broctl-1.4-minimal/0000775002342100234210000000000012535575001014110 5ustar johannajohannabroctl-1.4-minimal/etc/0000775002342100234210000000000012535575000014662 5ustar johannajohannabroctl-1.4-minimal/etc/broctl.cfg.in0000664002342100234210000000504112535575000017235 0ustar johannajohanna## Global BroControl configuration file. ############################################### # Mail Options # Recipient address for all emails sent out by Bro and BroControl. MailTo = root@localhost # Mail connection summary reports each log rotation interval. A value of 1 # means mail connection summaries, and a value of 0 means do not mail # connection summaries. This option has no effect if the trace-summary # script is not available. MailConnectionSummary = 1 # Lower threshold (in percentage of disk space) for space available on the # disk that holds SpoolDir. If less space is available, "broctl cron" starts # sending out warning emails. A value of 0 disables this feature. MinDiskSpace = 5 # Send mail when "broctl cron" notices the availability of a host in the # cluster to have changed. A value of 1 means send mail when a host status # changes, and a value of 0 means do not send mail. MailHostUpDown = 1 ############################################### # Logging Options # Rotation interval in seconds for log files on manager (or standalone) node. # A value of 0 disables log rotation. LogRotationInterval = 3600 # Expiration interval for log files in LogDir. Files older than this many days # will be deleted upon running "broctl cron". A value of 0 means that logs # never expire. LogExpireInterval = 0 # Enable BroControl to write statistics to the stats.log file. A value of 1 # means write to stats.log, and a value of 0 means do not write to stats.log. StatsLogEnable = 1 # Number of days that entries in the stats.log file are kept. Entries older # than this many days will be removed upon running "broctl cron". A value of 0 # means that entries never expire. StatsLogExpireInterval = 0 ############################################### # Other Options # Show all output of the broctl status command. If set to 1, then all output # is shown. If set to 0, then broctl status will not collect or show the peer # information (and the command will run faster). StatusCmdShowAll = 1 # Site-specific policy script to load. Bro will look for this in # $PREFIX/share/bro/site. A default local.bro comes preinstalled # and can be customized as desired. SitePolicyStandalone = local.bro # Location of the log directory where log files will be archived each rotation # interval. LogDir = ${LOGS} # Location of the spool directory where files and data that are currently being # written are stored. SpoolDir = ${SPOOL} # Location of other configuration files that can be used to customize # BroControl operation (e.g. local networks, nodes). CfgDir = ${ETC} broctl-1.4-minimal/etc/networks.cfg0000664002342100234210000000034112535575000017215 0ustar johannajohanna# List of local networks in CIDR notation, optionally followed by a # descriptive tag. # For example, "10.0.0.0/8" or "fe80::/64" are valid prefixes. 10.0.0.0/8 Private IP space 192.168.0.0/16 Private IP space broctl-1.4-minimal/etc/node.cfg0000664002342100234210000000120412535575000016265 0ustar johannajohanna# Example BroControl node configuration. # # This example has a standalone node ready to go except for possibly changing # the sniffing interface. # This is a complete standalone configuration. Most likely you will # only need to change the interface. [bro] type=standalone host=localhost interface=eth0 ## Below is an example clustered configuration. If you use this, ## remove the [bro] node above. #[manager] #type=manager #host=host1 # #[proxy-1] #type=proxy #host=host1 # #[worker-1] #type=worker #host=host2 #interface=eth0 # #[worker-2] #type=worker #host=host3 #interface=eth0 # #[worker-3] #type=worker #host=host4 #interface=eth0 broctl-1.4-minimal/README0000664002342100234210000000002512535575000014764 0ustar johannajohanna See doc/broctl.rst. broctl-1.4-minimal/btest0000664002342100234210000000000012535575000015141 0ustar johannajohannabroctl-1.4-minimal/testing/0000775002342100234210000000000012535575001015565 5ustar johannajohannabroctl-1.4-minimal/testing/Scripts/0000775002342100234210000000000012535575000017213 5ustar johannajohannabroctl-1.4-minimal/testing/Scripts/diff-remove-timestamps-yyyy-mm-dd0000775002342100234210000000020412535575000025541 0ustar johannajohanna#! /usr/bin/env bash # # Replace timestamps of the form "2013-03-27" with Xs sed 's/[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\}/XXXX-XX-XX/' broctl-1.4-minimal/testing/Scripts/diff-cron-meta0000775002342100234210000000013312535575000021731 0ustar johannajohanna#! /usr/bin/env bash # # Output first column of cron's meta.dat file. awk '{ print $1 }' broctl-1.4-minimal/testing/Scripts/diff-cluster-layout0000775002342100234210000000017612535575000023047 0ustar johannajohanna#! /usr/bin/env bash # # Replace IPv6 localhost in cluster-layout.bro with IPv4 localhost. sed "s/ip=\[::1\]/ip=127.0.0.1/" broctl-1.4-minimal/testing/Scripts/diff-to-bytes-output0000775002342100234210000000103212535575000023147 0ustar johannajohanna#! /usr/bin/env python # # Convert large integers in the to-bytes.awk output to floating point # exponential format, because some versions of awk output large integers in # that format. from __future__ import print_function import sys for line in sys.stdin: outstr = "" for field in line.split(): try: num = float(field) except ValueError: num = 0 if num > 2147483647: outstr += "%.5e " % num else: outstr += "%s " % field print(outstr[:-1]) broctl-1.4-minimal/testing/Scripts/diff-peerstatus-output0000775002342100234210000000107512535575000023607 0ustar johannajohanna#! /usr/bin/env bash # # Replace fields from "broctl peerstatus" output that are not predictable # with Xs. awk '{ if ( $1 ~ /^[0-9]+\.[0-9]+$/ ) { $1 = "XXXXXXXXXX.XXXXXX" if ( $2 ~ /^peer=/ ) { $2 = "peer=X" } if ( $3 ~ /^host=(::1|127\.0\.0\.1)$/ ) { $3 = "host=X" } if ( $4 ~ /^events_in=[0-9]+$/ ) { $4 = "events_in=X" } if ( $5 ~ /^events_out=[0-9]+$/ ) { $5 = "events_out=X" } if ( $6 ~ /^ops_in=[0-9]+$/ ) { $6 = "ops_in=X" } if ( $7 ~ /^ops_out=[0-9]+$/ ) { $7 = "ops_out=X" } } print }' broctl-1.4-minimal/testing/Scripts/diff-remove-abspath0000775002342100234210000000017612535575000022770 0ustar johannajohanna#! /usr/bin/env bash # # Replace absolute paths with the basename. sed 's#/\([^/ ]\{1,\}/\)\{1,\}\([^/ ]\{1,\}\)#<...>/\2#g' broctl-1.4-minimal/testing/Scripts/broctl-test-setup0000775002342100234210000001236612535575000022551 0ustar johannajohanna#! /usr/bin/env bash # # Broctl test setup script (source this at the start of each test script). # # This script installs Bro to a directory that is unique to each test, # and provides a function "installcfgfile" that a test script can # optionally use to install files, and a function "replaceprefix" that a # test script can use to alter the contents of a test file to set the # correct install directory path. This script also exports an environment # variable "BROCTL_INSTALL_PREFIX" that provides a test script with the # directory path of the Bro install. # installcfgfile [--new] # # This function can be used to install a test-specific config file. # The is the relative pathname of the config file to install # and it must follow a naming convention: /__ # where is the directory, is the destination filename, and # is some descriptive text for the config file. # If "--new" is given, then skip check for existence of destination file. installcfgfile() { set +x if [ -z "$1" ]; then return fi # Split input into two cmd-line args. origrelpath=`echo $1 | awk '{print $1}'` newfile=`echo $1 | awk '{print $2}'` if [ "$newfile" = "--new" ]; then