 0ustar00jonstaff000000 000000 # ! /usr/bin/env bash # # Adapted from http://devblog.springest.com/a-script-to-remove-old-git-branches # # This has to be run from master git checkout master # Update our list of remotes git fetch git remote prune origin # # Remove local fully merged branches # git branch --merged master | grep -v 'master$' | xargs git branch -d # Show remote fully merged branches echo "The following remote branches are fully merged and will be removed:" git branch -r --merged master | sed 's/ *origin\///' | grep '^topic/' if [ $? != 0 ]; then exit 0 fi read -p "Continue (y/n)? " if [ "$REPLY" == "y" ] then # Remove remote fully merged branches git branch -r --merged master | sed 's/ *origin\///' \ | grep '^topic/' | xargs -I% git push origin :% echo "Done!" fi bro-aux-0.42/devel-tools/check-release000755 000765 000024 00000000737 13400006400 017615 0ustar00jonstaff000000 000000 #! /usr/bin/env bash # # Checks the current repository and all if its submodules for being # in "release shape". repo_status="$(cd $(dirname $0) && pwd)/repo-status" check_cmd="test -e CHANGES && $repo_status" printf ' %20s %-10s %-8s %-8s %-7s %-5s %-15s %s\n' "" "Branch" "CHANGES" "Pending" "Modif" "Sub" "VERSION" "Tags" ( eval $check_cmd; git submodule foreach -q --recursive "$check_cmd; true" ) \ | awk '/!/{print "- ", $0; next;} {print "+ ", $0; next;}' bro-aux-0.42/devel-tools/gen-ct-list.pl000755 000765 000024 00000003220 13400006400 017650 0ustar00jonstaff000000 000000 #!/usr/bin/env perl # # Generate the Bro file containing the current list of known # Certificate Transparency logs from the source file provided # by Google. # use 5.14.1; use strict; use warnings; # This is the only kind-of user-configurable line my $google_log_url = "https://www.gstatic.com/ct/log_list/all_logs_list.json"; # And begin with loading everything we need. # I was lazy and you probably will have to install a few of these. use Carp; use autodie; use Net::SSLeay; use HTML::HeadParser; use LWP::Protocol::https; use LWP::Simple; use JSON::Parse qw/parse_json/; use MIME::Base64; use Digest::SHA qw/sha256/; my $google_known_logs_json = get($google_log_url); croak("Could not get $google_log_url") unless defined($google_known_logs_json); my $logs = parse_json($google_known_logs_json); my %operators = map { $_->{id} => $_->{name} } @{$logs->{operators}}; say "#\n# Do not edit this file. This file is automatically generated by gen-ct-list.pl"; say "# File generated at ".localtime; say "# File generated from ".$google_log_url; say "#"; say ""; say '@load base/protocols/ssl'; say "module SSL;"; say "redef ct_logs += {"; for my $log (@{$logs->{logs}}) { my $desc = $log->{description}; my $mmd = $log->{maximum_merge_delay}; my $url = $log->{url}; my $operator = join(",", map { $operators{$_} } @{$log->{operated_by}}); my $logid = join('', map {"\\x$_" } unpack("(H2)*", sha256(decode_base64($log->{key})))); my $key = join('', map {"\\x$_" } unpack("(H2)*", decode_base64($log->{key}))); say "[\"$logid\"] = CTInfo(\$description=\"$desc\", \$operator=\"$operator\", \$url=\"$url\", \$maximum_merge_delay=$mmd, \$key=\"$key\"),"; } say "};"; bro-aux-0.42/devel-tools/extract-conn-by-uid000755 000765 000024 00000001436 13400006400 020713 0ustar00jonstaff000000 000000 #! /usr/bin/env bash # # Searches the connection with UID $1 in conn.log, and then extracts # it from trace file $2. if [ $# != 2 ]; then echo "usage: `basename $0` " exit 1 fi uid=$1 trace=$2 if [ ! -e conn.log ]; then echo "no conn.log found" exit 1 fi if [ ! -e $trace ]; then echo "trace $trace not found" exit 1 fi filter=`awk -v uid=$uid '$2==uid { printf("host %s and port %s and host %s and port %s\n", $3, $4, $5, $6)}' $tmp echo "--- Building distribution for $mod" >&2 echo "Log in $tmp." >&2 make dist >$tmp 2>&1 cat $tmp | awk '/CPack:.*generated/ {print $4} /^Package: / {print $2}' | while read tgz; do if echo $tgz | grep -qv ^/; then tgz="`pwd`/$tgz" fi version=`git tag --contains HEAD | egrep '^(release|beta)$'` if [ "$version" == "" ]; then version="git" fi echo "Distribution in $tgz ($version)" >&2 ls -al $tgz | awk '{print " ", $0; }' >&2 echo "$tgz#$version" done } if [ "$1" == "--recursive" ]; then submodules=1 shift fi if [ "$submodules" == "1" ]; then mods=`git submodule foreach -q --recursive pwd | grep -v /cmake` fi if [ -e $DEST ]; then echo echo "$DEST exists already, proceeding will delete it." echo ">> Continue? (y/n)" read line if [ "$line" != "y" ]; then exit 1 fi fi rm -rf $DEST install -d $DEST install -d $LOGS mods="$mods ." build= for mod in $mods; do cwd=`pwd` cd $mod if [ "$mod" = "." ]; then mod=`pwd` mod=`basename $mod` fi if [ ! '(' -e CMakeLists.txt -o -e Makefile ')' ]; then echo "No CMakeLists.txt or Makefile in $mod, skipping." cd $cwd continue fi ignore=1 if [ "`git describe HEAD`" = "`git describe release 2>/dev/null`" ]; then ignore=0 fi if [ "`git describe HEAD`" = "`git describe beta 2>/dev/null`" ]; then ignore=0 fi if [ "$ignore" = "1" ]; then echo "Module $mod is not tagged for release or beta, skipping." cd $cwd continue fi dist=`release $mod` ( echo $dist | grep -qv "^ *$" ) || echo "No distribution found for $mod." dists="$dists $dist" echo cd $cwd done for dist in $dists; do tgz=`echo $dist | cut -d '#' -f 1` version=`echo $dist | cut -d '#' -f 2` dst=`basename $tgz` dst="$DEST/$version/`echo $dst | sed 's/\.tgz/.tar.gz/g'`" install -d $DEST/$version mv $tgz $dst echo Signing $dst ... sign-file $dst done echo "--- All distributions in $DEST:" all=`find $DEST -path '*gz*'` test "$all" != "" && ls -rl $all || echo "None." echo bro-aux-0.42/devel-tools/git-move-submodules000755 000765 000024 00000002077 13400006400 021030 0ustar00jonstaff000000 000000 #! /usr/bin/env bash # # Recursively check outs the most recent version of all submodules on a given # branch, and commits the updates to the parents. branch=$1 if [ "$branch" == "" ]; then echo "usage: `basename $0` " exit 1 fi function update_module { local cwd=$1 local i local modules="" cd $cwd # Note we don't use --recursive here, as we want to do a depth-first # search so that we update childrens first. for i in `git submodule foreach -q 'echo $path'`; do # See if repository has a branch of the given name. Otherwise leave it alone. ( cd $i && git show-ref --verify --quiet refs/heads/$branch ) || continue modules="$modules $i" echo "--- Checking out $branch of `basename $i`" cd $i git checkout -q $branch || exit 1 update_module $cwd/$i cd $cwd done if [ "$modules" != "" ]; then echo "+++ Commiting updates to `basename $cwd`" git commit -m 'Updating submodule(s). [nomail]' --only $modules fi } update_module `pwd` bro-aux-0.42/devel-tools/update-changes000755 000765 000024 00000030176 13400006400 020012 0ustar00jonstaff000000 000000 #! /usr/bin/env bash # # Assembles a draft CHANGES entry out of revisions committed since the last # entry was added. The entry is prepended to the current CHANGES file, and the # user then gets a chance to further edit it in the editor before it gets # committed. # # The script also maintains and updates a VERSION file. # # If the script finds a file called .update-changes.cfg it sources it at the # beginning. That script can define a function "new_version_hook" that will be # called with the new version number. It may use any of the replace_version_* # functions defined below to update other files as necessary. # # If $1 is given, it's interpreted as a release version and a corresponding # tag is created. file_changes="CHANGES" # The CHANGES file. file_version="VERSION" # The VERSION file. file_config=".update-changes.cfg" # This will be sourced if available. new_version_hook="new_version_hook" # Function that will be called with new version number. release_tag="release" # We mark the current release with this tag. beta_tag="beta" # We mark the current beta with this tag. new_commit_msg="Updating CHANGES and VERSION." # Commit message when creating a new commit. show_authors=1 # Include author names with commit. # The command line used to generate a revision's version string. git_describe="git describe --always" # {rev} will be added. # The command line used to generate a revision's date. The revision will be # appended. Not used with Bro-style CHANGES file. git_rev_date="git show -s --pretty=tformat:%ci" # The command line used to generate the list of revisions between old and new # state. git_rev_list="git rev-list --topo-order HEAD" # ^{past-rev} will be added. # The command line used to show the one-line summary of a revision before # editing. git_rev_summary="git show -s '--pretty=tformat: %h | %aN | %s'" # {rev} will be added. # The command line used to get a revision's author. git_author="git show -s --pretty=format:%aN" # {rev} will be added. git_author_email="git show -s --pretty=format:%aE" # {rev} will be added. # The command line used to get a revision's message. git_msg="git show -s --pretty=format:%B" # {rev} will be added. function usage { echo "usage: `basename $0` [options]" echo echo " -p Explicitly name the past revision to compare with." echo " -R Tag the current revision as a release. Use VERSION to use that." echo " -B Tag the current revision as a beta release. Use VERSION to use that." echo " -I Initialize a new, initially empty CHANGES file." echo " -c Check whether CHANGES is up to date." echo exit 1 } ### Functions that can be used to replace version strings in other files. ### To use them, create a file $file_config and define a function ### "new_version_hook" in there that does whatever is necessary, like calling ### any of these. # Function that looks for lines of the form 'VERSION="1.2.3"' in $1. It will # replace the version number with $2 and then git-adds the change. function replace_version_in_script { file=$1 version=$2 cat $file | sed "s#^\\( *VERSION *= *\\)\"\\([0-9.-]\\{1,\\}\\)\"#\1\"$version\"#g" >$file.tmp cat $file.tmp >$file rm -f $file.tmp git add $file } # Function that looks for lines of the form '.. |version| replace:: 0.3' in $1. # It will replace the version number with $2 and then git-adds the change. function replace_version_in_rst { file=$1 version=$2 cat $file | sed "s#^\\( *\.\. *|version| *replace:: *\\)\\([0-9a-zA-Z.-]\\{1,\\}\\)#\1$version#g" >$file.tmp cat $file.tmp >$file rm -f $file.tmp git add $file } # Function that looks for lines of the form 'version="1.2-3"' in $1. It will # replace the version number with $2 and then git-adds the change. function replace_version_in_setup_py { file=$1 version=$2 cat $file | sed "s#\\([[:blank:]]*version[[:blank:]]*=[[:blank:]]*\\)\"\\([0-9.-]\\{1,\}\\)\"#\\1\"$version\"#g" >$file.tmp cat $file.tmp >$file rm -f $file.tmp git add $file } # Function that looks for lines of the form "#define .*VERSION "0.3"", with the # number being "version * 100". It will replace the version with $2 and then # git-adds the change. function replace_version_in_c_header { file=$1 version=$2 cat $file | sed "s#\\([[:blank:]]*\\#define[[:blank:]]*[_A-Za-z0-9]*_VERSION[[:blank:]]*\\)\"[0-9.-]\\{1,\\}\"#\\1\"$version\"#g" >$file.tmp mv $file.tmp $file git add $file } ### function version { rev=$1 $git_describe $rev --match "v*" 2>/dev/null | sed 's/^v//g' | sed 's/-g.*//g' } function start_changes_entry { version=$1 dst=$2 if [ "$bro_style" == "0" ]; then date=`$git_rev_date HEAD` printf '%s | %s\n' "$version" "$date" >>$dst else date=`date` printf '%s %s\n' "$version" "$date" >>$dst fi } function add_to_changes_entry { rev=$1 dst=$2 msg=$3 author="" if [ "$msg" == "" ]; then author_email=`$git_author_email $rev` author=`$git_author $rev` if [[ "$author_email" == *@corelight.com ]]; then author="$author, Corelight" else author="$author" fi msg=`$git_msg $rev` fi if [ "$msg" == "" ]; then return 1 fi if echo $msg | grep -q "^$new_commit_msg\$"; then # Ignore our own automated commits. return 1; fi echo >>$dst if [ "$bro_style" == "0" ]; then bullet=" *" else bullet="-" fi ( echo -n "$msg"; test "$author" != "" && test "$show_authors" == "1" && printf " (%s)" "$author" ) \ | awk -v bullet="$bullet" 'NR==1{printf "%s %s\n", bullet, $0; next }{printf " %s\n", $0}' \ | sed 's/[[:blank:]]*$//' >>$dst return 0; } function init_changes { echo >>$file_changes start_changes_entry `version HEAD` $file_changes echo >>$file_changes echo " * Starting $file_changes." >>$file_changes } function get_last_rev { version=`cat $file_changes | egrep '^[0-9a-zA-Z.-]+ *\|' | head -1 | awk '{print $1}'` if echo $version | grep -q -- '-'; then # v1.0.4-14 # Find the revision with that number. for rev in `git rev-list HEAD`; do v=`version $rev` if [ "$v" == "$version" ]; then echo $rev return fi done echo "Cannot determine revision for version $version." >/dev/stderr exit 1 else # A tag. echo "v$version" fi } function check_release_tag { if [ "$release" != "" ]; then git tag -d $release_tag 2>/dev/null git tag -a $release_tag -m "Current stable release." sleep 2 # Make sure git describe picks the next one. git tag -d $release 2>/dev/null git tag -a $release -m "Version tag" echo "Tagged with new tag $release and moved tag 'release' to here." echo echo "IMPORTANT: Don't forget to 'git push --tags'." fi } function check_beta_tag { if [ "$beta" != "" ]; then git tag -d $beta_tag 2>/dev/null git tag -a $beta_tag -m "Current stable beta." sleep 2 # Make sure git describe picks the next one. git tag -d $beta 2>/dev/null git tag -a $beta -m "Beta version tag" echo "Tagged with new tag $beta and moved tag 'beta' to here." echo echo "IMPORTANT: Don't forget to 'git push --tags'." fi } function check_submodules { if git submodule status --recursive | grep ^+; then cat <".' exit 1 fi auto_version=`version HEAD` if [ "$auto_version" == "" ]; then echo "Cannot determine version for HEAD did not return anything." exit 1 fi tmp=${file_changes}.$$.tmp trap "rm -f $tmp" EXIT rm -f $tmp found=0 echo >>$tmp new_version=$auto_version version=`version $rev` if [ "$version" == "" ]; then echo "Cannot determine version for $rev." exit 1 fi if [ "$release" != "" ]; then new_version=`echo $release | sed 's/v//g'` fi if [ "$beta" != "" ]; then new_version=`echo $beta | sed 's/v//g'` fi if [ "$quiet" != "1" ]; then echo "New version is $new_version." echo "Listing revisions commited since `version $last_rev` ($last_rev) ... " echo fi start_changes_entry $new_version $tmp for rev in `$git_rev_list ^$last_rev`; do version=`version $rev` if [ "$version" == "" ]; then version="" fi # printf "%15s |" $version if add_to_changes_entry $rev $tmp; then found=1 if [ "$quiet" != "1" ]; then eval "$git_rev_summary $rev | grep -v '^$' | cat" fi fi done if [ "$found" == "0" ]; then if [ "$check" == "1" ]; then echo "CHANGES is up to date." exit 0 fi echo " None." echo if [ "$release" != "" -o "$beta" != "" ]; then add_to_changes_entry head $tmp "Release $new_version." else exit 0 fi fi if [ "$check" == "1" ]; then echo "CHANGES is NOT to date." exit 0 fi echo >>$tmp cat $file_changes >>$tmp # If we are ahead of origin, we can amend. If not, we need to create a new # commit even if the user wants otherwise. amend=0 if git remote | grep -q origin; then if git rev-list origin..HEAD | grep -q .; then amend=1 fi fi echo if [ "$amend" == "0" ]; then echo Update to $file_changes will become a new commit. else echo Update to $file_changes will be amended to last commit. fi echo echo Type Enter to edit new $file_changes, or CTRL-C to abort without any modifications. read # Run editor. if [ -z "$EDITOR" ]; then EDITOR=vi fi eval $EDITOR $tmp # Put changes in place. mv $tmp $file_changes echo "Updated $file_changes." if [ "$file_version" != "" ]; then echo $new_version >$file_version echo "Updated $version to $new_version." fi # Call hook function if it exists. if type $new_version_hook >/dev/null 2>&1; then $new_version_hook $new_version fi # Commit changes. git add $file_changes $file_version if [ "$amend" == "1" ]; then git commit --amend else git commit -m "$new_commit_msg" fi echo "Updates committed." check_release_tag check_beta_tag bro-aux-0.42/plugin-support/skeleton/000755 000765 000024 00000000000 13400006401 017565 5ustar00jonstaff000000 000000 bro-aux-0.42/plugin-support/init-plugin000755 000765 000024 00000004374 13400006400 020135 0ustar00jonstaff000000 000000 #! /usr/bin/env bash function abspath { (cd "$1"; pwd) } function relpath { echo "$1" | sed "s#`pwd`/\{0,1\}##g" } function lower { echo "$1" | tr A-Z a-z } function upper { echo "$1" | tr a-z A-Z } function init-skeleton { for i in `cd ${skeleton} && find * -type d`; do mkdir -p `echo ${plugin_src}/$i` done for i in `cd ${skeleton} && find * .??* -type f`; do src=${skeleton}/$i dst=`echo ${plugin_src}/$i` dst=`echo $dst | sed "s#%NS_LOWER#${plugin_ns_lower}#g"` dst=`echo $dst | sed "s#%NAME_LOWER#${plugin_name_lower}#g"` dst=`echo $dst | sed "s#%NS#${plugin_ns}#g"` dst=`echo $dst | sed "s#%NAME#${plugin_name}#g"` dst=`echo $dst | sed "s#@#/#g"` tmp=$dst.$$.tmp mkdir -p `dirname ${dst}` cp -p ${src} ${tmp} # Copy first to preserve permissions. cat ${src} \ | sed "s/@PLUGIN_NAME@/${plugin_name}/g" \ | sed "s/@PLUGIN_NAMESPACE@/${plugin_ns}/g" \ | sed "s/@PLUGIN_NAME_UPPER@/${plugin_name_upper}/g" \ | sed "s/@PLUGIN_NAMESPACE_UPPER@/${plugin_ns_upper}/g" \ | sed "s/@PLUGIN_NAME_LOWER@/${plugin_name_lower}/g" \ | sed "s/@PLUGIN_NAMESPACE_LOWER@/${plugin_ns_lower}/g" \ >${tmp} if [ -e ${dst} ]; then cmp -s ${tmp} ${dst} || echo "`relpath ${dst}` exists, not installing new version" rm -f ${tmp} continue fi echo Installing `relpath ${dst}` ... mv ${tmp} ${dst} done } update=0 if [ "$1" == "-u" ]; then update=1 shift fi if [ $# != 3 ]; then echo "Usage: `basename $0` [-u] " exit 1 fi dstdir=$1 if [ -e "${dstdir}" -a ${update} != 1 ]; then echo "error: ${dstdir} already exists, use -u if you want to update skeleton files in there." exit 1 fi mkdir -p ${dstdir} dstdir=`abspath ${dstdir}` basedir=`dirname $0` skeleton=`abspath ${basedir}`/skeleton plugin_ns=$2 plugin_name=$3 plugin_ns_lower=`lower $2` plugin_name_lower=`lower $3` plugin_ns_upper=`upper $2` plugin_name_upper=`upper $3` plugin_src=${dstdir} plugin_build=${dstdir}/dylib init-skeleton which git >/dev/null 2>&1 && (cd ${dstdir} && git init . && git add .) bro-aux-0.42/plugin-support/skeleton/bro-pkg.meta000644 000765 000024 00000000205 13400006400 021772 0ustar00jonstaff000000 000000 [package] script_dir = scripts/@PLUGIN_NAMESPACE@/@PLUGIN_NAME@ build_command = ./configure && make test_command = cd tests && btest bro-aux-0.42/plugin-support/skeleton/CMakeLists.txt000644 000765 000024 00000001072 13400006400 022324 0ustar00jonstaff000000 000000 cmake_minimum_required(VERSION 2.8) project(BroPlugin@PLUGIN_NAME@) include(BroPlugin) bro_plugin_begin(@PLUGIN_NAMESPACE@ @PLUGIN_NAME@) bro_plugin_cc(src/Plugin.cc) bro_plugin_bif(src/@PLUGIN_NAME_LOWER@.bif) bro_plugin_dist_files(README CHANGES COPYING VERSION) bro_plugin_end() file(STRINGS "${CMAKE_CURRENT_SOURCE_DIR}/VERSION" VERSION LIMIT_COUNT 1) if ("${PROJECT_SOURCE_DIR}" STREQUAL "${CMAKE_SOURCE_DIR}") # Allows building rpm/deb packages via "make package" in build dir. include(ConfigurePackaging) ConfigurePackaging(${VERSION}) endif () bro-aux-0.42/plugin-support/skeleton/configure000755 000765 000024 00000011757 13400006400 021506 0ustar00jonstaff000000 000000 #!/bin/sh # # Wrapper for viewing/setting options that the plugin's CMake # scripts will recognize. # # Don't edit this. Edit configure.plugin to add plugin-specific options. # set -e command="$0 $*" if [ -e `dirname $0`/configure.plugin ]; then # Include custom additions. . `dirname $0`/configure.plugin fi # Check for `cmake` command. type cmake > /dev/null 2>&1 || { echo "\ This package requires CMake, please install it first, then you may use this configure script to access CMake equivalent functionality.\ " >&2; exit 1; } usage() { cat 1>&2 </dev/null 2>&1; then plugin_usage 1>&2 fi echo exit 1 } # Function to append a CMake cache entry definition to the # CMakeCacheEntries variable # $1 is the cache entry variable name # $2 is the cache entry variable type # $3 is the cache entry variable value append_cache_entry () { CMakeCacheEntries="$CMakeCacheEntries -D $1:$2=$3" } # set defaults builddir=build brodist="" installroot="default" CMakeCacheEntries="" while [ $# -ne 0 ]; do case "$1" in -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; *) optarg= ;; esac case "$1" in --help|-h) usage ;; --bro-dist=*) brodist=`cd $optarg && pwd` ;; --install-root=*) installroot=$optarg ;; --with-binpac=*) append_cache_entry BinPAC_ROOT_DIR PATH $optarg binpac_root=$optarg ;; --with-broker=*) append_cache_entry BROKER_ROOT_DIR PATH $optarg broker_root=$optarg ;; --with-caf=*) append_cache_entry CAF_ROOT_DIR PATH $optarg caf_root=$optarg ;; --with-bifcl=*) append_cache_entry BifCl_EXE PATH $optarg ;; --enable-debug) append_cache_entry BRO_PLUGIN_ENABLE_DEBUG BOOL true ;; *) if type plugin_option >/dev/null 2>&1; then plugin_option $1 && shift && continue; fi echo "Invalid option '$1'. Try $0 --help to see available options." exit 1 ;; esac shift done if [ -z "$brodist" ]; then if type bro-config >/dev/null 2>&1; then if bro-config --cmake_dir >/dev/null 2>&1; then # Have a newer version of bro-config that has needed flags append_cache_entry BRO_CONFIG_PREFIX PATH `bro-config --prefix` append_cache_entry BRO_CONFIG_INCLUDE_DIR PATH `bro-config --include_dir` append_cache_entry BRO_CONFIG_PLUGIN_DIR PATH `bro-config --plugin_dir` append_cache_entry BRO_CONFIG_CMAKE_DIR PATH `bro-config --cmake_dir` append_cache_entry CMAKE_MODULE_PATH PATH `bro-config --cmake_dir` build_type=`bro-config --build_type` if [ "$build_type" = "debug" ]; then append_cache_entry BRO_PLUGIN_ENABLE_DEBUG BOOL true fi if [ -z "$binpac_root" ]; then append_cache_entry BinPAC_ROOT_DIR PATH `bro-config --binpac_root` fi if [ -z "$broker_root" ]; then append_cache_entry BROKER_ROOT_DIR PATH `bro-config --broker_root` fi if [ -z "$caf_root" ]; then append_cache_entry CAF_ROOT_DIR PATH `bro-config --caf_root` fi else brodist=`bro-config --bro_dist 2> /dev/null` if [ ! -e "$brodist/bro-path-dev.in" ]; then echo "$brodist does not appear to be a valid Bro source tree." exit 1 fi append_cache_entry BRO_DIST PATH $brodist append_cache_entry CMAKE_MODULE_PATH PATH $brodist/cmake fi else echo "Either 'bro-config' must be in PATH or '--bro-dist=' used" exit 1 fi else if [ ! -e "$brodist/bro-path-dev.in" ]; then echo "$brodist does not appear to be a valid Bro source tree." exit 1 fi append_cache_entry BRO_DIST PATH $brodist append_cache_entry CMAKE_MODULE_PATH PATH $brodist/cmake fi if [ "$installroot" != "default" ]; then mkdir -p $installroot append_cache_entry BRO_PLUGIN_INSTALL_ROOT PATH $installroot fi echo "Build Directory : $builddir" echo "Bro Source Directory : $brodist" mkdir -p $builddir cd $builddir cmake $CMakeCacheEntries .. echo "# This is the command used to configure this build" > config.status echo $command >> config.status chmod u+x config.status bro-aux-0.42/plugin-support/skeleton/Makefile000644 000765 000024 00000001277 13400006400 021233 0ustar00jonstaff000000 000000 # # Convenience Makefile providing a few common top-level targets. # cmake_build_dir=build arch=`uname -s | tr A-Z a-z`-`uname -m` all: build-it build-it: @test -e $(cmake_build_dir)/config.status || ./configure -@test -e $(cmake_build_dir)/CMakeCache.txt && \ test $(cmake_build_dir)/CMakeCache.txt -ot `cat $(cmake_build_dir)/CMakeCache.txt | grep BRO_DIST | cut -d '=' -f 2`/build/CMakeCache.txt && \ echo Updating stale CMake cache && \ touch $(cmake_build_dir)/CMakeCache.txt ( cd $(cmake_build_dir) && make ) install: ( cd $(cmake_build_dir) && make install ) clean: ( cd $(cmake_build_dir) && make clean ) distclean: rm -rf $(cmake_build_dir) test: make -C tests bro-aux-0.42/plugin-support/skeleton/CHANGES000644 000765 000024 00000000000 13400006400 020545 0ustar00jonstaff000000 000000 bro-aux-0.42/plugin-support/skeleton/COPYING.edit-me000644 000765 000024 00000003253 13400006400 022145 0ustar00jonstaff000000 000000 ### ### This is a BSD-style license. If you're happy with it, just edit ### the XXX parts below and remove this comment. Otherwise, put in ### your own license instead. ### Copyright (c) 2018 by Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: (1) Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. (2) Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. (3) Neither the name of , nor the names of contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. bro-aux-0.42/plugin-support/skeleton/tests/000755 000765 000024 00000000000 13400006401 020727 5ustar00jonstaff000000 000000 bro-aux-0.42/plugin-support/skeleton/configure.plugin000644 000765 000024 00000000574 13400006400 022773 0ustar00jonstaff000000 000000 #!/bin/sh # # Hooks to add custom options to the configure script. # plugin_usage() { : # Do nothing # cat < bro-aux-0.42/plugin-support/skeleton/VERSION000644 000765 000024 00000000004 13400006400 020626 0ustar00jonstaff000000 000000 0.1 bro-aux-0.42/plugin-support/skeleton/scripts/000755 000765 000024 00000000000 13400006400 021253 5ustar00jonstaff000000 000000 bro-aux-0.42/plugin-support/skeleton/src/000755 000765 000024 00000000000 13400006400 020353 5ustar00jonstaff000000 000000 bro-aux-0.42/plugin-support/skeleton/src/Plugin.h000644 000765 000024 00000000613 13400006400 021762 0ustar00jonstaff000000 000000 #ifndef BRO_PLUGIN_@PLUGIN_NAMESPACE_UPPER@_@PLUGIN_NAME_UPPER@ #define BRO_PLUGIN_@PLUGIN_NAMESPACE_UPPER@_@PLUGIN_NAME_UPPER@ #include namespace plugin { namespace @PLUGIN_NAMESPACE@_@PLUGIN_NAME@ { class Plugin : public ::plugin::Plugin { protected: // Overridden from plugin::Plugin. plugin::Configuration Configure() override; }; extern Plugin plugin; } } #endif bro-aux-0.42/plugin-support/skeleton/src/Plugin.cc000644 000765 000024 00000000634 13400006400 022123 0ustar00jonstaff000000 000000 #include "Plugin.h" namespace plugin { namespace @PLUGIN_NAMESPACE@_@PLUGIN_NAME@ { Plugin plugin; } } using namespace plugin::@PLUGIN_NAMESPACE@_@PLUGIN_NAME@; plugin::Configuration Plugin::Configure() { plugin::Configuration config; config.name = "@PLUGIN_NAMESPACE@::@PLUGIN_NAME@"; config.description = ""; config.version.major = 0; config.version.minor = 1; return config; } bro-aux-0.42/plugin-support/skeleton/src/%NAME_LOWER.bif000644 000765 000024 00000000001 13400006400 022561 0ustar00jonstaff000000 000000 bro-aux-0.42/plugin-support/skeleton/scripts/__preload__.bro000644 000765 000024 00000000534 13400006400 024203 0ustar00jonstaff000000 000000 # # This is loaded automatically at Bro startup once the plugin gets activated, # but before any of the BiFs that the plugin defines become available. # # This is primarily for defining types that BiFs already depend on. If you need # to do any other unconditional initialization, that should go into __load__.bro # instead. # @load ./types.bro bro-aux-0.42/plugin-support/skeleton/scripts/%NS@%NAME@__load__.bro000644 000765 000024 00000000433 13400006400 024706 0ustar00jonstaff000000 000000 # # This is processed when a user explicitly loads the plugin's script module # through `@load /`. Include code here that # should execute at that point. This is the most common entry point to # your plugin's accompanying scripts # # @load ./bar.bro bro-aux-0.42/plugin-support/skeleton/scripts/types.bro000644 000765 000024 00000000001 13400006400 023112 0ustar00jonstaff000000 000000 bro-aux-0.42/plugin-support/skeleton/scripts/__load__.bro000644 000765 000024 00000000655 13400006400 023500 0ustar00jonstaff000000 000000 # # This is loaded automatically at Bro startup once the plugin gets activated # and its BiF elements have become available. Include code here that should # always execute unconditionally at that time. # # Note that often you may want your plugin's accompanying scripts not here, but # in scripts///__load__.bro. That's processed # only on explicit `@load /`. # bro-aux-0.42/plugin-support/skeleton/tests/btest.cfg000644 000765 000024 00000001027 13400006400 022530 0ustar00jonstaff000000 000000 [btest] TestDirs = @PLUGIN_NAME_LOWER@ TmpDir = %(testbase)s/.tmp BaselineDir = %(testbase)s/Baseline IgnoreDirs = .svn CVS .tmp IgnoreFiles = *.tmp *.swp #* *.trace .DS_Store [environment] BROPATH=`%(testbase)s/Scripts/get-bro-env bropath` BRO_PLUGIN_PATH=`%(testbase)s/Scripts/get-bro-env bro_plugin_path` BRO_SEED_FILE=%(testbase)s/random.seed PATH=`%(testbase)s/Scripts/get-bro-env path` TZ=UTC LC_ALL=C TRACES=%(testbase)s/Traces TMPDIR=%(testbase)s/.tmp TEST_DIFF_CANONIFIER=%(testbase)s/Scripts/diff-remove-timestamps bro-aux-0.42/plugin-support/skeleton/tests/Makefile000644 000765 000024 00000000017 13400006400 022364 0ustar00jonstaff000000 000000 test: @btest bro-aux-0.42/plugin-support/skeleton/tests/Scripts/000755 000765 000024 00000000000 13400006400 022355 5ustar00jonstaff000000 000000 bro-aux-0.42/plugin-support/skeleton/tests/%NAME_LOWER@show-plugin.bro000644 000765 000024 00000000202 13400006400 025456 0ustar00jonstaff000000 000000 # @TEST-EXEC: bro -NN @PLUGIN_NAMESPACE@::@PLUGIN_NAME@ |sed -e 's/version.*)/version)/g' >output # @TEST-EXEC: btest-diff output bro-aux-0.42/plugin-support/skeleton/tests/random.seed000644 000765 000024 00000000300 13400006400 023041 0ustar00jonstaff000000 000000 2983378351 1299727368 0 310447 0 1409073626 3975311262 34130240 1450515018 1466150520 1342286698 1193956778 2188527278 3361989254 3912865238 3596260151 517973768 1462428821 0 2278350848 32767 bro-aux-0.42/plugin-support/skeleton/tests/Scripts/get-bro-env000755 000765 000024 00000002026 13400006400 024430 0ustar00jonstaff000000 000000 #! /bin/sh # # BTest helper for getting values for Bro-related environment variables. base=`dirname $0` bro_dist=`cat ${base}/../../build/CMakeCache.txt | grep BRO_DIST | cut -d = -f 2` if [ -n "${bro_dist}" ]; then if [ "$1" = "bropath" ]; then ${bro_dist}/build/bro-path-dev elif [ "$1" = "bro_plugin_path" ]; then ( cd ${base}/../.. && pwd ) elif [ "$1" = "path" ]; then echo ${bro_dist}/build/src:${bro_dist}/aux/btest:${base}/:${bro_dist}/aux/bro-cut:$PATH else echo "usage: `basename $0` " >&2 exit 1 fi else # Use Bro installation for testing. In this case bro-config must be in PATH. if ! which bro-config >/dev/null; then echo "bro-config not found" >&2 exit 1 fi if [ "$1" = "bropath" ]; then bro-config --bropath elif [ "$1" = "bro_plugin_path" ]; then ( cd ${base}/../.. && pwd ) elif [ "$1" = "path" ]; then echo ${PATH} else echo "usage: `basename $0` " >&2 exit 1 fi fi bro-aux-0.42/plugin-support/skeleton/tests/Scripts/diff-remove-timestamps000755 000765 000024 00000000577 13400006400 026703 0ustar00jonstaff000000 000000 #! /usr/bin/env bash # # Replace anything which looks like timestamps with XXXs (including the #start/end markers in logs). # Get us "modern" regexps with sed. if [ `uname` == "Linux" ]; then sed="sed -r" else sed="sed -E" fi $sed 's/(0\.000000)|([0-9]{9,10}\.[0-9]{2,8})/XXXXXXXXXX.XXXXXX/g' | \ $sed 's/^ *#(open|close).(19|20)..-..-..-..-..-..$/#\1 XXXX-XX-XX-XX-XX-XX/g' bro-aux-0.42/cmake/InstallPackageConfigFile.cmake000644 000765 000024 00000005273 13400006401 021632 0ustar00jonstaff000000 000000 include(InstallClobberImmune) # This macro can be used to install configuration files which # users are expected to modify after installation. It will: # # - If binary packaging is enabled: # Install the file in the typical CMake fashion, but append to the # INSTALLED_CONFIG_FILES cache variable for use with the Mac package's # pre/post install scripts # # - If binary packaging is not enabled: # Install the script in a way such that it will check at `make install` # time whether the file does not exist. See InstallClobberImmune.cmake # # - Always create a target "install-example-configs" which installs an # example version of the config file. # # _srcfile: the absolute path to the file to install # _dstdir: absolute path to the directory in which to install the file # _dstfilename: how to (re)name the file inside _dstdir macro(InstallPackageConfigFile _srcfile _dstdir _dstfilename) set(_dstfile ${_dstdir}/${_dstfilename}) if (BINARY_PACKAGING_MODE) # If packaging mode is enabled, always install the distribution's # version of the file. The Mac package's pre/post install scripts # or native functionality of RPMs will take care of not clobbering it. install(FILES ${_srcfile} DESTINATION ${_dstdir} RENAME ${_dstfilename}) # This cache variable is what the Mac package pre/post install scripts # use to avoid clobbering user-modified config files set(INSTALLED_CONFIG_FILES "${INSTALLED_CONFIG_FILES} ${_dstfile}" CACHE STRING "" FORCE) # Additionally, the Mac PackageMaker packages don't have any automatic # handling of configuration file conflicts so install an example file # that the post install script will cleanup in the case it's extraneous if (APPLE) install(FILES ${_srcfile} DESTINATION ${_dstdir} RENAME ${_dstfilename}.example) endif () else () # Have `make install` check at run time whether the file does not exist InstallClobberImmune(${_srcfile} ${_dstfile}) endif () if (NOT TARGET install-example-configs) add_custom_target(install-example-configs COMMENT "Installed example configuration files") endif () # '/' is invalid in target names, so replace w/ '.' string(REGEX REPLACE "/" "." _flatsrc ${_srcfile}) set(_example ${_dstfile}.example) add_custom_target(install-example-config-${_flatsrc} COMMAND "${CMAKE_COMMAND}" -E copy ${_srcfile} \${DESTDIR}${_example} COMMENT "Installing ${_example}") add_dependencies(install-example-configs install-example-config-${_flatsrc}) endmacro(InstallPackageConfigFile) bro-aux-0.42/cmake/MiscTests.cmake000644 000765 000024 00000002010 13400006401 016722 0ustar00jonstaff000000 000000 include(CheckCXXSourceCompiles) include(CheckCSourceCompiles) # This autoconf variable is obsolete; it's portable to assume C89 and signal # handlers returning void set(RETSIGTYPE "void") set(RETSIGVAL "") check_c_source_compiles(" #include #include extern int socket(int, int, int); extern int connect(int, const struct sockaddr *, int); extern int send(int, const void *, int, int); extern int recvfrom(int, void *, int, int, struct sockaddr *, int *); int main() { return 0; } " DO_SOCK_DECL) if (DO_SOCK_DECL) message(STATUS "socket() and friends need explicit declaration") endif () check_cxx_source_compiles(" #include #include extern \"C\" { int openlog(const char* ident, int logopt, int facility); int syslog(int priority, const char* message_fmt, ...); int closelog(); } int main() { return 0; } " SYSLOG_INT) if (SYSLOG_INT) message(STATUS "syslog prototypes need declaration") endif () bro-aux-0.42/cmake/bro-plugin-install-package.sh000755 000765 000024 00000000770 13400006401 021467 0ustar00jonstaff000000 000000 #! /bin/sh # # Helper script to install the tarball with a plugin's binary distribution. # # Called from BroPluginDynamic.cmake. Current directory is