newfile="yes" else newfile="no" fi # Make sure original file exists origpath=$BROCTLCFG/$origrelpath if [ ! -f "$origpath" ]; then echo "Error: source file not found: $origpath" 1>&2 exit 1 fi # Use the double-underscore delimiter to derive the destination filename relpath=$(echo $origrelpath | awk -F'__' '{print $1}') if [ "$origrelpath" = "$relpath" ]; then echo "Error: source filename needs '__': $origrelpath" 1>&2 exit 1 fi destfile=$(basename "$relpath") # Derive the destination directory based on the original directory destdir=$(dirname "$relpath") # Make sure destination directory exists if [ ! -d "$BROCTL_INSTALL_PREFIX/$destdir" ]; then echo "Error: destination directory not found: $BROCTL_INSTALL_PREFIX/$destdir" 1>&2 exit 1 fi # Finally, build the destination pathname destpath=$BROCTL_INSTALL_PREFIX/$destdir/$destfile if [ "$newfile" = "no" ]; then # Make sure destination file exists (usually, we're overwriting an # existing file, so this is a good safety check to catch typos) if [ ! -f "$destpath" ]; then echo "Error: destination file not found: $destpath (maybe try --new option?)" 1>&2 exit 1 fi fi cp $origpath $destpath set -x } # replaceprefix # # Replace the text "@PREFIX@" with the bro install prefix in the specified # file (given as a relative pathname). replaceprefix() { set +x if [ -z "$1" ]; then return fi destfile=$BROCTL_INSTALL_PREFIX/$1 if [ ! -f $destfile ]; then echo "Error: file not found: $destfile" 1>&2 exit 1 fi sed "s#@PREFIX@#${BROCTL_INSTALL_PREFIX}#g" $destfile > $destfile.new && mv $destfile.new $destfile test $? -ne 0 && exit 1 set -x } # This function sets the correct install prefix directory in all files where # it's needed (this is done immediately after untarring the Bro install). replaceprefixes() { for i in etc/broctl.cfg bin/broctl lib/broctl/BroControl/version.py ; do sed "s#@PREFIX@#${BROCTL_INSTALL_PREFIX}#" $i > $i.new && cp $i.new $i && rm $i.new if [ $? -ne 0 ]; then return 1 fi done } # This function creates a test-specific directory, installs Bro to this # directory, and exports some env. vars. with the path of this directory. # Cleanup happens automatically unless BROCTL_TEST_DEBUG is defined. installbro() { if [ -z "${INSTALL}" ]; then echo "Error: INSTALL not defined (check btest.cfg)" 1>&2 exit 1 fi basedir="${INSTALL}" tarfile=$basedir/bro-test-install.tar if [ ! -f "$tarfile" ]; then echo "Error: $tarfile doesn't exist ('make buildbro' to create)" 1>&2 exit 1 fi # Cleanup the test directory only if BROCTL_TEST_DEBUG is not set. if [ -z "${BROCTL_TEST_DEBUG}" ]; then trap "cleanup" EXIT fi # Create test-specific bro installation directory export BROCTL_INSTALL_PREFIX=$basedir/test.$$ mkdir "$BROCTL_INSTALL_PREFIX" test $? -ne 0 && exit 1 # Install bro (cd "$BROCTL_INSTALL_PREFIX" && tar xf "$tarfile" && replaceprefixes) test $? -ne 0 && exit 1 export PATH=$BROCTL_INSTALL_PREFIX/bin:$PATH export LD_LIBRARY_PATH=$BROCTL_INSTALL_PREFIX/lib # If BROCTL_TEST_DEBUG is set, then leave a file in the test directory # to help setup environment for running broctl manually. if [ -n "${BROCTL_TEST_DEBUG}" ]; then how2run=${BROCTL_INSTALL_PREFIX}/how_to_run_broctl echo "# In order to run broctl in this directory, first type '. how_to_run_broctl'" >> $how2run echo "export PATH=$BROCTL_INSTALL_PREFIX/bin:\$PATH" >> $how2run echo "export LD_LIBRARY_PATH=$BROCTL_INSTALL_PREFIX/lib" >> $how2run fi } cleanup() { set +x test -n "$BROCTL_INSTALL_PREFIX" && rm -rf "$BROCTL_INSTALL_PREFIX" } installbro # Output test commands (if a test fails, this might be useful for debugging) set -x broctl-1.4-minimal/testing/Scripts/build-bro0000775002342100234210000000642312535575000021025 0ustar johannajohanna#! /usr/bin/env bash # # Usage: build-bro [cleanall] # # This script configures and builds Bro, and then creates a tar file of # the Bro installation so that each broctl test case will have its own # fresh install. If