the plugin # build directory. if [ $# != 2 ]; then echo "usage: `basename $0` " exit 1 fi dst=$2 if [ ! -d "${dst}" ]; then echo "Warning: ${dst} does not exist; has Bro been installed?" mkdir -p ${dst} fi name=$1 tgz=`pwd`/$name.tgz ( cd ${dst} && rm -rf "${name}" && tar xzf ${tgz} ) bro-aux-0.42/cmake/FindBISON.cmake000644 000765 000024 00000022215 13400006401 016470 0ustar00jonstaff000000 000000 # - Find bison executable and provides macros to generate custom build rules # The module defines the following variables: # # BISON_EXECUTABLE - path to the bison program # BISON_VERSION - version of bison # BISON_FOUND - true if the program was found # # If bison is found, the module defines the macros: # BISON_TARGET( [VERBOSE ] # [COMPILE_FLAGS ] [HEADER ]) # which will create a custom rule to generate a parser. is # the path to a yacc file. is the name of the source file # generated by bison. A header file containing the token list is also # generated according to bison's -d option by default or if the HEADER # option is used, the argument is passed to bison's --defines option to # specify output file. If COMPILE_FLAGS option is specified, the next # parameter is added in the bison command line. if VERBOSE option is # specified, is created and contains verbose descriptions of the # grammar and parser. The macro defines a set of variables: # BISON_${Name}_DEFINED - true is the macro ran successfully # BISON_${Name}_INPUT - The input source file, an alias for # BISON_${Name}_OUTPUT_SOURCE - The source file generated by bison # BISON_${Name}_OUTPUT_HEADER - The header file generated by bison # BISON_${Name}_OUTPUTS - The sources files generated by bison # BISON_${Name}_COMPILE_FLAGS - Options used in the bison command line # # ==================================================================== # Example: # # find_package(BISON) # BISON_TARGET(MyParser parser.y ${CMAKE_CURRENT_BINARY_DIR}/parser.cpp) # add_executable(Foo main.cpp ${BISON_MyParser_OUTPUTS}) # ==================================================================== #============================================================================= # Copyright 2009 Kitware, Inc. # Copyright 2006 Tristan Carel # Modified 2010 by Jon Siwek, adding HEADER option # # Distributed under the OSI-approved BSD License (the "License"): # CMake - Cross Platform Makefile Generator # Copyright 2000-2009 Kitware, Inc., Insight Software Consortium # All rights reserved. # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # * Neither the names of Kitware, Inc., the Insight Software Consortium, # nor the names of their contributors may be used to endorse or promote # products derived from this software without specific prior written # permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # # This software is distributed WITHOUT ANY WARRANTY; without even the # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # See the License for more information. #============================================================================= FIND_PROGRAM(BISON_EXECUTABLE bison DOC "path to the bison executable") MARK_AS_ADVANCED(BISON_EXECUTABLE) IF(BISON_EXECUTABLE) EXECUTE_PROCESS(COMMAND ${BISON_EXECUTABLE} --version OUTPUT_VARIABLE BISON_version_output ERROR_VARIABLE BISON_version_error RESULT_VARIABLE BISON_version_result OUTPUT_STRIP_TRAILING_WHITESPACE) IF(NOT ${BISON_version_result} EQUAL 0) MESSAGE(SEND_ERROR "Command \"${BISON_EXECUTABLE} --version\" failed with output:\n${BISON_version_error}") ELSE() STRING(REGEX REPLACE "^bison \\(GNU Bison\\) ([^\n]+)\n.*" "\\1" BISON_VERSION "${BISON_version_output}") ENDIF() # internal macro MACRO(BISON_TARGET_option_verbose Name BisonOutput filename) LIST(APPEND BISON_TARGET_cmdopt "--verbose") GET_FILENAME_COMPONENT(BISON_TARGET_output_path "${BisonOutput}" PATH) GET_FILENAME_COMPONENT(BISON_TARGET_output_name "${BisonOutput}" NAME_WE) ADD_CUSTOM_COMMAND(OUTPUT ${filename} COMMAND ${CMAKE_COMMAND} ARGS -E copy "${BISON_TARGET_output_path}/${BISON_TARGET_output_name}.output" "${filename}" DEPENDS "${BISON_TARGET_output_path}/${BISON_TARGET_output_name}.output" COMMENT "[BISON][${Name}] Copying bison verbose table to ${filename}" WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}) SET(BISON_${Name}_VERBOSE_FILE ${filename}) LIST(APPEND BISON_TARGET_extraoutputs "${BISON_TARGET_output_path}/${BISON_TARGET_output_name}.output") ENDMACRO(BISON_TARGET_option_verbose) # internal macro MACRO(BISON_TARGET_option_extraopts Options) SET(BISON_TARGET_extraopts "${Options}") SEPARATE_ARGUMENTS(BISON_TARGET_extraopts) LIST(APPEND BISON_TARGET_cmdopt ${BISON_TARGET_extraopts}) ENDMACRO(BISON_TARGET_option_extraopts) #============================================================ # BISON_TARGET (public macro) #============================================================ # MACRO(BISON_TARGET Name BisonInput BisonOutput) SET(BISON_TARGET_output_header "") #SET(BISON_TARGET_command_opt "") SET(BISON_TARGET_cmdopt "") SET(BISON_TARGET_outputs "${BisonOutput}") IF(NOT ${ARGC} EQUAL 3 AND NOT ${ARGC} EQUAL 5 AND NOT ${ARGC} EQUAL 7 AND NOT ${ARGC} EQUAL 9) MESSAGE(SEND_ERROR "Usage") ELSE() # Parsing parameters IF(${ARGC} GREATER 5 OR ${ARGC} EQUAL 5) IF("${ARGV3}" STREQUAL "VERBOSE") BISON_TARGET_option_verbose(${Name} ${BisonOutput} "${ARGV4}") ENDIF() IF("${ARGV3}" STREQUAL "COMPILE_FLAGS") BISON_TARGET_option_extraopts("${ARGV4}") ENDIF() IF("${ARGV3}" STREQUAL "HEADER") set(BISON_TARGET_output_header "${ARGV4}") ENDIF() ENDIF() IF(${ARGC} GREATER 7 OR ${ARGC} EQUAL 7) IF("${ARGV5}" STREQUAL "VERBOSE") BISON_TARGET_option_verbose(${Name} ${BisonOutput} "${ARGV6}") ENDIF() IF("${ARGV5}" STREQUAL "COMPILE_FLAGS") BISON_TARGET_option_extraopts("${ARGV6}") ENDIF() IF("${ARGV5}" STREQUAL "HEADER") set(BISON_TARGET_output_header "${ARGV6}") ENDIF() ENDIF() IF(${ARGC} EQUAL 9) IF("${ARGV7}" STREQUAL "VERBOSE") BISON_TARGET_option_verbose(${Name} ${BisonOutput} "${ARGV8}") ENDIF() IF("${ARGV7}" STREQUAL "COMPILE_FLAGS") BISON_TARGET_option_extraopts("${ARGV8}") ENDIF() IF("${ARGV7}" STREQUAL "HEADER") set(BISON_TARGET_output_header "${ARGV8}") ENDIF() ENDIF() IF(BISON_TARGET_output_header) # Header's name passed in as argument to be used in --defines option LIST(APPEND BISON_TARGET_cmdopt "--defines=${BISON_TARGET_output_header}") set(BISON_${Name}_OUTPUT_HEADER ${BISON_TARGET_output_header}) ELSE() # Header's name generated by bison (see option -d) LIST(APPEND BISON_TARGET_cmdopt "-d") STRING(REGEX REPLACE "^(.*)(\\.[^.]*)$" "\\2" _fileext "${ARGV2}") STRING(REPLACE "c" "h" _fileext ${_fileext}) STRING(REGEX REPLACE "^(.*)(\\.[^.]*)$" "\\1${_fileext}" BISON_${Name}_OUTPUT_HEADER "${ARGV2}") ENDIF() LIST(APPEND BISON_TARGET_outputs "${BISON_${Name}_OUTPUT_HEADER}") ADD_CUSTOM_COMMAND(OUTPUT ${BISON_TARGET_outputs} ${BISON_TARGET_extraoutputs} COMMAND ${BISON_EXECUTABLE} ARGS ${BISON_TARGET_cmdopt} -o ${ARGV2} ${ARGV1} DEPENDS ${ARGV1} COMMENT "[BISON][${Name}] Building parser with bison ${BISON_VERSION}" WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) # define target variables SET(BISON_${Name}_DEFINED TRUE) SET(BISON_${Name}_INPUT ${ARGV1}) SET(BISON_${Name}_OUTPUTS ${BISON_TARGET_outputs}) SET(BISON_${Name}_COMPILE_FLAGS ${BISON_TARGET_cmdopt}) SET(BISON_${Name}_OUTPUT_SOURCE "${BisonOutput}") ENDIF(NOT ${ARGC} EQUAL 3 AND NOT ${ARGC} EQUAL 5 AND NOT ${ARGC} EQUAL 7 AND NOT ${ARGC} EQUAL 9) ENDMACRO(BISON_TARGET) # #============================================================ ENDIF(BISON_EXECUTABLE) INCLUDE(FindPackageHandleStandardArgs) FIND_PACKAGE_HANDLE_STANDARD_ARGS(BISON DEFAULT_MSG BISON_EXECUTABLE) # FindBISON.cmake ends here bro-aux-0.42/cmake/OSSpecific.cmake000644 000765 000024 00000003565 13400006401 017013 0ustar00jonstaff000000 000000 if (${CMAKE_SYSTEM_NAME} MATCHES "FreeBSD") set(bro_LINKER_FLAGS "${bro_LINKER_FLAGS} -rdynamic") elseif (${CMAKE_SYSTEM_NAME} MATCHES "OpenBSD") set(bro_LINKER_FLAGS "${bro_LINKER_FLAGS} -rdynamic") elseif (${CMAKE_SYSTEM_NAME} MATCHES "Darwin") set(HAVE_DARWIN true) elseif (${CMAKE_SYSTEM_NAME} MATCHES "Linux") set(HAVE_LINUX true) elseif (${CMAKE_SYSTEM_NAME} MATCHES "Solaris") set(SOCKET_LIBS nsl socket) elseif (${CMAKE_SYSTEM_NAME} MATCHES "osf") # Workaround ip_hl vs. ip_vhl problem in netinet/ip.h add_definitions(-D__STDC__=2) elseif (${CMAKE_SYSTEM_NAME} MATCHES "irix") list(APPEND CMAKE_C_FLAGS -xansi -signed -g3) list(APPEND CMAKE_CXX_FLAGS -xansi -signed -g3) elseif (${CMAKE_SYSTEM_NAME} MATCHES "ultrix") list(APPEND CMAKE_C_FLAGS -std1 -g3) list(APPEND CMAKE_CXX_FLAGS -std1 -g3) include(CheckCSourceCompiles) check_c_source_compiles(" #include int main() { void c(const struct a *); return 0; } " have_ultrix_const) if (NOT have_ultrix_const) set(NEED_ULTRIX_CONST_HACK true) endif () elseif (${CMAKE_SYSTEM_NAME} MATCHES "hpux" OR ${CMAKE_SYSTEM_NAME} MATCHES "HP-UX") include(CheckCSourceCompiles) set(CMAKE_REQUIRED_FLAGS -Aa) set(CMAKE_REQUIRED_DEFINITIONS -D_HPUX_SOURCE) check_c_source_compiles(" #include int main() { int frob(int, char *); return 0; } " have_ansi_prototypes) set(CMAKE_REQUIRED_FLAGS) set(CMAKE_REQUIRED_DEFINITIONS) if (have_ansi_prototypes) add_definitions(-D_HPUX_SOURCE) list(APPEND CMAKE_C_FLAGS -Aa) list(APPEND CMAKE_CXX_FLAGS -Aa) endif () if (NOT have_ansi_prototypes) message(FATAL_ERROR "Can't get HPUX compiler to handle ANSI prototypes") endif () endif () bro-aux-0.42/cmake/BroPlugin.cmake000644 000765 000024 00000000733 13400006401 016717 0ustar00jonstaff000000 000000 # Wrapper include file that loads the macros for building a Bro # plugin either statically or dynamically, depending on whether # we're building as part of the main Bro source tree, or externally. if ( BRO_PLUGIN_INTERNAL_BUILD ) if ( "${BRO_PLUGIN_BUILD_DYNAMIC}" STREQUAL "" ) set(BRO_PLUGIN_BUILD_DYNAMIC FALSE) endif() else () set(BRO_PLUGIN_BUILD_DYNAMIC TRUE) endif () include(BroPluginCommon) include(BroPluginStatic) include(BroPluginDynamic) bro-aux-0.42/cmake/SetupRPATH.cmake000644 000765 000024 00000000530 13400006401 016710 0ustar00jonstaff000000 000000 # Keep RPATH upon installing so that user doesn't have to ensure the linker # can find internal/private libraries or libraries external to the build # directory that were explicitly linked against if (NOT BINARY_PACKAGING_MODE) SET(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE) SET(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib") endif () bro-aux-0.42/cmake/BroSubdir.cmake000644 000765 000024 00000000771 13400006401 016713 0ustar00jonstaff000000 000000 # Creates a target for a library of objects file in a subdirectory, # and adds to the global bro_SUBDIR_LIBS. function(bro_add_subdir_library name) if ( bro_HAVE_OBJECT_LIBRARIES ) add_library("bro_${name}" OBJECT ${ARGN}) set(_target "$") else () add_library("bro_${name}" STATIC ${ARGN}) set(_target "bro_${name}") endif () set(bro_SUBDIR_LIBS "${_target}" ${bro_SUBDIR_LIBS} CACHE INTERNAL "subdir libraries") endfunction() bro-aux-0.42/cmake/FindBroker.cmake000644 000765 000024 00000002103 13400006401 017034 0ustar00jonstaff000000 000000 # - Try to find Broker library and headers # # Usage of this module as follows: # # find_package(Broker) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # BROKER_ROOT_DIR Set this variable to the root installation of # Broker if the module has problems finding the # proper installation path. # # Variables defined by this module: # # BROKER_FOUND System has Broker library # BROKER_LIBRARY The broker library # BROKER_INCLUDE_DIR The broker headers find_path(BROKER_ROOT_DIR NAMES include/broker/broker.hh ) find_library(BROKER_LIBRARY NAMES broker HINTS ${BROKER_ROOT_DIR}/lib ) find_path(BROKER_INCLUDE_DIR NAMES broker/broker.hh HINTS ${BROKER_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Broker DEFAULT_MSG BROKER_LIBRARY BROKER_INCLUDE_DIR ) mark_as_advanced( BROKER_ROOT_DIR BROKER_LIBRARY BROKER_INCLUDE_DIR ) bro-aux-0.42/cmake/CheckFunctions.cmake000644 000765 000024 00000000675 13400006401 017731 0ustar00jonstaff000000 000000 include(CheckFunctionExists) check_function_exists(getopt_long HAVE_GETOPT_LONG) check_function_exists(mallinfo HAVE_MALLINFO) check_function_exists(strcasestr HAVE_STRCASESTR) check_function_exists(strerror HAVE_STRERROR) check_function_exists(strsep HAVE_STRSEP) check_function_exists(sigset HAVE_SIGSET) if (HAVE_SIGSET) set(SIG_FUNC sigset) else () set(SIG_FUNC signal) check_function_exists(sigaction HAVE_SIGACTION) endif () bro-aux-0.42/cmake/cmake_uninstall.cmake.in000644 000765 000024 00000002211 13400006401 020565 0ustar00jonstaff000000 000000 function(uninstall_manifest manifestPath) file(READ "${manifestPath}" files) string(REGEX REPLACE "\n" ";" files "${files}") foreach (file ${files}) set(fileName $ENV{DESTDIR}${file}) if (EXISTS "${fileName}" OR IS_SYMLINK "${fileName}") message(STATUS "Uninstalling: ${fileName}") execute_process( COMMAND "@CMAKE_COMMAND@" -E remove "${fileName}" OUTPUT_VARIABLE rm_out RESULT_VARIABLE rm_retval ) if (NOT ${rm_retval} EQUAL 0) message(FATAL_ERROR "Problem when removing: ${fileName}") endif () else () message(STATUS "Does not exist: ${fileName}") endif () endforeach () endfunction(uninstall_manifest) file(GLOB install_manifests @CMAKE_CURRENT_BINARY_DIR@/install_manifest*.txt) if (install_manifests) foreach (manifest ${install_manifests}) uninstall_manifest(${manifest}) endforeach () else () message(FATAL_ERROR "Cannot find any install manifests in: " "\"@CMAKE_CURRENT_BINARY_DIR@/install_manifest*.txt\"") endif () bro-aux-0.42/cmake/bro-plugin-create-package.sh000755 000765 000024 00000002007 13400006401 021257 0ustar00jonstaff000000 000000 #! /bin/sh # # Helper script creating a tarball with a plugin's binary distribution. We'll # also leave a MANIFEST in place with all files part of the tar ball. # # Called from BroPluginDynamic.cmake. Current directory is the plugin # build directory. if [ $# = 0 ]; then echo "usage: `basename $0` []" exit 1 fi name=$1 shift addl=$@ # Copy additional distribution files into build directory. for i in ${addl}; do if [ -e ../$i ]; then dir=`dirname $i` mkdir -p ${dir} cp -p ../$i ${dir} fi done tgz=${name}-`(test -e ../VERSION && cat ../VERSION | head -1) || echo 0.0`.tar.gz rm -f MANIFEST ${name} ${name}.tgz ${tgz} for i in __bro_plugin__ lib scripts ${addl}; do test -e $i && find -L $i -type f | sed "s%^%${name}/%g" >>MANIFEST done ln -s . ${name} mkdir -p dist flag="-T" test `uname` = "OpenBSD" && flag="-I" tar czf dist/${tgz} ${flag} MANIFEST ln -s dist/${tgz} ${name}.tgz rm -f ${name} bro-aux-0.42/cmake/FindPyBroccoli.cmake000644 000765 000024 00000001375 13400006401 017667 0ustar00jonstaff000000 000000 # - Determine if the Broccoli Python bindings are available # # Usage of this module as follows: # # find_package(PythonInterp REQUIRED) # find_package(PyBroccoli) # # Variables defined by this module: # # PYBROCCOLI_FOUND Python successfully imports broccoli bindings if (NOT PYBROCCOLI_FOUND) execute_process(COMMAND "${PYTHON_EXECUTABLE}" -c "import broccoli" RESULT_VARIABLE PYBROCCOLI_IMPORT_RESULT) if (PYBROCCOLI_IMPORT_RESULT) # python returned non-zero exit status set(BROCCOLI_PYTHON_MODULE false) else () set(BROCCOLI_PYTHON_MODULE true) endif () endif () include(FindPackageHandleStandardArgs) find_package_handle_standard_args(PyBroccoli DEFAULT_MSG BROCCOLI_PYTHON_MODULE) bro-aux-0.42/cmake/CheckCompilers.cmake000644 000765 000024 00000000670 13400006401 017711 0ustar00jonstaff000000 000000 # Aborts the configuration if no C or C++ compiler is found, depending # on whether a previous call to the project() macro was supplied either # language as a requirement. if (NOT CMAKE_C_COMPILER AND DEFINED CMAKE_C_COMPILER) message(FATAL_ERROR "Could not find prerequisite C compiler") endif () if (NOT CMAKE_CXX_COMPILER AND DEFINED CMAKE_CXX_COMPILER) message(FATAL_ERROR "Could not find prerequisite C++ compiler") endif () bro-aux-0.42/cmake/ConfigurePackaging.cmake000644 000765 000024 00000025014 13400006401 020543 0ustar00jonstaff000000 000000 # A collection of macros to assist in configuring CMake/Cpack # source and binary packaging # Sets CPack version variables by splitting the first macro argument # using "." or "-" as a delimiter. If the length of the split list is # greater than 2, all remaining elements are tacked on to the patch # level version. Not that the version set by the macro is internal # to binary packaging, the file name of our package will reflect the # exact version number. macro(SetPackageVersion _version) string(REGEX REPLACE "[.-]" " " version_numbers ${_version}) separate_arguments(version_numbers) list(GET version_numbers 0 CPACK_PACKAGE_VERSION_MAJOR) list(REMOVE_AT version_numbers 0) list(GET version_numbers 0 CPACK_PACKAGE_VERSION_MINOR) list(REMOVE_AT version_numbers 0) list(LENGTH version_numbers version_length) while (version_length GREATER 0) list(GET version_numbers 0 patch_level) if (CPACK_PACKAGE_VERSION_PATCH) set(CPACK_PACKAGE_VERSION_PATCH "${CPACK_PACKAGE_VERSION_PATCH}.${patch_level}") else () set(CPACK_PACKAGE_VERSION_PATCH ${patch_level}) endif () list(REMOVE_AT version_numbers 0) list(LENGTH version_numbers version_length) endwhile () if (APPLE) # Mac PackageMaker package requires only numbers in the versioning string(REGEX REPLACE "[_a-zA-Z-]" "" CPACK_PACKAGE_VERSION_MAJOR ${CPACK_PACKAGE_VERSION_MAJOR}) string(REGEX REPLACE "[_a-zA-Z-]" "" CPACK_PACKAGE_VERSION_MINOR ${CPACK_PACKAGE_VERSION_MINOR}) if (CPACK_PACKAGE_VERSION_PATCH) string(REGEX REPLACE "[_a-zA-Z-]" "" CPACK_PACKAGE_VERSION_PATCH ${CPACK_PACKAGE_VERSION_PATCH}) endif () endif () if (${CMAKE_SYSTEM_NAME} MATCHES "Linux") # RPM version accepts letters, but not dashes. string(REGEX REPLACE "[-]" "." CPACK_PACKAGE_VERSION_MAJOR ${CPACK_PACKAGE_VERSION_MAJOR}) string(REGEX REPLACE "[-]" "." CPACK_PACKAGE_VERSION_MINOR ${CPACK_PACKAGE_VERSION_MINOR}) if (CPACK_PACKAGE_VERSION_PATCH) string(REGEX REPLACE "[-]" "." CPACK_PACKAGE_VERSION_PATCH ${CPACK_PACKAGE_VERSION_PATCH}) endif () endif () # Minimum supported OS X version set(CPACK_OSX_PACKAGE_VERSION 10.5) endmacro(SetPackageVersion) # Sets the list of desired package types to be created by the make # package target. A .tar.gz is only made for source packages, and # binary pacakage format depends on the operating system: # # Darwin - PackageMaker # Linux - RPM if the platform has rpmbuild installed # DEB if the platform has dpkg-shlibdeps installed # # CPACK_GENERATOR is set by this macro # CPACK_SOURCE_GENERATOR is set by this macro macro(SetPackageGenerators) set(CPACK_SOURCE_GENERATOR TGZ) #set(CPACK_GENERATOR TGZ) if (APPLE) list(APPEND CPACK_GENERATOR PackageMaker) elseif (${CMAKE_SYSTEM_NAME} MATCHES "Linux") find_program(RPMBUILD_EXE rpmbuild) find_program(DPKGSHLIB_EXE dpkg-shlibdeps) if (RPMBUILD_EXE) set(CPACK_GENERATOR ${CPACK_GENERATOR} RPM) endif () if (DPKGSHLIB_EXE) set(CPACK_GENERATOR ${CPACK_GENERATOR} DEB) set(CPACK_DEBIAN_PACKAGE_SHLIBDEPS true) endif () endif () endmacro(SetPackageGenerators) # Sets CPACK_PACKAGE_FILE_NAME in the following format: # # --- # # and CPACK_SOURCE_PACKAGE_FILE_NAME as: # # - macro(SetPackageFileName _version) if (PACKAGE_NAME_PREFIX) set(CPACK_PACKAGE_FILE_NAME "${PACKAGE_NAME_PREFIX}-${_version}") set(CPACK_SOURCE_PACKAGE_FILE_NAME "${PACKAGE_NAME_PREFIX}-${_version}") else () set(CPACK_PACKAGE_FILE_NAME "${CMAKE_PROJECT_NAME}-${_version}") set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CMAKE_PROJECT_NAME}-${_version}") endif () set(CPACK_PACKAGE_FILE_NAME "${CPACK_PACKAGE_FILE_NAME}-${CMAKE_SYSTEM_NAME}") if (APPLE) # Only Intel-based Macs are supported. CMAKE_SYSTEM_PROCESSOR may # return the confusing 'i386' if running a 32-bit kernel, but chances # are the binary is x86_64 (or more generally 'Intel') compatible. set(arch "Intel") else () set (arch ${CMAKE_SYSTEM_PROCESSOR}) endif () set(CPACK_PACKAGE_FILE_NAME "${CPACK_PACKAGE_FILE_NAME}-${arch}") endmacro(SetPackageFileName) # Sets up binary package metadata macro(SetPackageMetadata) if ( NOT CPACK_PACKAGE_VENDOR ) set(CPACK_PACKAGE_VENDOR "International Computer Science Institute") endif () if ( NOT CPACK_PACKAGE_CONTACT ) set(CPACK_PACKAGE_CONTACT "info@bro.org") endif () if ( NOT CPACK_PACKAGE_DESCRIPTION_SUMMARY ) set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "The Bro Network Intrusion Detection System") endif () # CPack may enforce file name extensions for certain package generators configure_file(${CMAKE_CURRENT_SOURCE_DIR}/README ${CMAKE_CURRENT_BINARY_DIR}/README.txt COPYONLY) if ( EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/COPYING ) configure_file(${CMAKE_CURRENT_SOURCE_DIR}/COPYING ${CMAKE_CURRENT_BINARY_DIR}/COPYING.txt COPYONLY) elseif ( EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/COPYING.edit-me ) # Bro plugin skeletons have a placeholder file. Just use # it even if it hasn't actually been changed. configure_file(${CMAKE_CURRENT_SOURCE_DIR}/COPYING.edit-me ${CMAKE_CURRENT_BINARY_DIR}/COPYING.txt COPYONLY) endif () if ( EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/cmake/MAC_PACKAGE_INTRO ) configure_file(${CMAKE_CURRENT_SOURCE_DIR}/cmake/MAC_PACKAGE_INTRO ${CMAKE_CURRENT_BINARY_DIR}/MAC_PACKAGE_INTRO.txt) else () configure_file(${CMAKE_CURRENT_SOURCE_DIR}/README ${CMAKE_CURRENT_BINARY_DIR}/MAC_PACKAGE_INTRO.txt) endif () set(CPACK_PACKAGE_DESCRIPTION_FILE ${CMAKE_CURRENT_BINARY_DIR}/README.txt) set(CPACK_RESOURCE_FILE_LICENSE ${CMAKE_CURRENT_BINARY_DIR}/COPYING.txt) set(CPACK_RESOURCE_FILE_README ${CMAKE_CURRENT_BINARY_DIR}/README.txt) set(CPACK_RESOURCE_FILE_WELCOME ${CMAKE_CURRENT_BINARY_DIR}/MAC_PACKAGE_INTRO.txt) if ( NOT CPACK_RPM_PACKAGE_LICENSE ) set(CPACK_RPM_PACKAGE_LICENSE "BSD") endif () if ( NOT CPACK_RPM_PACKAGE_GROUP ) set(CPACK_RPM_PACKAGE_GROUP "Applications/System") endif () set(CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION /opt /var /var/opt) endmacro(SetPackageMetadata) # Sets pre and post install scripts for PackageMaker packages. # The main functionality that such scripts offer is a way to make backups # of "configuration" files that a user may have modified. # Note that RPMs already have a robust mechanism for dealing with # user-modified files, so we do not need this additional functionality macro(SetPackageInstallScripts VERSION) if (INSTALLED_CONFIG_FILES) # Remove duplicates from the list of installed config files separate_arguments(INSTALLED_CONFIG_FILES) list(REMOVE_DUPLICATES INSTALLED_CONFIG_FILES) # Space delimit the list again foreach (_file ${INSTALLED_CONFIG_FILES}) set(_tmp "${_tmp} ${_file}") endforeach () set(INSTALLED_CONFIG_FILES "${_tmp}" CACHE STRING "" FORCE) endif () if (${CMAKE_SYSTEM_NAME} MATCHES "Linux") # DEB packages can automatically handle configuration files # if provided in a "conffiles" file in the packaging set(conffiles_file ${CMAKE_CURRENT_BINARY_DIR}/conffiles) if (INSTALLED_CONFIG_FILES) string(REPLACE " " ";" conffiles ${INSTALLED_CONFIG_FILES}) endif () file(WRITE ${conffiles_file} "") foreach (_file ${conffiles}) file(APPEND ${conffiles_file} "${_file}\n") endforeach () list(APPEND CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA ${CMAKE_CURRENT_BINARY_DIR}/conffiles) # RPMs don't need any explicit direction regarding config files. # Leaving the set of installed config files empty will just # bypass the logic in the default pre/post install scripts and let # the RPMs/DEBs do their own thing (regarding backups, etc.) # when upgrading packages. set(INSTALLED_CONFIG_FILES "") endif () if (EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_preinstall.sh.in) configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_preinstall.sh.in ${CMAKE_CURRENT_BINARY_DIR}/package_preinstall.sh @ONLY) configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_preinstall.sh.in ${CMAKE_CURRENT_BINARY_DIR}/preinst @ONLY) set(CPACK_PREFLIGHT_SCRIPT ${CMAKE_CURRENT_BINARY_DIR}/package_preinstall.sh) set(CPACK_RPM_PRE_INSTALL_SCRIPT_FILE ${CMAKE_CURRENT_BINARY_DIR}/package_preinstall.sh) list(APPEND CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA ${CMAKE_CURRENT_BINARY_DIR}/preinst) endif () if (EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_postupgrade.sh.in) configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_postupgrade.sh.in ${CMAKE_CURRENT_BINARY_DIR}/package_postupgrade.sh @ONLY) configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_postupgrade.sh.in ${CMAKE_CURRENT_BINARY_DIR}/postinst @ONLY) set(CPACK_POSTUPGRADE_SCRIPT ${CMAKE_CURRENT_BINARY_DIR}/package_postupgrade.sh) set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE ${CMAKE_CURRENT_BINARY_DIR}/package_postupgrade.sh) list(APPEND CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA ${CMAKE_CURRENT_BINARY_DIR}/postinst) endif () endmacro(SetPackageInstallScripts) # Main macro to configure all the packaging options macro(ConfigurePackaging _version) SetPackageVersion(${_version}) SetPackageGenerators() SetPackageFileName(${_version}) SetPackageMetadata() SetPackageInstallScripts(${_version}) set(CPACK_SET_DESTDIR true) set(CPACK_PACKAGING_INSTALL_PREFIX ${CMAKE_INSTALL_PREFIX}) # add default files/directories to ignore for source package # user may specify others via configure script list(APPEND CPACK_SOURCE_IGNORE_FILES ${CMAKE_BINARY_DIR} ".git") include(CPack) endmacro(ConfigurePackaging) bro-aux-0.42/cmake/PCAPTests.cmake000644 000765 000024 00000004030 13400006401 016556 0ustar00jonstaff000000 000000 include(CheckFunctionExists) include(CheckSymbolExists) include(CheckCSourceCompiles) include(CheckIncludeFiles) set(CMAKE_REQUIRED_INCLUDES ${PCAP_INCLUDE_DIR}) set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY}) cmake_policy(PUSH) if ( POLICY CMP0075 ) # It's fine that check_include_files links against CMAKE_REQUIRED_LIBRARIES cmake_policy(SET CMP0075 NEW) endif () check_include_files(pcap-int.h HAVE_PCAP_INT_H) cmake_policy(POP) check_function_exists(pcap_freecode HAVE_LIBPCAP_PCAP_FREECODE) if (NOT HAVE_LIBPCAP_PCAP_FREECODE) set(DONT_HAVE_LIBPCAP_PCAP_FREECODE true) message(STATUS "No implementation for pcap_freecode()") endif () check_c_source_compiles(" #include int main () { int snaplen; int linktype; struct bpf_program fp; int optimize; bpf_u_int32 netmask; char str[10]; char error[1024]; snaplen = 50; linktype = DLT_EN10MB; optimize = 1; netmask = 0L; str[0] = 'i'; str[1] = 'p'; str[2] = '\\\\0'; (void)pcap_compile_nopcap( snaplen, linktype, &fp, str, optimize, netmask, &error); return 0; } " LIBPCAP_PCAP_COMPILE_NOPCAP_HAS_ERROR_PARAMETER) if (NOT LIBPCAP_PCAP_COMPILE_NOPCAP_HAS_ERROR_PARAMETER) # double check check_c_source_compiles(" #include int main () { int snaplen; int linktype; struct bpf_program fp; int optimize; bpf_u_int32 netmask; char str[10]; snaplen = 50; linktype = DLT_EN10MB; optimize = 1; netmask = 0L; str[0] = 'i'; str[1] = 'p'; str[2] = '\\\\0'; (void)pcap_compile_nopcap(snaplen, linktype, &fp, str, optimize, netmask); return 0; } " LIBPCAP_PCAP_COMPILE_NOPCAP_NO_ERROR_PARAMETER) if (NOT LIBPCAP_PCAP_COMPILE_NOPCAP_NO_ERROR_PARAMETER) message(FATAL_ERROR "Can't determine if pcap_compile_nopcap takes an error parameter") endif () endif () check_symbol_exists(DLT_PPP_SERIAL pcap.h HAVE_DLT_PPP_SERIAL) if (NOT HAVE_DLT_PPP_SERIAL) set(DLT_PPP_SERIAL 50) endif () set(CMAKE_REQUIRED_INCLUDES) set(CMAKE_REQUIRED_LIBRARIES) bro-aux-0.42/cmake/FindTraceSummary.cmake000644 000765 000024 00000000704 13400006401 020231 0ustar00jonstaff000000 000000 # - Try to find the trace-summary Python program # # Usage of this module as follows: # # find_package(TraceSummary) # # Variables defined by this module: # # TRACESUMMARY_FOUND capstats binary found # TraceSummary_EXE path to the capstats executable binary find_program(TRACE_SUMMARY_EXE trace-summary) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(TraceSummary DEFAULT_MSG TRACE_SUMMARY_EXE) bro-aux-0.42/cmake/BroPluginDynamic.cmake000644 000765 000024 00000030545 13400006401 020230 0ustar00jonstaff000000 000000 ## A set of functions for defining Bro plugins. ## ## This set is for plugins compiled dynamically for loading at run-time. ## See BroPluginsStatic.cmake for the static version. ## ## Note: This is meant to run as a standalone CMakeLists.txt. It sets ## up all the basic infrastructure to compile a dynamic Bro plugin when ## included from its top-level CMake file. if ( NOT BRO_PLUGIN_INTERNAL_BUILD ) set(BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH "${BRO_PLUGIN_INSTALL_ROOT}" CACHE INTERNAL "" FORCE) if ( BRO_DIST ) include(${BRO_DIST}/cmake/CommonCMakeConfig.cmake) if ( NOT EXISTS "${BRO_DIST}/build/CMakeCache.txt" ) message(FATAL_ERROR "${BRO_DIST}/build/CMakeCache.txt; has Bro been built?") endif () load_cache("${BRO_DIST}/build" READ_WITH_PREFIX bro_cache_ CMAKE_INSTALL_PREFIX Bro_BINARY_DIR Bro_SOURCE_DIR ENABLE_DEBUG BRO_PLUGIN_INSTALL_PATH BRO_EXE_PATH CMAKE_CXX_FLAGS CMAKE_C_FLAGS CAF_INCLUDE_DIR_CORE CAF_INCLUDE_DIR_IO CAF_INCLUDE_DIR_OPENSSL) if ( NOT BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH ) set(BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH "${bro_cache_BRO_PLUGIN_INSTALL_PATH}" CACHE INTERNAL "" FORCE) endif () set(BRO_PLUGIN_BRO_INSTALL_PREFIX "${bro_cache_CMAKE_INSTALL_PREFIX}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_ENABLE_DEBUG "${bro_cache_ENABLE_DEBUG}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_SRC "${bro_cache_Bro_SOURCE_DIR}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_BUILD "${bro_cache_Bro_BINARY_DIR}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_EXE_PATH "${bro_cache_BRO_EXE_PATH}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_CMAKE ${BRO_PLUGIN_BRO_SRC}/cmake) set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake ${CMAKE_MODULE_PATH}) set(CMAKE_MODULE_PATH ${BRO_PLUGIN_BRO_CMAKE} ${CMAKE_MODULE_PATH}) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${bro_cache_CMAKE_C_FLAGS}") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${bro_cache_CMAKE_CXX_FLAGS}") include_directories(BEFORE ${BRO_PLUGIN_BRO_SRC}/src ${BRO_PLUGIN_BRO_SRC}/aux/binpac/lib ${BRO_PLUGIN_BRO_SRC}/aux/broker ${BRO_PLUGIN_BRO_BUILD} ${BRO_PLUGIN_BRO_BUILD}/src ${BRO_PLUGIN_BRO_BUILD}/aux/binpac/lib ${BRO_PLUGIN_BRO_BUILD}/aux/broker ${bro_cache_CAF_INCLUDE_DIR_CORE} ${bro_cache_CAF_INCLUDE_DIR_IO} ${bro_cache_CAF_INCLUDE_DIR_OPENSSL} ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_BINARY_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_SOURCE_DIR}/src ) set(ENV{PATH} "${BRO_PLUGIN_BRO_BUILD}/build/src:$ENV{PATH}") else () # Independent from BRO_DIST source tree if ( NOT BRO_CONFIG_CMAKE_DIR ) message(FATAL_ERROR "CMake var. BRO_CONFIG_CMAKE_DIR must be set" " to the path where Bro installed its cmake modules") endif () include(${BRO_CONFIG_CMAKE_DIR}/CommonCMakeConfig.cmake) if ( NOT BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH ) if ( NOT BRO_CONFIG_PLUGIN_DIR ) message(FATAL_ERROR "CMake var. BRO_CONFIG_PLUGIN_DIR must be" " set to the path where Bro installs its plugins") endif () set(BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH "${BRO_CONFIG_PLUGIN_DIR}" CACHE INTERNAL "" FORCE) endif () if ( NOT BRO_CONFIG_PREFIX ) message(FATAL_ERROR "CMake var. BRO_CONFIG_PREFIX must be set" " to the root installation path of Bro") endif () if ( NOT BRO_CONFIG_INCLUDE_DIR ) message(FATAL_ERROR "CMake var. BRO_CONFIG_INCLUDE_DIR must be set" " to the installation path of Bro headers") endif () set(BRO_PLUGIN_BRO_CONFIG_INCLUDE_DIR "${BRO_CONFIG_INCLUDE_DIR}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_INSTALL_PREFIX "${BRO_CONFIG_PREFIX}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_EXE_PATH "${BRO_CONFIG_PREFIX}/bin/bro" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_CMAKE ${BRO_CONFIG_CMAKE_DIR}) set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake ${CMAKE_MODULE_PATH}) set(CMAKE_MODULE_PATH ${BRO_PLUGIN_BRO_CMAKE} ${CMAKE_MODULE_PATH}) find_package(BinPAC REQUIRED) find_package(CAF COMPONENTS core io openssl REQUIRED) find_package(Broker REQUIRED) include_directories(BEFORE ${BRO_CONFIG_INCLUDE_DIR} ${BinPAC_INCLUDE_DIR} ${BROKER_INCLUDE_DIR} ${CAF_INCLUDE_DIR_CORE} ${CAF_INCLUDE_DIR_IO} ${CAF_INCLUDE_DIR_OPENSSL} ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_BINARY_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_SOURCE_DIR}/src ) endif () if ( NOT BRO_PLUGIN_BASE ) set(BRO_PLUGIN_BASE "${CMAKE_CURRENT_SOURCE_DIR}" CACHE INTERNAL "" FORCE) endif () set(BRO_PLUGIN_SCRIPTS "${CMAKE_CURRENT_BINARY_DIR}/scripts" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_SCRIPTS_SRC "${BRO_PLUGIN_BASE}/scripts" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BUILD "${CMAKE_CURRENT_BINARY_DIR}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_LIB "${BRO_PLUGIN_BUILD}/lib" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BIF "${BRO_PLUGIN_LIB}/bif" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_MAGIC "${BRO_PLUGIN_BUILD}/__bro_plugin__" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_README "${BRO_PLUGIN_BASE}/README" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_INTERNAL_BUILD false CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BUILD_DYNAMIC true CACHE INTERNAL "" FORCE) message(STATUS "Bro executable : ${BRO_PLUGIN_BRO_EXE_PATH}") message(STATUS "Bro source : ${BRO_PLUGIN_BRO_SRC}") message(STATUS "Bro build : ${BRO_PLUGIN_BRO_BUILD}") message(STATUS "Bro install prefix : ${BRO_PLUGIN_BRO_INSTALL_PREFIX}") message(STATUS "Bro plugin directory: ${BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH}") message(STATUS "Bro debug mode : ${BRO_PLUGIN_ENABLE_DEBUG}") if (${CMAKE_SYSTEM_NAME} MATCHES "Darwin") # By default Darwin's linker requires all symbols to be present at link time. set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -undefined dynamic_lookup -Wl,-bind_at_load") endif () set(bro_PLUGIN_LIBS CACHE INTERNAL "plugin libraries" FORCE) set(bro_PLUGIN_BIF_SCRIPTS CACHE INTERNAL "Bro script stubs for BIFs in Bro plugins" FORCE) add_definitions(-DBRO_PLUGIN_INTERNAL_BUILD=false) add_custom_target(generate_outputs) if ( BRO_PLUGIN_ENABLE_DEBUG ) set(ENABLE_DEBUG true) set(CMAKE_BUILD_TYPE Debug) endif () include(SetDefaultCompileFlags) else () set(BRO_PLUGIN_BASE "${CMAKE_CURRENT_BINARY_DIR}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_LIB "${CMAKE_CURRENT_BINARY_DIR}/lib" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BIF "${BRO_PLUGIN_LIB}/bif" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_MAGIC "${BRO_PLUGIN_BASE}/__bro_plugin__" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_README "${BRO_PLUGIN_BASE}/README" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_SCRIPTS "${BRO_PLUGIN_BASE}/scripts" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_SCRIPTS_SRC "${CMAKE_CURRENT_SOURCE_DIR}/scripts" CACHE INTERNAL "" FORCE) endif () include(GetArchitecture) function(bro_plugin_bif_dynamic) foreach ( bif ${ARGV} ) bif_target(${bif} "plugin" ${_plugin_name} ${_plugin_name_canon} FALSE) list(APPEND _plugin_objs ${BIF_OUTPUT_CC}) list(APPEND _plugin_deps ${BIF_BUILD_TARGET}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) set(_plugin_deps "${_plugin_deps}" PARENT_SCOPE) endforeach () endfunction() function(bro_plugin_link_library_dynamic) foreach ( lib ${ARGV} ) set(_plugin_libs ${_plugin_libs} ${lib} CACHE INTERNAL "dynamic plugin libraries") endforeach () endfunction() function(bro_plugin_end_dynamic) # Create the dynamic library/bundle. add_library(${_plugin_lib} MODULE ${_plugin_objs}) set_target_properties(${_plugin_lib} PROPERTIES LIBRARY_OUTPUT_DIRECTORY "${BRO_PLUGIN_LIB}") set_target_properties(${_plugin_lib} PROPERTIES PREFIX "") # set_target_properties(${_plugin_lib} PROPERTIES ENABLE_EXPORTS TRUE) add_dependencies(${_plugin_lib} generate_outputs) if ( _plugin_deps ) add_dependencies(${_plugin_lib} ${_plugin_deps}) endif() target_link_libraries(${_plugin_lib} ${_plugin_libs}) # Create bif/__init__.bro. bro_bif_create_loader(bif-init-${_plugin_name_canon} "${bro_PLUGIN_BIF_SCRIPTS}") # Copy scripts/ if it's not already at the right place inside the # plugin directory. (Actually, we create a symbolic link rather # than copy so that edits to the scripts show up immediately.) if ( NOT "${BRO_PLUGIN_SCRIPTS_SRC}" STREQUAL "${BRO_PLUGIN_SCRIPTS}" ) add_custom_target(copy-scripts-${_plugin_name_canon} # COMMAND "${CMAKE_COMMAND}" -E remove_directory ${BRO_PLUGIN_SCRIPTS} # COMMAND "${CMAKE_COMMAND}" -E copy_directory ${BRO_PLUGIN_SCRIPTS_SRC} ${BRO_PLUGIN_SCRIPTS}) COMMAND test -d ${BRO_PLUGIN_SCRIPTS_SRC} && rm -f ${BRO_PLUGIN_SCRIPTS} && ln -s ${BRO_PLUGIN_SCRIPTS_SRC} ${BRO_PLUGIN_SCRIPTS} || true) add_dependencies(${_plugin_lib} copy-scripts-${_plugin_name_canon}) endif() if ( _plugin_deps ) add_dependencies(bif-init-${_plugin_name_canon} ${_plugin_deps}) add_dependencies(${_plugin_lib} bif-init-${_plugin_name_canon}) endif() # Create __bro_plugin__ # string(REPLACE "${BRO_PLUGIN_BASE}/" "" msg "Creating ${BRO_PLUGIN_MAGIC} for ${_plugin_name}") get_filename_component(_magic_basename ${BRO_PLUGIN_MAGIC} NAME) add_custom_target(bro-plugin-${_plugin_name_canon} COMMAND echo "${_plugin_name}" ">${BRO_PLUGIN_MAGIC}" COMMENT "Creating ${_magic_basename} for ${_plugin_name}") if ( _plugin_deps ) add_dependencies(bro-plugin-${_plugin_name_canon} ${_plugin_deps}) endif() add_dependencies(${_plugin_lib} bro-plugin-${_plugin_name_canon}) set(_dist_tarball_name ${_plugin_name_canon}.tar.gz) set(_dist_output ${CMAKE_CURRENT_BINARY_DIR}/${_dist_tarball_name}) # Create binary install package. add_custom_command(OUTPUT ${_dist_output} COMMAND ${BRO_PLUGIN_BRO_CMAKE}/bro-plugin-create-package.sh ${_plugin_name_canon} ${_plugin_dist} WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR} DEPENDS ${_plugin_lib} COMMENT "Building binary plugin package: ${_dist_tarball_name}") add_custom_target(dist ALL DEPENDS ${_dist_output}) set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${BRO_PLUGIN_BIF}) set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${BRO_PLUGIN_LIB}) set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${BRO_PLUGIN_MAGIC}) ### Plugin installation. set(plugin_install "${BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH}/${_plugin_name_canon}") INSTALL(CODE "execute_process( COMMAND ${BRO_PLUGIN_BRO_CMAKE}/bro-plugin-install-package.sh ${_plugin_name_canon} \$ENV{DESTDIR}/${BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH} WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR} )") endfunction() macro(_plugin_target_name_dynamic target ns name) set(${target} "${ns}-${name}.${HOST_ARCHITECTURE}") endmacro() bro-aux-0.42/cmake/SetDefaultCompileFlags.cmake000644 000765 000024 00000002223 13400006401 021340 0ustar00jonstaff000000 000000 # Set up the default flags and CMake build type once during the configuration # of the top-level CMake project. if ("${PROJECT_SOURCE_DIR}" STREQUAL "${CMAKE_SOURCE_DIR}") set(EXTRA_COMPILE_FLAGS "-Wall -Wno-unused") if ( NOT CMAKE_BUILD_TYPE ) if ( ENABLE_DEBUG ) set(CMAKE_BUILD_TYPE Debug) else () set(CMAKE_BUILD_TYPE RelWithDebInfo) endif () endif () string(TOUPPER ${CMAKE_BUILD_TYPE} _build_type_upper) if ( "${_build_type_upper}" STREQUAL "DEBUG" ) if ( ENABLE_COVERAGE ) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --coverage") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} --coverage") endif() # manual add of -g works around its omission in FreeBSD's CMake port set(EXTRA_COMPILE_FLAGS "${EXTRA_COMPILE_FLAGS} -g -DDEBUG -DBRO_DEBUG") endif () # Compiler flags may already exist in CMake cache (e.g. when specifying # CFLAGS environment variable before running cmake for the the first time) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_COMPILE_FLAGS}") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${EXTRA_COMPILE_FLAGS}") endif () bro-aux-0.42/cmake/GetArchitecture.cmake000644 000765 000024 00000000527 13400006401 020101 0ustar00jonstaff000000 000000 # Determine a tag for the host architecture (e.g., "linux-x86_64"). # We run uname ourselves here as CMAKE by default uses -p rather than # -m. execute_process(COMMAND uname -m OUTPUT_VARIABLE arch OUTPUT_STRIP_TRAILING_WHITESPACE) set(HOST_ARCHITECTURE "${CMAKE_SYSTEM_NAME}-${arch}") string(TOLOWER ${HOST_ARCHITECTURE} HOST_ARCHITECTURE) bro-aux-0.42/cmake/FindLibKrb5.cmake000644 000765 000024 00000002137 13400006401 017051 0ustar00jonstaff000000 000000 # - Try to find Krb5 headers and libraries # # Usage of this module as follows: # # find_package(LibKrb5) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # LibKrb5_ROOT_DIR Set this variable to the root installation of # libKrb5 if the module has problems finding the # proper installation path. # # Variables defined by this module: # # LibKrb5_FOUND System has Krb5 libraries and headers # LibKrb5_LIBRARY The Krb5 library # LibKrb5_INCLUDE_DIR The location of Krb5 headers find_path(LibKrb5_ROOT_DIR NAMES include/krb5.h ) find_library(LibKrb5_LIBRARY NAMES krb5 HINTS ${LibKrb5_ROOT_DIR}/lib ) find_path(LibKrb5_INCLUDE_DIR NAMES krb5.h HINTS ${LibKrb5_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(LibKrb5 DEFAULT_MSG LibKrb5_LIBRARY LibKrb5_INCLUDE_DIR ) mark_as_advanced( LibKrb5_ROOT_DIR LibKrb5_LIBRARY LibKrb5_INCLUDE_DIR ) bro-aux-0.42/cmake/package_postupgrade.sh.in000755 000765 000024 00000004357 13400006401 020776 0ustar00jonstaff000000 000000 #!/bin/sh # This script is meant to be used by binary packages post-installation. # Variables between @ symbols are replaced by CMake at configure time. backupNamesFile=/tmp/bro_install_backups version=@VERSION@ sampleFiles="" # check whether it's safe to remove backup configuration files that # the most recent package install created if [ -e ${backupNamesFile} ]; then backupFileList=`cat ${backupNamesFile}` for backupFile in ${backupFileList}; do origFileName=`echo ${backupFile} | sed 's/\(.*\)\..*/\1/'` diff ${origFileName} ${backupFile} > /dev/null 2>&1 if [ $? -eq 0 ]; then # if the installed version and the backup version don't differ # then we can remove the backup version and the example file rm ${backupFile} rm ${origFileName}.example else # The backup file differs from the newly installed version, # since we can't tell if the backup version has been modified # by the user, we should restore it to its original location # and rename the new version appropriately. sampleFiles="${sampleFiles}\n${origFileName}.example" mv ${backupFile} ${origFileName} fi done rm ${backupNamesFile} fi if [ -n "${sampleFiles}" ]; then # Use some apple script to display a message to user /usr/bin/osascript << EOF tell application "System Events" activate display alert "Existing configuration files differ from the ones that would be installed by this package. To avoid overwriting configuration which you may have modified, the following new config files have been installed:\n${sampleFiles}\n\nIf you have previously modified configuration files, please make sure that they are still compatible, else you should update your config files to the new versions." end tell EOF fi # Set up world writeable spool and logs directory for broctl, making sure # to set the sticky bit so that unprivileged users can't rename/remove files. # (CMake/CPack is supposed to install them, but has problems with empty dirs) if [ -n "@EMPTY_WORLD_DIRS@" ]; then for dir in "@EMPTY_WORLD_DIRS@"; do mkdir -p ${dir} chmod 777 ${dir} chmod +t ${dir} done fi bro-aux-0.42/cmake/CheckOptionalBuildSources.cmake000644 000765 000024 00000001650 13400006401 022064 0ustar00jonstaff000000 000000 # A macro that checks whether optional sources exist and if they do, they # are added to the build/install process, else a warning is issued # # _dir: the subdir of the current source dir in which the optional # sources are located # _packageName: a string that identifies the package # _varName: name of the variable indicating whether package is scheduled # to be installed macro(CheckOptionalBuildSources _dir _packageName _varName) if (${_varName}) if (EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/${_dir}/CMakeLists.txt) add_subdirectory(${_dir}) else () message(WARNING "${_packageName} source code does not exist in " "${CMAKE_CURRENT_SOURCE_DIR}/${_dir} " "so it will not be built or installed") set(${_varName} false) endif () endif () endmacro(CheckOptionalBuildSources) bro-aux-0.42/cmake/BifCl.cmake000644 000765 000024 00000023014 13400006401 015772 0ustar00jonstaff000000 000000 # A macro to define a command that uses the BIF compiler to produce C++ # segments and Bro language declarations from a .bif file. The outputs # are returned in BIF_OUTPUT_{CC,H,BRO}. By default, it runs bifcl in # alternative mode (-a; suitable for standalone compilation). If # an additional parameter "standard" is given, it runs it in standard mode # for inclusion in NetVar.*. If an additional parameter "plugin" is given, # it runs it in plugin mode (-p). In the latter case, one more argument # is required with the plugin's name. # # The macro also creates a target that can be used to define depencencies on # the generated files. The name of the target depends on the mode and includes # a normalized path to the input bif to make it unique. The target is added # automatically to bro_ALL_GENERATED_OUTPUTS. macro(bif_target bifInput) set(target "") get_filename_component(bifInputBasename "${bifInput}" NAME) if ( "${ARGV1}" STREQUAL "standard" ) set(bifcl_args "") set(target "bif-std-${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}") set(bifOutputs ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.func_def ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.func_h ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.func_init ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.netvar_def ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.netvar_h ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.netvar_init) set(BIF_OUTPUT_CC ${bifInputBasename}.func_def ${bifInputBasename}.func_init ${bifInputBasename}.netvar_def ${bifInputBasename}.netvar_init) set(BIF_OUTPUT_H ${bifInputBasename}.func_h ${bifInputBasename}.netvar_h) set(BIF_OUTPUT_BRO ${CMAKE_BINARY_DIR}/scripts/base/bif/${bifInputBasename}.bro) set(bro_BASE_BIF_SCRIPTS ${bro_BASE_BIF_SCRIPTS} ${BIF_OUTPUT_BRO} CACHE INTERNAL "Bro script stubs for BIFs in base distribution of Bro" FORCE) # Propogate to top-level elseif ( "${ARGV1}" STREQUAL "plugin" ) set(plugin_name ${ARGV2}) set(plugin_name_canon ${ARGV3}) set(plugin_is_static ${ARGV4}) set(target "bif-plugin-${plugin_name_canon}-${bifInputBasename}") set(bifcl_args "-p;${plugin_name}") set(bifOutputs ${bifInputBasename}.h ${bifInputBasename}.cc ${bifInputBasename}.init.cc ${bifInputBasename}.register.cc) if ( plugin_is_static ) set(BIF_OUTPUT_CC ${bifInputBasename}.cc ${bifInputBasename}.init.cc) set(bro_REGISTER_BIFS ${bro_REGISTER_BIFS} ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename} CACHE INTERNAL "BIFs for automatic registering" FORCE) # Propagate to top-level. else () set(BIF_OUTPUT_CC ${bifInputBasename}.cc ${bifInputBasename}.init.cc ${bifInputBasename}.register.cc) endif() set(BIF_OUTPUT_H ${bifInputBasename}.h) if ( NOT BRO_PLUGIN_BUILD_DYNAMIC ) set(BIF_OUTPUT_BRO ${CMAKE_BINARY_DIR}/scripts/base/bif/plugins/${plugin_name_canon}.${bifInputBasename}.bro) else () set(BIF_OUTPUT_BRO ${BRO_PLUGIN_BIF}/${bifInputBasename}.bro) endif() set(bro_PLUGIN_BIF_SCRIPTS ${bro_PLUGIN_BIF_SCRIPTS} ${BIF_OUTPUT_BRO} CACHE INTERNAL "Bro script stubs for BIFs in Bro plugins" FORCE) # Propogate to top-level else () # Alternative mode. These will get compiled in automatically. set(bifcl_args "-s") set(target "bif-alt-${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}") set(bifOutputs ${bifInputBasename}.h ${bifInputBasename}.cc ${bifInputBasename}.init.cc) set(BIF_OUTPUT_CC ${bifInputBasename}.cc) set(BIF_OUTPUT_H ${bifInputBasename}.h) # In order be able to run bro from the build directory, the # generated bro script needs to be inside a directory tree # named the same way it will be referenced from an @load. set(BIF_OUTPUT_BRO ${CMAKE_BINARY_DIR}/scripts/base/bif/${bifInputBasename}.bro) set(bro_AUTO_BIFS ${bro_AUTO_BIFS} ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename} CACHE INTERNAL "BIFs for automatic inclusion" FORCE) # Propagate to top-level. set(bro_BASE_BIF_SCRIPTS ${bro_BASE_BIF_SCRIPTS} ${BIF_OUTPUT_BRO} CACHE INTERNAL "Bro script stubs for BIFs in base distribution of Bro" FORCE) # Propogate to top-level endif () if ( BRO_PLUGIN_INTERNAL_BUILD ) if ( BIFCL_EXE_PATH ) set(BifCl_EXE ${BIFCL_EXE_PATH}) else () set(BifCl_EXE "bifcl") endif () else () if ( NOT BifCl_EXE ) if ( BRO_PLUGIN_BRO_BUILD ) set(BifCl_EXE "${BRO_PLUGIN_BRO_BUILD}/aux/bifcl/bifcl") else () find_program(BifCl_EXE bifcl) if ( NOT BifCl_EXE ) message(FATAL_ERROR "Failed to find 'bifcl' program") endif () endif () endif () endif () set(bifclDep ${BifCl_EXE}) add_custom_command(OUTPUT ${bifOutputs} ${BIF_OUTPUT_BRO} COMMAND ${BifCl_EXE} ARGS ${bifcl_args} ${CMAKE_CURRENT_SOURCE_DIR}/${bifInput} || (rm -f ${bifOutputs} && exit 1) COMMAND "${CMAKE_COMMAND}" ARGS -E copy ${bifInputBasename}.bro ${BIF_OUTPUT_BRO} COMMAND "${CMAKE_COMMAND}" ARGS -E remove -f ${bifInputBasename}.bro DEPENDS ${bifInput} DEPENDS ${bifclDep} COMMENT "[BIFCL] Processing ${bifInput}" ) string(REGEX REPLACE "${CMAKE_BINARY_DIR}/src/" "" target "${target}") string(REGEX REPLACE "/" "-" target "${target}") add_custom_target(${target} DEPENDS ${BIF_OUTPUT_H} ${BIF_OUTPUT_CC}) set_source_files_properties(${bifOutputs} PROPERTIES GENERATED 1) set(BIF_BUILD_TARGET ${target}) set(bro_ALL_GENERATED_OUTPUTS ${bro_ALL_GENERATED_OUTPUTS} ${target} CACHE INTERNAL "automatically generated files" FORCE) # Propagate to top-level. endmacro(bif_target) # A macro to create a __load__.bro file for all *.bif.bro files in # a given collection (which should all be in the same directory). # It creates a corresponding target to trigger the generation. function(bro_bif_create_loader target bifinputs) set(_bif_loader_dir "") foreach ( _bro_file ${bifinputs} ) get_filename_component(_bif_loader_dir_tmp ${_bro_file} PATH) get_filename_component(_bro_file_name ${_bro_file} NAME) if ( _bif_loader_dir ) if ( NOT _bif_loader_dir_tmp STREQUAL _bif_loader_dir ) message(FATAL_ERROR "Directory of Bro script BIF stub ${_bro_file} differs from expected: ${_bif_loader_dir}") endif () else () set(_bif_loader_dir ${_bif_loader_dir_tmp}) endif () set(_bif_loader_content "${_bif_loader_content} ${_bro_file_name}") endforeach () if ( NOT _bif_loader_dir ) return () endif () file(MAKE_DIRECTORY ${_bif_loader_dir}) set(_bif_loader_file ${_bif_loader_dir}/__load__.bro) add_custom_target(${target} COMMAND "sh" "-c" "rm -f ${_bif_loader_file}" COMMAND "sh" "-c" "for i in ${_bif_loader_content}; do echo @load ./$i >> ${_bif_loader_file}; done" WORKING_DIRECTORY ${_bif_loader_dir} VERBATIM ) add_dependencies(${target} generate_outputs) endfunction() # A macro to create joint include files for compiling in all the # autogenerated bif code. function(bro_bif_create_includes target dstdir bifinputs) file(MAKE_DIRECTORY ${dstdir}) add_custom_target(${target} COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.cc.tmp" COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.init.cc.tmp" COMMAND for i in ${bifinputs}\; do echo \\\#include \\"\$\$i.cc\\"\; done >> ${dstdir}/__all__.bif.cc.tmp COMMAND for i in ${bifinputs}\; do echo \\\#include \\"\$\$i.init.cc\\"\; done >> ${dstdir}/__all__.bif.init.cc.tmp COMMAND ${CMAKE_COMMAND} -E copy_if_different "${dstdir}/__all__.bif.cc.tmp" "${dstdir}/__all__.bif.cc" COMMAND ${CMAKE_COMMAND} -E copy_if_different "${dstdir}/__all__.bif.init.cc.tmp" "${dstdir}/__all__.bif.init.cc" COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.cc.tmp" COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.init.cc.tmp" WORKING_DIRECTORY ${dstdir} ) set(clean_files ${dstdir}/__all__.bif.cc ${dstdir}/__all__.bif.init.cc) set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES "${clean_files}") endfunction() function(bro_bif_create_register target dstdir bifinputs) file(MAKE_DIRECTORY ${dstdir}) add_custom_target(${target} COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.register.cc.tmp" COMMAND for i in ${bifinputs}\; do echo \\\#include \\"\$\$i.register.cc\\"\; done >> ${dstdir}/__all__.bif.register.cc.tmp COMMAND ${CMAKE_COMMAND} -E copy_if_different "${dstdir}/__all__.bif.register.cc.tmp" "${dstdir}/__all__.bif.register.cc" COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.register.cc.tmp" WORKING_DIRECTORY ${dstdir} ) set(clean_files ${dstdir}/__all__.bif.cc ${dstdir}/__all__.bif.register.cc) set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES "${clean_files}") endfunction() bro-aux-0.42/cmake/AddUninstallTarget.cmake000644 000765 000024 00000000674 13400006401 020553 0ustar00jonstaff000000 000000 if (NOT TARGET uninstall) if ( EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/cmake/cmake_uninstall.cmake.in" ) configure_file("${CMAKE_CURRENT_SOURCE_DIR}/cmake/cmake_uninstall.cmake.in" "${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake" @ONLY) add_custom_target(uninstall COMMAND ${CMAKE_COMMAND} -P ${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake) endif () endif () bro-aux-0.42/cmake/CommonCMakeConfig.cmake000644 000765 000024 00000000430 13400006401 020267 0ustar00jonstaff000000 000000 set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake ${CMAKE_MODULE_PATH}) set(CMAKE_EXPORT_COMPILE_COMMANDS ON) include(CheckCompilers) include(ProhibitInSourceBuild) include(AddUninstallTarget) include(SetupRPATH) include(SetDefaultCompileFlags) include(MacDependencyPaths) bro-aux-0.42/cmake/CheckNameserCompat.cmake000644 000765 000024 00000001360 13400006401 020507 0ustar00jonstaff000000 000000 include(CheckCSourceCompiles) # Check whether the namser compatibility header is required # This can be the case on the Darwin platform set(CMAKE_REQUIRED_INCLUDES ${BIND_INCLUDE_DIR}) check_c_source_compiles(" #include int main() { HEADER *hdr; int d = NS_IN6ADDRSZ; return 0; }" have_nameser_header) if (NOT have_nameser_header) check_c_source_compiles(" #include #include int main() { HEADER *hdr; int d = NS_IN6ADDRSZ; return 0; }" NEED_NAMESER_COMPAT_H) if (NOT NEED_NAMESER_COMPAT_H) message(FATAL_ERROR "Asynchronous DNS support compatibility check failed.") endif () endif () set(CMAKE_REQUIRED_INCLUDES) bro-aux-0.42/cmake/BinPAC.cmake000644 000765 000024 00000004767 13400006401 016065 0ustar00jonstaff000000 000000 # A macro to define a command that uses the BinPac compiler to # produce C++ code that implements a protocol parser/analyzer. # The outputs are returned in BINPAC_OUTPUT_{CC,H}. # Additional dependencies are pulled from BINPAC_AUXSRC. # # The macro also creates a target that can be used to define depencencies on # the generated files. The name of the target includes a normalized path to # the input pac to make it unique. The target is added automatically to # bro_ALL_GENERATED_OUTPUTS. macro(BINPAC_TARGET pacFile) if ( BRO_PLUGIN_INTERNAL_BUILD ) if ( BINPAC_EXE_PATH ) set(BinPAC_EXE ${BINPAC_EXE_PATH}) endif () set(binpacDep "${BinPAC_EXE}") else () if ( BRO_PLUGIN_BRO_BUILD ) set(BinPAC_EXE "${BRO_PLUGIN_BRO_BUILD}/aux/binpac/src/binpac") set(BinPAC_addl_args "-I;${BRO_PLUGIN_BRO_SRC}/src") else () find_package(BinPAC REQUIRED) set(BinPAC_addl_args "-I;${BRO_PLUGIN_BRO_CONFIG_INCLUDE_DIR}") endif () endif () get_filename_component(basename ${pacFile} NAME_WE) add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${basename}_pac.h ${CMAKE_CURRENT_BINARY_DIR}/${basename}_pac.cc COMMAND ${BinPAC_EXE} ARGS -q -d ${CMAKE_CURRENT_BINARY_DIR} -I ${CMAKE_CURRENT_SOURCE_DIR} -I ${CMAKE_SOURCE_DIR}/src ${BinPAC_addl_args} ${CMAKE_CURRENT_SOURCE_DIR}/${pacFile} DEPENDS ${binpacDep} ${pacFile} ${BINPAC_AUXSRC} ${ARGN} COMMENT "[BINPAC] Processing ${pacFile}" ) set(BINPAC_OUTPUT_H ${CMAKE_CURRENT_BINARY_DIR}/${basename}_pac.h) set(BINPAC_OUTPUT_CC ${CMAKE_CURRENT_BINARY_DIR}/${basename}_pac.cc) set(pacOutputs ${BINPAC_OUTPUT_H} ${BINPAC_OUTPUT_CC}) set_property(SOURCE ${BINPAC_OUTPUT_CC} APPEND_STRING PROPERTY COMPILE_FLAGS "-Wno-tautological-compare") set(target "pac-${CMAKE_CURRENT_BINARY_DIR}/${pacFile}") string(REGEX REPLACE "${CMAKE_BINARY_DIR}/src/" "" target "${target}") string(REGEX REPLACE "/" "-" target "${target}") add_custom_target(${target} DEPENDS ${pacOutputs}) set(BINPAC_BUILD_TARGET ${target}) set(bro_ALL_GENERATED_OUTPUTS ${bro_ALL_GENERATED_OUTPUTS} ${target} CACHE INTERNAL "automatically generated files" FORCE) # Propagate to top-level. endmacro(BINPAC_TARGET) bro-aux-0.42/cmake/README000644 000765 000024 00000000205 13400006401 014666 0ustar00jonstaff000000 000000 This is a collection of CMake scripts intended to be included as a git submodule in other repositories related to Bro (www.bro.org). bro-aux-0.42/cmake/InstallSymlink.cmake000644 000765 000024 00000003475 13400006401 020001 0ustar00jonstaff000000 000000 # This macro can be used to install symlinks, which turns out to be # non-trivial due to CMake version differences and limitations on how # files can be installed when building binary packages. # # The rule for binary packaging is that files (including symlinks) must # be installed with the standard CMake install() macro. # # The rule for non-binary packaging is that CMake 2.6 cannot install() # symlinks, but can create the symlink at install-time via scripting. # Though, we assume that CMake 2.6 isn't going to be used to generate # packages because versions later than 2.8.3 are superior for that purpose. # # _filepath: the absolute path to the file to symlink # _sympath: absolute path of the installed symlink macro(InstallSymlink _filepath _sympath) get_filename_component(_symname ${_sympath} NAME) get_filename_component(_installdir ${_sympath} PATH) if (BINARY_PACKAGING_MODE) execute_process(COMMAND "${CMAKE_COMMAND}" -E create_symlink ${_filepath} ${CMAKE_CURRENT_BINARY_DIR}/${_symname}) install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${_symname} DESTINATION ${_installdir}) else () # scripting the symlink installation at install time should work # for CMake 2.6.x and 2.8.x install(CODE " if (\"\$ENV{DESTDIR}\" STREQUAL \"\") execute_process(COMMAND \"${CMAKE_COMMAND}\" -E create_symlink ${_filepath} ${_installdir}/${_symname}) else () execute_process(COMMAND \"${CMAKE_COMMAND}\" -E create_symlink ${_filepath} \$ENV{DESTDIR}/${_installdir}/${_symname}) endif () ") endif () endmacro(InstallSymlink) bro-aux-0.42/cmake/BroPluginStatic.cmake000644 000765 000024 00000002626 13400006401 020072 0ustar00jonstaff000000 000000 ## A set of functions for defining Bro plugins. ## ## This set is for plugins compiled in statically. ## See BroPluginsDynamic.cmake for the dynamic version. function(bro_plugin_bif_static) foreach ( bif ${ARGV} ) bif_target(${bif} "plugin" ${_plugin_name} ${_plugin_name_canon} TRUE) list(APPEND _plugin_objs ${BIF_OUTPUT_CC}) list(APPEND _plugin_deps ${BIF_BUILD_TARGET}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) set(_plugin_deps "${_plugin_deps}" PARENT_SCOPE) endforeach () endfunction() function(bro_plugin_link_library_static) foreach ( lib ${ARGV} ) set(bro_SUBDIR_LIBS ${bro_SUBDIR_LIBS} "${lib}" CACHE INTERNAL "plugin libraries") endforeach () endfunction() function(bro_plugin_end_static) if ( bro_HAVE_OBJECT_LIBRARIES ) add_library(${_plugin_lib} OBJECT ${_plugin_objs}) set(_target "$") else () add_library(${_plugin_lib} STATIC ${_plugin_objs}) set(_target "${_plugin_lib}") endif () if ( NOT "${_plugin_deps}" STREQUAL "" ) add_dependencies(${_plugin_lib} ${_plugin_deps}) endif () add_dependencies(${_plugin_lib} generate_outputs) set(bro_PLUGIN_LIBS ${bro_PLUGIN_LIBS} "${_target}" CACHE INTERNAL "plugin libraries") endfunction() macro(_plugin_target_name_static target ns name) set(${target} "plugin-${ns}-${name}") endmacro() bro-aux-0.42/cmake/MAC_PACKAGE_INTRO000644 000765 000024 00000001247 13400006401 016426 0ustar00jonstaff000000 000000 This package will install @CMAKE_PROJECT_NAME@ into the following location: @CMAKE_INSTALL_PREFIX@ You may choose to update your PATH environment variable: # For Bash export PATH=@CMAKE_INSTALL_PREFIX@/bin:$PATH # For CSH setenv PATH @CMAKE_INSTALL_PREFIX@/bin:$PATH If you have more than one volume, please choose the install destination as the one that contains the root filesystem. If you have existing configuration files that are modified or otherwise different from the version included in the package, this installer will attempt to prevent overwirting them, but its also advisable to make your own backups of important files before proceeding. bro-aux-0.42/cmake/FindSubnetTree.cmake000644 000765 000024 00000001446 13400006401 017701 0ustar00jonstaff000000 000000 # - Determine if the SubnetTree Python module is available # # Usage of this module as follows: # # find_package(PythonInterp REQUIRED) # find_package(SubnetTree) # # Variables defined by this module: # # SUBNETTREE_FOUND Python successfully imports SubnetTree module if (NOT SUBNETTREE_FOUND) execute_process(COMMAND "${PYTHON_EXECUTABLE}" -c "import SubnetTree" RESULT_VARIABLE SUBNETTREE_IMPORT_RESULT) if (SUBNETTREE_IMPORT_RESULT) # python returned non-zero exit status set(SUBNETTREE_PYTHON_MODULE false) else () set(SUBNETTREE_PYTHON_MODULE true) endif () endif () include(FindPackageHandleStandardArgs) find_package_handle_standard_args(SubnetTree DEFAULT_MSG SUBNETTREE_PYTHON_MODULE) bro-aux-0.42/cmake/CheckHeaders.cmake000644 000765 000024 00000003163 13400006401 017327 0ustar00jonstaff000000 000000 include(CheckIncludeFiles) include(CheckStructHasMember) include(CheckSymbolExists) check_include_files(getopt.h HAVE_GETOPT_H) check_include_files(memory.h HAVE_MEMORY_H) check_include_files("netinet/ether.h" HAVE_NETINET_ETHER_H) check_include_files("sys/socket.h;netinet/in.h;net/if.h;netinet/if_ether.h" HAVE_NETINET_IF_ETHER_H) check_include_files("sys/socket.h;netinet/in.h;net/if.h;netinet/ip6.h" HAVE_NETINET_IP6_H) check_include_files("sys/socket.h;net/if.h;net/ethernet.h" HAVE_NET_ETHERNET_H) check_include_files(sys/ethernet.h HAVE_SYS_ETHERNET_H) check_include_files(net/ethertypes.h HAVE_NET_ETHERTYPES_H) check_include_files(sys/time.h HAVE_SYS_TIME_H) check_include_files("time.h;sys/time.h" TIME_WITH_SYS_TIME) check_include_files(os-proto.h HAVE_OS_PROTO_H) check_struct_has_member(HISTORY_STATE entries "stdio.h;readline/readline.h" HAVE_READLINE_HISTORY_ENTRIES) check_include_files("stdio.h;readline/readline.h" HAVE_READLINE_READLINE_H) check_include_files("stdio.h;readline/history.h" HAVE_READLINE_HISTORY_H) if (HAVE_READLINE_READLINE_H AND HAVE_READLINE_HISTORY_H AND HAVE_READLINE_HISTORY_ENTRIES) set(HAVE_READLINE true) endif () check_struct_has_member("struct sockaddr_in" sin_len "netinet/in.h" SIN_LEN) macro(CheckIPProto _proto) check_symbol_exists(IPPROTO_${_proto} netinet/in.h HAVE_IPPROTO_${_proto}) endmacro(CheckIPProto _proto) CheckIPProto(HOPOPTS) CheckIPProto(IPV6) CheckIPProto(IPV4) CheckIPProto(ROUTING) CheckIPProto(FRAGMENT) CheckIPProto(ESP) CheckIPProto(AH) CheckIPProto(ICMPV6) CheckIPProto(NONE) CheckIPProto(DSTOPTS) bro-aux-0.42/cmake/FindBIND.cmake000644 000765 000024 00000005531 13400006401 016334 0ustar00jonstaff000000 000000 # - Try to find BIND include dirs and libraries # # Usage of this module as follows: # # find_package(BIND) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # BIND_ROOT_DIR Set this variable to the root installation of BIND # if the module has problems finding the proper # installation path. # # Variables defined by this module: # # BIND_FOUND System has BIND, include and library dirs found # BIND_INCLUDE_DIR The BIND include directories. # BIND_LIBRARY The BIND library (if any) required for # ns_inittab and res_mkquery symbols find_path(BIND_ROOT_DIR NAMES include/bind/resolv.h include/resolv.h ) find_path(BIND_INCLUDE_DIR NAMES resolv.h HINTS ${BIND_ROOT_DIR}/include/bind ${BIND_ROOT_DIR}/include ) if (${CMAKE_SYSTEM_NAME} MATCHES "Linux") # the static resolv library is preferred because # on some systems, the ns_initparse symbol is not # exported in the shared library (strangely) # see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=291609 set(bind_libs none libresolv.a resolv bind) else () set(bind_libs none resolv bind) endif () include(CheckCSourceCompiles) # Find which library has the res_mkquery and ns_initparse symbols set(CMAKE_REQUIRED_INCLUDES ${BIND_INCLUDE_DIR}) foreach (bindlib ${bind_libs}) if (NOT ${bindlib} MATCHES "none") find_library(BIND_LIBRARY NAMES ${bindlib} HINTS ${BIND_ROOT_DIR}/lib ${BIND_ROOT_DIR}/lib/libbind ) endif () set(CMAKE_REQUIRED_LIBRARIES ${BIND_LIBRARY}) check_c_source_compiles(" #include int main() { ns_initparse(0, 0, 0); return 0; } " ns_initparse_works_${bindlib}) check_c_source_compiles(" #include #include #include #include #include int main() { int (*p)() = res_mkquery; return 0; } " res_mkquery_works_${bindlib}) set(CMAKE_REQUIRED_LIBRARIES) if (ns_initparse_works_${bindlib} AND res_mkquery_works_${bindlib}) break () else () set(BIND_LIBRARY BIND_LIBRARY-NOTFOUND) endif () endforeach () set(CMAKE_REQUIRED_INCLUDES) include(FindPackageHandleStandardArgs) if (ns_initparse_works_none AND res_mkquery_works_none) # system does not require linking to a BIND library find_package_handle_standard_args(BIND DEFAULT_MSG BIND_INCLUDE_DIR ) else () find_package_handle_standard_args(BIND DEFAULT_MSG BIND_LIBRARY BIND_INCLUDE_DIR ) endif () mark_as_advanced( BIND_ROOT_DIR BIND_LIBRARY BIND_INCLUDE_DIR ) bro-aux-0.42/cmake/InstallShellScript.cmake000644 000765 000024 00000004504 13400006401 020601 0ustar00jonstaff000000 000000 # Schedules a file to be installed by the 'install' target, but first # transformed by configure_file(... @ONLY) as well as by changing the # shell script's hashbang (#!) line to use the absolute path to the # interpreter in the path of the user running ./configure (or CMake equiv.). # # Hashbangs are not transformed when in binary packaging or cross-compiling # mode because that can result in inserting paths on the build system # that are not valid on the target system. # # _dstdir: absolute path to the directory in which to install the transformed # source file # _srcfile: path relevant to CMAKE_CURRENT_SOURCE_DIR pointing to the shell # script to install # [_dstfilename]: an optional argument for how to (re)name the file as # it's installed inside _dstdir macro(InstallShellScript _dstdir _srcfile) if (NOT "${ARGN}" STREQUAL "") set(_dstfilename ${ARGN}) else () get_filename_component(_dstfilename ${_srcfile} NAME) endif () set(orig_file ${CMAKE_CURRENT_SOURCE_DIR}/${_srcfile}) set(configed_file ${CMAKE_CURRENT_BINARY_DIR}/${_srcfile}) set(dehashbanged_file ${CMAKE_CURRENT_BINARY_DIR}/${_srcfile}.dehashbanged) configure_file(${orig_file} ${configed_file} @ONLY) file(READ ${configed_file} _srclines) file(WRITE ${dehashbanged_file} "") if (NOT BINARY_PACKAGING_MODE AND NOT CMAKE_CROSSCOMPILING) set(_regex "^#![ ]*/usr/bin/env[ ]+([^\n ]*)") string(REGEX MATCH ${_regex} _match ${_srclines}) if (_match) set(_shell ${CMAKE_MATCH_1}) if (${_shell} STREQUAL "python" AND PYTHON_EXECUTABLE) set(${_shell}_interp ${PYTHON_EXECUTABLE}) else () find_program(${_shell}_interp ${_shell}) endif () if (NOT ${_shell}_interp) message(FATAL_ERROR "Absolute path to interpreter '${_shell}' not found, " "failed to configure shell script: ${orig_file}") endif () string(REGEX REPLACE ${_regex} "#!${${_shell}_interp}" _srclines "${_srclines}") endif () endif () file(WRITE ${dehashbanged_file} "${_srclines}") install(PROGRAMS ${dehashbanged_file} DESTINATION ${_dstdir} RENAME ${_dstfilename}) endmacro(InstallShellScript) bro-aux-0.42/cmake/COPYING000644 000765 000024 00000003457 13400006401 015055 0ustar00jonstaff000000 000000 Copyright (c) 1995-2017, The Regents of the University of California through the Lawrence Berkeley National Laboratory and the International Computer Science Institute. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: (1) Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. (2) Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. (3) Neither the name of the University of California, Lawrence Berkeley National Laboratory, U.S. Dept. of Energy, International Computer Science Institute, nor the names of contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Note that some files in the distribution may carry their own copyright notices. bro-aux-0.42/cmake/FindPCAP.cmake000644 000765 000024 00000004436 13400006401 016346 0ustar00jonstaff000000 000000 # - Try to find libpcap include dirs and libraries # # Usage of this module as follows: # # find_package(PCAP) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # PCAP_ROOT_DIR Set this variable to the root installation of # libpcap if the module has problems finding the # proper installation path. # # Variables defined by this module: # # PCAP_FOUND System has libpcap, include and library dirs found # PCAP_INCLUDE_DIR The libpcap include directories. # PCAP_LIBRARY The libpcap library (possibly includes a thread # library e.g. required by pf_ring's libpcap) # HAVE_PF_RING If a found version of libpcap supports PF_RING find_path(PCAP_ROOT_DIR NAMES include/pcap.h ) find_path(PCAP_INCLUDE_DIR NAMES pcap.h HINTS ${PCAP_ROOT_DIR}/include ) find_library(PCAP_LIBRARY NAMES pcap HINTS ${PCAP_ROOT_DIR}/lib ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(PCAP DEFAULT_MSG PCAP_LIBRARY PCAP_INCLUDE_DIR ) include(CheckCSourceCompiles) set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY}) check_c_source_compiles("int main() { return 0; }" PCAP_LINKS_SOLO) set(CMAKE_REQUIRED_LIBRARIES) # check if linking against libpcap also needs to link against a thread library if (NOT PCAP_LINKS_SOLO) find_package(Threads) if (THREADS_FOUND) set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY} ${CMAKE_THREAD_LIBS_INIT}) check_c_source_compiles("int main() { return 0; }" PCAP_NEEDS_THREADS) set(CMAKE_REQUIRED_LIBRARIES) endif () if (THREADS_FOUND AND PCAP_NEEDS_THREADS) set(_tmp ${PCAP_LIBRARY} ${CMAKE_THREAD_LIBS_INIT}) list(REMOVE_DUPLICATES _tmp) set(PCAP_LIBRARY ${_tmp} CACHE STRING "Libraries needed to link against libpcap" FORCE) else () message(FATAL_ERROR "Couldn't determine how to link against libpcap") endif () endif () include(CheckFunctionExists) set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY}) check_function_exists(pcap_get_pfring_id HAVE_PF_RING) set(CMAKE_REQUIRED_LIBRARIES) mark_as_advanced( PCAP_ROOT_DIR PCAP_INCLUDE_DIR PCAP_LIBRARY ) bro-aux-0.42/cmake/InstallClobberImmune.cmake000644 000765 000024 00000002556 13400006401 021075 0ustar00jonstaff000000 000000 # Determines at `make install` time if a file, typically a configuration # file placed in $PREFIX/etc, shouldn't be installed to prevent overwrite # of an existing file. # # _srcfile: the file to install # _dstfile: the absolute file name after installation macro(InstallClobberImmune _srcfile _dstfile) install(CODE " set(_destfile \"${_dstfile}\") if (NOT \"\$ENV{DESTDIR}\" STREQUAL \"\") # prepend install root prefix with install-time DESTDIR set(_destfile \"\$ENV{DESTDIR}/${_dstfile}\") endif () if (EXISTS \${_destfile}) message(STATUS \"Skipping: \${_destfile} (already exists)\") execute_process(COMMAND \"${CMAKE_COMMAND}\" -E compare_files ${_srcfile} \${_destfile} RESULT_VARIABLE _diff) if (NOT \"\${_diff}\" STREQUAL \"0\") message(STATUS \"Installing: \${_destfile}.example\") configure_file(${_srcfile} \${_destfile}.example COPYONLY) endif () else () message(STATUS \"Installing: \${_destfile}\") # install() is not scriptable within install(), and # configure_file() is the next best thing configure_file(${_srcfile} \${_destfile} COPYONLY) # TODO: create additional install_manifest files? endif () ") endmacro(InstallClobberImmune) bro-aux-0.42/cmake/FindRequiredPackage.cmake000644 000765 000024 00000003557 13400006401 020662 0ustar00jonstaff000000 000000 # A wrapper macro around the standard CMake find_package macro that # facilitates displaying better error messages by default, or even # accepting custom error messages on a per package basis. # # If a package is not found, then the MISSING_PREREQS variable gets # set to true and either a default or custom error message appended # to MISSING_PREREQ_DESCS. # # The caller can use these variables to display a list of any missing # packages and abort the build/configuration if there were any. # # Use as follows: # # include(FindRequiredPackage) # FindRequiredPackage(Perl) # FindRequiredPackage(FLEX "You need to install flex (Fast Lexical Analyzer)") # # if (MISSING_PREREQS) # foreach (prereq ${MISSING_PREREQ_DESCS}) # message(SEND_ERROR ${prereq}) # endforeach () # message(FATAL_ERROR "Configuration aborted due to missing prerequisites") # endif () macro(FindRequiredPackage packageName) string(TOUPPER ${packageName} upperPackageName) if ( (DEFINED ${upperPackageName}_ROOT_DIR) AND (DEFINED CMAKE_PREFIX_PATH) ) set(CMAKE_PREFIX_SAVE ${CMAKE_PREFIX_PATH}) unset(CMAKE_PREFIX_PATH) find_package(${packageName}) set(CMAKE_PREFIX_PATH ${CMAKE_PREFIX_SAVE}) else() find_package(${packageName}) endif () string(TOUPPER ${packageName} canonPackageName) if (NOT ${canonPackageName}_FOUND) set(MISSING_PREREQS true) set(customDesc) foreach (descArg ${ARGN}) set(customDesc "${customDesc} ${descArg}") endforeach () if (customDesc) # append the custom error message that was provided as an argument list(APPEND MISSING_PREREQ_DESCS ${customDesc}) else () list(APPEND MISSING_PREREQ_DESCS " Could not find prerequisite package '${packageName}'") endif () endif () endmacro(FindRequiredPackage) bro-aux-0.42/cmake/package_preinstall.sh.in000755 000765 000024 00000001672 13400006401 020613 0ustar00jonstaff000000 000000 #!/bin/sh # This script is meant to be used by binary packages pre-installation. # Variables between @ symbols are replaced by CMake at configure time. configFiles="@INSTALLED_CONFIG_FILES@" backupNamesFile=/tmp/bro_install_backups # Checks if a config file exists in a default location and makes a backup # so that a modified version is not clobbered backupFile () { origFile="$1" if [ -e ${origFile} ]; then # choose a file suffix that doesn't already exist ver=1 while [ -e ${origFile}.${ver} ]; do ver=$(( ver + 1 )) done backupFile=${origFile}.${ver} cp -p ${origFile} ${backupFile} # the post upgrade script will check whether the installed # config file actually differs from existing version # and delete unnecessary backups echo "${backupFile}" >> ${backupNamesFile} fi } for file in ${configFiles}; do backupFile "${file}" done bro-aux-0.42/cmake/ChangeMacInstallNames.cmake000644 000765 000024 00000006602 13400006401 021140 0ustar00jonstaff000000 000000 # Calling this macro with the name of a list variable will modify that # list such that any third party libraries that do not come with a # vanilla Mac OS X system will be replaced by an adjusted library that # has an install_name relative to the location of any executable that # links to it. # # Also, it will schedule the modified libraries for installation in a # 'support_libs' subdirectory of the CMAKE_INSTALL_PREFIX. # # The case of third party libraries depending on other third party # libraries is currently not handled by this macro. # # Ex. # # set(libs /usr/lib/libz.dylib # /usr/lib/libssl.dylib # /usr/local/lib/libmagic.dylib # /usr/local/lib/libGeoIP.dylib # /usr/local/lib/somestaticlib.a) # # include(ChangeMacInstallNames) # ChangeMacInstallNames(libs) # # Should result in ${libs} containing: # /usr/lib/libz.dylib # /usr/lib/libssl.dylib # ${CMAKE_BINARY_DIR}/darwin_support_libs/libmagic.dylib # ${CMAKE_BINARY_DIR}/darwin_support_libs/libGeoIP.dylib # /usr/local/lib/somestaticlib.a # # such that we can now do: # # add_executable(some_exe ${srcs}) # target_link_libraries(some_exe ${libs}) # # Any binary packages created from such a build should be self-contained # and provide working installs on vanilla OS X systems. macro(ChangeMacInstallNames libListVar) if (APPLE) find_program(INSTALL_NAME_TOOL install_name_tool) set(MAC_INSTALL_NAME_DEPS) set(SUPPORT_BIN_DIR ${CMAKE_BINARY_DIR}/darwin_support_libs) set(SUPPORT_INSTALL_DIR support_libs) file(MAKE_DIRECTORY ${SUPPORT_BIN_DIR}) foreach (_lib ${${libListVar}}) # only care about install_name for shared libraries that are # not shipped in Apple's vanilla OS X installs string(REGEX MATCH ^/usr/lib/* apple_provided_lib ${_lib}) string(REGEX MATCH dylib$ is_shared_lib ${_lib}) if (NOT apple_provided_lib AND is_shared_lib) get_filename_component(_libname ${_lib} NAME) set(_adjustedLib ${SUPPORT_BIN_DIR}/${_libname}) set(_tmpLib ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/${_libname}) # make a tempory copy so we can adjust permissions configure_file(${_lib} ${_tmpLib} COPYONLY) # copy to build directory with correct write permissions file(COPY ${_tmpLib} DESTINATION ${SUPPORT_BIN_DIR} FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) # remove the old library from the list provided as macro # argument and add the new library with modified install_name list(REMOVE_ITEM ${libListVar} ${_lib}) list(APPEND ${libListVar} ${_adjustedLib}) # update the install target to install the third party libs # with modified install_name install(FILES ${_adjustedLib} DESTINATION ${SUPPORT_INSTALL_DIR}) # perform the install_name change execute_process(COMMAND install_name_tool -id @executable_path/../${SUPPORT_INSTALL_DIR}/${_libname} ${_adjustedLib}) endif () endforeach () endif () endmacro() bro-aux-0.42/cmake/FindCapstats.cmake000644 000765 000024 00000000625 13400006401 017401 0ustar00jonstaff000000 000000 # - Try to find capstats program # # Usage of this module as follows: # # find_package(Capstats) # # Variables defined by this module: # # CAPSTATS_FOUND capstats binary found # Capstats_EXE path to the capstats executable binary find_program(CAPSTATS_EXE capstats) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Capstats DEFAULT_MSG CAPSTATS_EXE) bro-aux-0.42/cmake/FindBroccoli.cmake000644 000765 000024 00000002225 13400006401 017351 0ustar00jonstaff000000 000000 # - Try to find libbroccoli include dirs and libraries # # Usage of this module as follows: # # find_package(Broccoli) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # Broccoli_ROOT_DIR Set this variable to the root installation of # libbroccoli if the module has problems finding the # proper installation path. # # Variables defined by this module: # # BROCCOLI_FOUND System has libbroccoli, include and lib dirs found # Broccoli_INCLUDE_DIR The libbroccoli include directories. # Broccoli_LIBRARY The libbroccoli library. find_path(Broccoli_ROOT_DIR NAMES include/broccoli.h ) find_path(Broccoli_INCLUDE_DIR NAMES broccoli.h HINTS ${Broccoli_ROOT_DIR}/include ) find_library(Broccoli_LIBRARY NAMES broccoli HINTS ${Broccoli_ROOT_DIR}/lib ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Broccoli DEFAULT_MSG Broccoli_LIBRARY Broccoli_INCLUDE_DIR ) mark_as_advanced( Broccoli_ROOT_DIR Broccoli_INCLUDE_DIR Broccoli_LIBRARY ) bro-aux-0.42/cmake/FindJeMalloc.cmake000644 000765 000024 00000002174 13400006401 017306 0ustar00jonstaff000000 000000 # - Try to find jemalloc headers and libraries. # # Usage of this module as follows: # # find_package(JeMalloc) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # JEMALLOC_ROOT_DIR Set this variable to the root installation of # jemalloc if the module has problems finding # the proper installation path. # # Variables defined by this module: # # JEMALLOC_FOUND System has jemalloc libs/headers # JEMALLOC_LIBRARIES The jemalloc library/libraries # JEMALLOC_INCLUDE_DIR The location of jemalloc headers find_path(JEMALLOC_ROOT_DIR NAMES include/jemalloc/jemalloc.h ) find_library(JEMALLOC_LIBRARIES NAMES jemalloc HINTS ${JEMALLOC_ROOT_DIR}/lib ) find_path(JEMALLOC_INCLUDE_DIR NAMES jemalloc/jemalloc.h HINTS ${JEMALLOC_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(JeMalloc DEFAULT_MSG JEMALLOC_LIBRARIES JEMALLOC_INCLUDE_DIR ) mark_as_advanced( JEMALLOC_ROOT_DIR JEMALLOC_LIBRARIES JEMALLOC_INCLUDE_DIR ) bro-aux-0.42/cmake/FindReadline.cmake000644 000765 000024 00000002744 13400006401 017346 0ustar00jonstaff000000 000000 # - Try to find readline include dirs and libraries # # Usage of this module as follows: # # find_package(Readline) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # Readline_ROOT_DIR Set this variable to the root installation of # readline if the module has problems finding the # proper installation path. # # Variables defined by this module: # # READLINE_FOUND System has readline, include and lib dirs found # Readline_INCLUDE_DIR The readline include directories. # Readline_LIBRARY The readline library. find_path(Readline_ROOT_DIR NAMES include/readline/readline.h ) find_path(Readline_INCLUDE_DIR NAMES readline/readline.h HINTS ${Readline_ROOT_DIR}/include ) find_library(Readline_LIBRARY NAMES readline HINTS ${Readline_ROOT_DIR}/lib ) if(Readline_INCLUDE_DIR AND Readline_LIBRARY AND Ncurses_LIBRARY) set(READLINE_FOUND TRUE) else(Readline_INCLUDE_DIR AND Readline_LIBRARY AND Ncurses_LIBRARY) FIND_LIBRARY(Readline_LIBRARY NAMES readline) include(FindPackageHandleStandardArgs) FIND_PACKAGE_HANDLE_STANDARD_ARGS(Readline DEFAULT_MSG Readline_INCLUDE_DIR Readline_LIBRARY ) MARK_AS_ADVANCED(Readline_INCLUDE_DIR Readline_LIBRARY) endif(Readline_INCLUDE_DIR AND Readline_LIBRARY AND Ncurses_LIBRARY) mark_as_advanced( Readline_ROOT_DIR Readline_INCLUDE_DIR Readline_LIBRARY ) bro-aux-0.42/cmake/FindCAF.cmake000644 000765 000024 00000006766 13400006401 016224 0ustar00jonstaff000000 000000 # Try to find CAF headers and library. # # Use this module as follows: # # find_package(CAF) # # Variables used by this module (they can change the default behaviour and need # to be set before calling find_package): # # CAF_ROOT_DIR Set this variable either to an installation prefix or to wa # CAF build directory where to look for the CAF libraries. # # Variables defined by this module: # # CAF_FOUND System has CAF headers and library # CAF_LIBRARIES List of library files for all components # CAF_INCLUDE_DIRS List of include paths for all components # CAF_LIBRARY_$C Library file for component $C # CAF_INCLUDE_DIR_$C Include path for component $C # iterate over user-defined components foreach (comp ${CAF_FIND_COMPONENTS}) # we use uppercase letters only for variable names string(TOUPPER "${comp}" UPPERCOMP) if ("${comp}" STREQUAL "core") set(HDRNAME "caf/all.hpp") elseif ("${comp}" STREQUAL "test") set(HDRNAME "caf/test/unit_test.hpp") else () set(HDRNAME "caf/${comp}/all.hpp") endif () if (CAF_ROOT_DIR) set(header_hints "${CAF_ROOT_DIR}/include" "${CAF_ROOT_DIR}/../libcaf_${comp}") endif () find_path(CAF_INCLUDE_DIR_${UPPERCOMP} NAMES ${HDRNAME} HINTS ${header_hints} /usr/include /usr/local/include /opt/local/include /sw/include ${CMAKE_INSTALL_PREFIX}/include) mark_as_advanced(CAF_INCLUDE_DIR_${UPPERCOMP}) if (NOT "${CAF_INCLUDE_DIR_${UPPERCOMP}}" STREQUAL "CAF_INCLUDE_DIR_${UPPERCOMP}-NOTFOUND") # mark as found (set back to false in case library cannot be found) set(CAF_${comp}_FOUND true) # add to CAF_INCLUDE_DIRS only if path isn't already set set(duplicate false) foreach (p ${CAF_INCLUDE_DIRS}) if (${p} STREQUAL ${CAF_INCLUDE_DIR_${UPPERCOMP}}) set(duplicate true) endif () endforeach () if (NOT duplicate) set(CAF_INCLUDE_DIRS ${CAF_INCLUDE_DIRS} ${CAF_INCLUDE_DIR_${UPPERCOMP}}) endif() # look for (.dll|.so|.dylib) file, again giving hints for non-installed CAFs # skip probe_event as it is header only if (NOT ${comp} STREQUAL "probe_event" AND NOT ${comp} STREQUAL "test") if (CAF_ROOT_DIR) set(library_hints "${CAF_ROOT_DIR}/lib") endif () find_library(CAF_LIBRARY_${UPPERCOMP} NAMES "caf_${comp}" "caf_${comp}_static" HINTS ${library_hints} /usr/lib /usr/local/lib /opt/local/lib /sw/lib ${CMAKE_INSTALL_PREFIX}/lib) mark_as_advanced(CAF_LIBRARY_${UPPERCOMP}) if ("${CAF_LIBRARY_${UPPERCOMP}}" STREQUAL "CAF_LIBRARY-NOTFOUND") set(CAF_${comp}_FOUND false) else () set(CAF_LIBRARIES ${CAF_LIBRARIES} ${CAF_LIBRARY_${UPPERCOMP}}) endif () endif () endif () endforeach () # let CMake check whether all requested components have been found include(FindPackageHandleStandardArgs) find_package_handle_standard_args(CAF FOUND_VAR CAF_FOUND REQUIRED_VARS CAF_LIBRARIES CAF_INCLUDE_DIRS HANDLE_COMPONENTS) # final step to tell CMake we're done mark_as_advanced(CAF_ROOT_DIR CAF_LIBRARIES CAF_INCLUDE_DIRS) bro-aux-0.42/cmake/FindGooglePerftools.cmake000644 000765 000024 00000003364 13400006401 020734 0ustar00jonstaff000000 000000 # - Try to find GooglePerftools headers and libraries # # Usage of this module as follows: # # find_package(GooglePerftools) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # GooglePerftools_ROOT_DIR Set this variable to the root installation of # GooglePerftools if the module has problems finding # the proper installation path. # # Variables defined by this module: # # GOOGLEPERFTOOLS_FOUND System has GooglePerftools libs/headers # TCMALLOC_FOUND System has GooglePerftools tcmalloc library # GooglePerftools_LIBRARIES The GooglePerftools libraries # GooglePerftools_LIBRARIES_DEBUG The GooglePerftools libraries for heap checking. # GooglePerftools_INCLUDE_DIR The location of GooglePerftools headers find_path(GooglePerftools_ROOT_DIR NAMES include/google/heap-profiler.h ) find_library(GooglePerftools_LIBRARIES_DEBUG NAMES tcmalloc_and_profiler HINTS ${GooglePerftools_ROOT_DIR}/lib ) find_library(GooglePerftools_LIBRARIES NAMES tcmalloc tcmalloc_minimal HINTS ${GooglePerftools_ROOT_DIR}/lib ) find_path(GooglePerftools_INCLUDE_DIR NAMES google/heap-profiler.h HINTS ${GooglePerftools_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(GooglePerftools DEFAULT_MSG GooglePerftools_LIBRARIES GooglePerftools_LIBRARIES_DEBUG GooglePerftools_INCLUDE_DIR ) find_package_handle_standard_args(tcmalloc DEFAULT_MSG GooglePerftools_LIBRARIES ) mark_as_advanced( GooglePerftools_ROOT_DIR GooglePerftools_LIBRARIES GooglePerftools_LIBRARIES_DEBUG GooglePerftools_INCLUDE_DIR ) bro-aux-0.42/cmake/MacDependencyPaths.cmake000644 000765 000024 00000002605 13400006401 020515 0ustar00jonstaff000000 000000 # As of CMake 2.8.3, Fink and MacPorts search paths are appended to the # default search prefix paths, but the nicer thing would be if they are # prepended to the default, so that is fixed here. # Prepend the default search path locations, in case for some reason the # ports/brew/fink executables are not found. # If they are found, the actual paths will be pre-pended again below. list(INSERT CMAKE_PREFIX_PATH 0 /opt/local) list(INSERT CMAKE_PREFIX_PATH 0 /usr/local) list(INSERT CMAKE_PREFIX_PATH 0 /sw) if (APPLE AND "${PROJECT_SOURCE_DIR}" STREQUAL "${CMAKE_SOURCE_DIR}") find_program(MAC_PORTS_BIN ports) find_program(MAC_HBREW_BIN brew) find_program(MAC_FINK_BIN fink) if (MAC_PORTS_BIN) list(INSERT CMAKE_PREFIX_PATH 0 ${MAC_PORTS_BIN}) # MacPorts endif () if (MAC_HBREW_BIN) execute_process(COMMAND ${MAC_HBREW_BIN} "--prefix" OUTPUT_VARIABLE BREW_PREFIX OUTPUT_STRIP_TRAILING_WHITESPACE) list(INSERT CMAKE_PREFIX_PATH 0 ${BREW_PREFIX}) # Homebrew, if linked list(INSERT CMAKE_PREFIX_PATH 0 ${BREW_PREFIX}/opt/openssl) # Homebrew OpenSSL list(INSERT CMAKE_PREFIX_PATH 0 ${BREW_PREFIX}/opt/bison/bin) # Homebrew Bison list(INSERT CMAKE_PREFIX_PATH 0 ${BREW_PREFIX}/opt/actor-framework) # Homebrew actor-framework endif () if (MAC_FINK_BIN) list(INSERT CMAKE_PREFIX_PATH 0 /sw) # Fink endif () endif () bro-aux-0.42/cmake/BroPluginCommon.cmake000644 000765 000024 00000005603 13400006401 020071 0ustar00jonstaff000000 000000 ## A set of functions for defining Bro plugins. ## ## This set is used by both static and dynamic plugins via ## BroPluginsStatic and BroPluginsDynamic, respectively. include(RequireCXX11) include(BifCl) include(BinPAC) # Begins a plugin definition, giving its namespace and name as the arguments. function(bro_plugin_begin ns name) _plugin_target_name(target "${ns}" "${name}") set(_plugin_lib "${target}" PARENT_SCOPE) set(_plugin_name "${ns}::${name}" PARENT_SCOPE) set(_plugin_name_canon "${ns}_${name}" PARENT_SCOPE) set(_plugin_ns "${ns}" PARENT_SCOPE) set(_plugin_objs "" PARENT_SCOPE) set(_plugin_deps "" PARENT_SCOPE) set(_plugin_dist "" PARENT_SCOPE) endfunction() # Adds *.cc files to a plugin. function(bro_plugin_cc) list(APPEND _plugin_objs ${ARGV}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) endfunction() # Adds a *.pac file to a plugin. Further *.pac files may given that # it depends on. function(bro_plugin_pac) binpac_target(${ARGV}) list(APPEND _plugin_objs ${BINPAC_OUTPUT_CC}) list(APPEND _plugin_deps ${BINPAC_BUILD_TARGET}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) set(_plugin_deps "${_plugin_deps}" PARENT_SCOPE) endfunction() # Add an additional object file to the plugin's library. function(bro_plugin_obj) foreach ( bif ${ARGV} ) list(APPEND _plugin_objs ${bif}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) endforeach () endfunction() # Add additional files that should be included into the binary plugin distribution. # Ignored for static plugins. macro(bro_plugin_dist_files) foreach ( file ${ARGV} ) list(APPEND _plugin_dist ${file}) # Don't need this here, and generates an error that # there is not parent scope. Not sure why it does that # here but not for other macros doing something similar. # set(_plugin_dist "${_plugin_dist}" PARENT_SCOPE) endforeach () endmacro() # Link an additional library to the plugin's library. function(bro_plugin_link_library) if ( BRO_PLUGIN_BUILD_DYNAMIC ) bro_plugin_link_library_dynamic(${ARGV}) else () bro_plugin_link_library_static(${ARGV}) endif () endfunction() # Adds *.bif files to a plugin. macro(bro_plugin_bif) if ( BRO_PLUGIN_BUILD_DYNAMIC ) bro_plugin_bif_dynamic(${ARGV}) else () bro_plugin_bif_static(${ARGV}) endif () endmacro() # Ends a plugin definition. macro(bro_plugin_end) if ( BRO_PLUGIN_BUILD_DYNAMIC ) bro_plugin_end_dynamic(${ARGV}) else () bro_plugin_end_static(${ARGV}) endif () endmacro() # Internal macro to create a unique target name for a plugin. macro(_plugin_target_name target ns name) if ( BRO_PLUGIN_BUILD_DYNAMIC ) _plugin_target_name_dynamic(${ARGV}) else () _plugin_target_name_static(${ARGV}) endif () endmacro() bro-aux-0.42/cmake/RequireCXX11.cmake000644 000765 000024 00000005250 13400006401 017156 0ustar00jonstaff000000 000000 # Detect if compiler version is sufficient for supporting C++11. # If it is, CMAKE_CXX_FLAGS are modified appropriately and HAVE_CXX11 # is set to a true value. Else, CMake exits with a fatal error message. # This currently only works for GCC and Clang compilers. # In Cmake 3.1+, CMAKE_CXX_STANDARD_REQUIRED should be able to replace # all the logic below. if ( DEFINED HAVE_CXX11 ) return() endif () include(CheckCXXSourceCompiles) set(required_gcc_version 4.8) set(required_clang_version 3.3) macro(cxx11_compile_test) # test a header file that has to be present in C++11 check_cxx_source_compiles(" #include #include int main() { std::array a{ {1, 2} }; for (const auto& e: a) std::cout << e << ' '; std::cout << std::endl; } " cxx11_header_works) if (NOT cxx11_header_works) message(FATAL_ERROR "C++11 headers cannot be used for compilation") endif () endmacro() # CMAKE_CXX_COMPILER_VERSION may not always be available (e.g. particularly # for CMakes older than 2.8.10, but use it if it exists. if ( DEFINED CMAKE_CXX_COMPILER_VERSION ) if ( CMAKE_CXX_COMPILER_ID STREQUAL "GNU" ) if ( CMAKE_CXX_COMPILER_VERSION VERSION_LESS ${required_gcc_version} ) message(FATAL_ERROR "GCC version must be at least " "${required_gcc_version} for C++11 support, detected: " "${CMAKE_CXX_COMPILER_VERSION}") endif () elseif ( CMAKE_CXX_COMPILER_ID STREQUAL "Clang" ) if ( CMAKE_CXX_COMPILER_VERSION VERSION_LESS ${required_clang_version} ) message(FATAL_ERROR "Clang version must be at least " "${required_clang_version} for C++11 support, detected: " "${CMAKE_CXX_COMPILER_VERSION}") endif () endif () set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11") cxx11_compile_test() set(HAVE_CXX11 true) return() endif () # Need to manually retrieve compiler version. if ( CMAKE_CXX_COMPILER_ID STREQUAL "GNU" ) execute_process(COMMAND ${CMAKE_CXX_COMPILER} -dumpversion OUTPUT_VARIABLE gcc_version) if ( ${gcc_version} VERSION_LESS ${required_gcc_version} ) message(FATAL_ERROR "GCC version must be at least " "${required_gcc_version} for C++11 support, manually detected: " "${CMAKE_CXX_COMPILER_VERSION}") endif () elseif ( CMAKE_CXX_COMPILER_ID STREQUAL "Clang" ) # TODO: don't seem to be any great/easy ways to get a clang version string. endif () set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11") cxx11_compile_test() set(HAVE_CXX11 true) bro-aux-0.42/cmake/FindBro.cmake000644 000765 000024 00000002060 13400006401 016334 0ustar00jonstaff000000 000000 # - Try to find Bro installation # # Usage of this module as follows: # # find_package(Bro) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # BRO_ROOT_DIR Set this variable to the root installation of # Bro if the module has problems finding the # proper installation path. # # Variables defined by this module: # # BRO_FOUND Bro NIDS is installed # BRO_EXE path to the 'bro' binary if (BRO_EXE AND BRO_ROOT_DIR) # this implies that we're building from the Bro source tree set(BRO_FOUND true) return() endif () find_program(BRO_EXE bro HINTS ${BRO_ROOT_DIR}/bin /usr/local/bro/bin) if (BRO_EXE) get_filename_component(BRO_ROOT_DIR ${BRO_EXE} PATH) get_filename_component(BRO_ROOT_DIR ${BRO_ROOT_DIR} PATH) endif () include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Bro DEFAULT_MSG BRO_EXE) mark_as_advanced(BRO_ROOT_DIR) bro-aux-0.42/cmake/FindLibMMDB.cmake000644 000765 000024 00000002664 13400006401 016772 0ustar00jonstaff000000 000000 # - Try to find libmaxminddb headers and libraries # # Usage of this module as follows: # # find_package(LibMMDB) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # LibMMDB_ROOT_DIR Set this variable to the root installation of # libmaxminddb if the module has problems finding the # proper installation path. # # Variables defined by this module: # # LibMMDB_FOUND System has libmaxminddb libraries and headers # LibMMDB_LIBRARY The libmaxminddb library # LibMMDB_INCLUDE_DIR The location of libmaxminddb headers find_path(LibMMDB_ROOT_DIR NAMES include/maxminddb.h ) if (${CMAKE_SYSTEM_NAME} MATCHES "Darwin") # the static version of the library is preferred on OS X for the # purposes of making packages (libmaxminddb doesn't ship w/ OS X) set(libmmdb_names libmaxminddb.a maxminddb) else () set(libmmdb_names maxminddb) endif () find_library(LibMMDB_LIBRARY NAMES ${libmmdb_names} HINTS ${LibMMDB_ROOT_DIR}/lib ) find_path(LibMMDB_INCLUDE_DIR NAMES maxminddb.h HINTS ${LibMMDB_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(LibMMDB DEFAULT_MSG LibMMDB_LIBRARY LibMMDB_INCLUDE_DIR ) mark_as_advanced( LibMMDB_ROOT_DIR LibMMDB_LIBRARY LibMMDB_INCLUDE_DIR ) bro-aux-0.42/cmake/FindBinPAC.cmake000644 000765 000024 00000002532 13400006401 016652 0ustar00jonstaff000000 000000 # - Try to find BinPAC binary and library # # Usage of this module as follows: # # find_package(BinPAC) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # BinPAC_ROOT_DIR Set this variable to the root installation of # BinPAC if the module has problems finding the # proper installation path. # # Variables defined by this module: # # BINPAC_FOUND System has BinPAC binary and library # BinPAC_EXE The binpac executable # BinPAC_LIBRARY The libbinpac.a library # BinPAC_INCLUDE_DIR The binpac headers # look for BinPAC in standard locations or user-provided root find_path(BinPAC_ROOT_DIR NAMES include/binpac.h include/binpac/binpac.h ) find_file(BinPAC_EXE NAMES binpac HINTS ${BinPAC_ROOT_DIR}/bin ) find_library(BinPAC_LIBRARY NAMES libbinpac.a HINTS ${BinPAC_ROOT_DIR}/lib ) find_path(BinPAC_INCLUDE_DIR NAMES binpac.h HINTS ${BinPAC_ROOT_DIR}/include ${BinPAC_ROOT_DIR}/include/binpac ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(BinPAC DEFAULT_MSG BinPAC_EXE BinPAC_LIBRARY BinPAC_INCLUDE_DIR ) mark_as_advanced( BinPAC_ROOT_DIR BinPAC_EXE BinPAC_LIBRARY BinPAC_INCLUDE_DIR ) bro-aux-0.42/cmake/ProhibitInSourceBuild.cmake000644 000765 000024 00000000456 13400006401 021230 0ustar00jonstaff000000 000000 # Prohibit in-source builds. if ("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}") message(FATAL_ERROR "In-source builds are not allowed. Please use " "./configure to choose a build directory and " "initialize the build configuration.") endif () bro-aux-0.42/cmake/UserChangedWarning.cmake000644 000765 000024 00000001370 13400006401 020532 0ustar00jonstaff000000 000000 # Show warning when installing user is different from the one that configured, # except when the install is root. if ("${PROJECT_SOURCE_DIR}" STREQUAL "${CMAKE_SOURCE_DIR}") install(CODE " if (NOT \"$ENV{USER}\" STREQUAL \"\$ENV{USER}\" AND NOT \"\$ENV{USER}\" STREQUAL root) message(STATUS \"WARNING: Install is being performed by user \" \"'\$ENV{USER}', but the build directory was configured by \" \"user '$ENV{USER}'. This may result in a permissions error \" \"when writing the install manifest, but you can ignore it \" \"and consider the installation as successful if you don't \" \"care about the install manifest.\") endif () ") endif () bro-aux-0.42/cmake/FindRocksDB.cmake000644 000765 000024 00000002162 13400006401 017104 0ustar00jonstaff000000 000000 # Try to find RocksDB headers and library. # # Usage of this module as follows: # # find_package(RocksDB) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # ROCKSDB_ROOT_DIR Set this variable to the root installation of # RocksDB if the module has problems finding the # proper installation path. # # Variables defined by this module: # # ROCKSDB_FOUND System has RocksDB library/headers. # ROCKSDB_LIBRARIES The RocksDB library. # ROCKSDB_INCLUDE_DIRS The location of RocksDB headers. find_path(ROCKSDB_ROOT_DIR NAMES include/rocksdb/db.h ) find_library(ROCKSDB_LIBRARIES NAMES rocksdb HINTS ${ROCKSDB_ROOT_DIR}/lib ) find_path(ROCKSDB_INCLUDE_DIRS NAMES rocksdb/db.h HINTS ${ROCKSDB_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(RocksDB DEFAULT_MSG ROCKSDB_LIBRARIES ROCKSDB_INCLUDE_DIRS ) mark_as_advanced( ROCKSDB_ROOT_DIR ROCKSDB_LIBRARIES ROCKSDB_INCLUDE_DIRS ) bro-aux-0.42/cmake/CheckTypes.cmake000644 000765 000024 00000002230 13400006401 017052 0ustar00jonstaff000000 000000 include(CheckTypeSize) check_type_size("long int" SIZEOF_LONG_INT) check_type_size("long long" SIZEOF_LONG_LONG) check_type_size("void *" SIZEOF_VOID_P) # checks existence of ${_type}, and if it does not, sets CMake variable ${_var} # to alternative type, ${_alt_type} macro(CheckType _type _alt_type _var) # don't perform check if we have a result from a previous CMake run if (NOT HAVE_${_var}) check_type_size(${_type} ${_var}) if (NOT ${_var}) set(${_var} ${_alt_type}) else () unset(${_var}) unset(${_var} CACHE) endif () endif () endmacro(CheckType _type _alt_type _var) set(CMAKE_EXTRA_INCLUDE_FILES sys/types.h) CheckType(int32_t int int32_t) CheckType(u_int32_t u_int u_int32_t) CheckType(u_int16_t u_short u_int16_t) CheckType(u_int8_t u_char u_int8_t) set(CMAKE_EXTRA_INCLUDE_FILES) set(CMAKE_EXTRA_INCLUDE_FILES sys/socket.h) CheckType(socklen_t int socklen_t) set(CMAKE_EXTRA_INCLUDE_FILES) set(CMAKE_EXTRA_INCLUDE_FILES netinet/in.h netinet/ip6.h) check_type_size("struct ip6_opt" IP6_OPT) check_type_size("struct ip6_ext" IP6_EXT) set(CMAKE_EXTRA_INCLUDE_FILES) bro-aux-0.42/cmake/FindPythonDev.cmake000644 000765 000024 00000006056 13400006401 017543 0ustar00jonstaff000000 000000 # - Try to find Python include dirs and libraries # # Usage of this module as follows: # # find_package(PythonDev) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # PYTHON_EXECUTABLE If this is set to a path to a Python interpreter # then this module attempts to infer the path to # python-config from it # PYTHON_CONFIG Set this variable to the location of python-config # if the module has problems finding the proper # installation path. # # Variables defined by this module: # # PYTHONDEV_FOUND System has Python dev headers/libraries # PYTHON_INCLUDE_DIR The Python include directories. # PYTHON_LIBRARIES The Python libraries and linker flags. include(FindPackageHandleStandardArgs) if ( CMAKE_CROSSCOMPILING ) find_package(PythonLibs) if (PYTHON_INCLUDE_PATH AND NOT PYTHON_INCLUDE_DIR) set(PYTHON_INCLUDE_DIR "${PYTHON_INCLUDE_PATH}") endif () find_package_handle_standard_args(PythonDev DEFAULT_MSG PYTHON_INCLUDE_DIR PYTHON_LIBRARIES ) return() endif () if (PYTHON_EXECUTABLE) # Get the real path so that we can reliably find the correct python-config # (e.g. some systems may have a "python" symlink, but not a "python-config" # symlink). get_filename_component(PYTHON_EXECUTABLE "${PYTHON_EXECUTABLE}" REALPATH) endif () if (PYTHON_EXECUTABLE AND EXISTS ${PYTHON_EXECUTABLE}-config) set(PYTHON_CONFIG ${PYTHON_EXECUTABLE}-config CACHE PATH "" FORCE) else () find_program(PYTHON_CONFIG NAMES python-config python-config2.7 python-config2.6 python-config2.6 python-config2.4 python-config2.3) endif () # The OpenBSD python packages have python-config's that don't reliably # report linking flags that will work. if (PYTHON_CONFIG AND NOT ${CMAKE_SYSTEM_NAME} STREQUAL "OpenBSD") execute_process(COMMAND "${PYTHON_CONFIG}" --ldflags OUTPUT_VARIABLE PYTHON_LIBRARIES OUTPUT_STRIP_TRAILING_WHITESPACE ERROR_QUIET) string(STRIP "${PYTHON_LIBRARIES}" PYTHON_LIBRARIES) execute_process(COMMAND "${PYTHON_CONFIG}" --includes OUTPUT_VARIABLE PYTHON_INCLUDE_DIR OUTPUT_STRIP_TRAILING_WHITESPACE ERROR_QUIET) string(REGEX REPLACE "^[-I]" "" PYTHON_INCLUDE_DIR "${PYTHON_INCLUDE_DIR}") string(REGEX REPLACE "[ ]-I" " " PYTHON_INCLUDE_DIR "${PYTHON_INCLUDE_DIR}") separate_arguments(PYTHON_INCLUDE_DIR) find_package_handle_standard_args(PythonDev DEFAULT_MSG PYTHON_CONFIG PYTHON_INCLUDE_DIR PYTHON_LIBRARIES ) else () find_package(PythonLibs) if (PYTHON_INCLUDE_PATH AND NOT PYTHON_INCLUDE_DIR) set(PYTHON_INCLUDE_DIR "${PYTHON_INCLUDE_PATH}") endif () find_package_handle_standard_args(PythonDev DEFAULT_MSG PYTHON_INCLUDE_DIR PYTHON_LIBRARIES ) endif () bro-aux-0.42/cmake/OpenSSLTests.cmake000644 000765 000024 00000005104 13400006401 017321 0ustar00jonstaff000000 000000 include(CheckCSourceCompiles) include(CheckCXXSourceCompiles) include(CheckCSourceRuns) set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_LIBRARIES} ${CMAKE_DL_LIBS}) # Use all includes, not just OpenSSL includes to see if there are # include files of different versions that do not match GET_DIRECTORY_PROPERTY(includes INCLUDE_DIRECTORIES) set(CMAKE_REQUIRED_INCLUDES ${includes}) check_c_source_compiles(" #include int main() { return 0; } " including_ssl_h_works) if (NOT including_ssl_h_works) # On Red Hat we may need to include Kerberos header. set(CMAKE_REQUIRED_INCLUDES ${includes} /usr/kerberos/include) check_c_source_compiles(" #include #include int main() { return 0; } " NEED_KRB5_H) if (NOT NEED_KRB5_H) message(FATAL_ERROR "OpenSSL test failure. See CmakeError.log for details.") else () message(STATUS "OpenSSL requires Kerberos header") include_directories("/usr/kerberos/include") endif () endif () if (OPENSSL_VERSION VERSION_LESS "0.9.7") message(FATAL_ERROR "OpenSSL >= v0.9.7 required") endif () check_cxx_source_compiles(" #include int main() { const unsigned char** cpp = 0; X509** x =0; d2i_X509(x, cpp, 0); return 0; } " OPENSSL_D2I_X509_USES_CONST_CHAR) if (NOT OPENSSL_D2I_X509_USES_CONST_CHAR) # double check that it compiles without const check_cxx_source_compiles(" #include int main() { unsigned char** cpp = 0; X509** x =0; d2i_X509(x, cpp, 0); return 0; } " OPENSSL_D2I_X509_USES_CHAR) if (NOT OPENSSL_D2I_X509_USES_CHAR) message(FATAL_ERROR "Can't determine if openssl_d2i_x509() takes const char parameter") endif () endif () if (NOT CMAKE_CROSSCOMPILING) check_c_source_runs(" #include #include #include int main() { printf(\"-- OpenSSL Library version: %s\\\\n\", SSLeay_version(SSLEAY_VERSION)); printf(\"-- OpenSSL Header version: %s\\\\n\", OPENSSL_VERSION_TEXT); if (SSLeay() == OPENSSL_VERSION_NUMBER) { return 0; } return -1; } " OPENSSL_CORRECT_VERSION_NUMBER ) if (NOT OPENSSL_CORRECT_VERSION_NUMBER) message(FATAL_ERROR "OpenSSL library version does not match headers") endif () endif () set(CMAKE_REQUIRED_INCLUDES) set(CMAKE_REQUIRED_LIBRARIES)