Bro fails to build, then define BROCTL_TEST_BUILDARGS to # specify additional "configure" options needed to build Bro. # # If the "cleanall" parameter is specified, then this script just removes # the tar file and the broctl test build directory. # This function builds Bro using a build directory specifically for broctl # tests (if BROCTL_TEST_USEBUILD is defined, then the default Bro build # directory is used instead). build_bro() { # Choose a build directory if [ -n "${BROCTL_TEST_USEBUILD}" ]; then # Use the default Bro build directory BUILDPREFIX=build else # Use a build directory specifically for broctl tests BUILDPREFIX=${BROCTL_TEST}/bro-build fi cd "${BROSRCDIR}" ./configure --builddir=${BUILDPREFIX} --prefix="${INSTALLPREFIX}" ${BROCTL_TEST_BUILDARGS} test $? -ne 0 && return 1 cd ${BUILDPREFIX} && make && make install } replaceprefix() { for i in etc/broctl.cfg bin/broctl lib/broctl/BroControl/version.py ; do sed "s#${INSTALLPREFIX}#@PREFIX@#" $i > $i.new && cp $i.new $i && rm $i.new if [ $? -ne 0 ]; then return 1 fi done } BROCTLSRCDIR=`dirname "$0"`/../.. BROSRCDIR=${BROCTLSRCDIR}/../.. BROCTLBUILDDIR=${BROCTLSRCDIR}/build # Absolute path of a directory where all of the broctl test files are located. BROCTL_TEST=`python -c "from __future__ import print_function; import os,sys; print(os.path.realpath(sys.argv[1]))" ${BROCTLBUILDDIR}/testing` test $? -ne 0 && exit 1 if [ "$1" = "cleanall" ]; then # verify the path is a directory (and exists) before attempting to remove test -d "${BROCTL_TEST}" && rm -rf "${BROCTL_TEST}" # if the directory still exists, then something is wrong if [ -d "${BROCTL_TEST}" ]; then exit 1 fi exit 0 fi # The tar file that all broctl test cases will use. TARFILE=${BROCTL_TEST}/bro-test-install.tar # Remove the tar file if it exists if [ -e "${TARFILE}" ]; then rm -f "${TARFILE}" test $? -ne 0 && exit 1 fi mkdir -p ${BROCTL_TEST} || exit 1 LOG=${BROCTL_TEST}/buildbro.log rm -f "$LOG" # Verify that the entire Bro git repo was cloned (not just the broctl repo). if [ ! -e "${BROSRCDIR}/configure" ]; then echo "Error: configure script not found. Did you remember to clone the bro repo?" exit 1 fi # Bro will be installed in this temporary directory. INSTALLPREFIX=${BROCTL_TEST}/bro-install # Remove the temporary directory if it exists. if [ -e "${INSTALLPREFIX}" ]; then rm -rf "${INSTALLPREFIX}" test $? -ne 0 && exit 1 fi # Build and install Bro in a temporary directory. echo "Building Bro (log in $LOG) ..." build_bro >>$LOG 2>&1 if [ $? -ne 0 ]; then echo "Error: Bro build failed:" tail -n 20 $LOG exit 1 fi # Create a tar file of the installation so each test case can use its own # install prefix without needing to rebuild Bro. (cd "${INSTALLPREFIX}" && replaceprefix && tar cf "${TARFILE}" * ) if [ $? -ne 0 ]; then rm -rf "${INSTALLPREFIX}" exit 1 fi # We no longer need the temporary directory where Bro was installed. rm -rf "${INSTALLPREFIX}" broctl-1.4-minimal/testing/Scripts/diff-status-output0000775002342100234210000000222612535575000022732 0ustar johannajohanna#! /usr/bin/env bash # # Replace columns from "broctl status" output that are not predictable # (such as PID) with Xs. If the "--peers" command-line option is given, then # the "Peers" column is not replaced. If the "--time" command-line option is # given, then the "Started" date/time columns are not replaced. usepeers=0 if [ "$1" = "--peers" ]; then usepeers=1 fi usetimefmt=0 if [ "$1" = "--time" ]; then usetimefmt=1 fi awk -v peers=${usepeers} -v usetimefmt=${usetimefmt} '{ if ( NR > 1 ) { # Check the format of each field, and replace with Xs only if the # format is expected (some fields have unpredictable length, but # we need a constant-width string of Xs). if ( $5 ~ /^[0-9]+$/ ) { $5 = "XXXXX" } # Pid if ( peers == 0 ) { if ( $6 ~ /^([0-9]+|\?+)$/ ) { $6 = "X" } } if ( usetimefmt == 0) { # The "Started" column consists of three fields: if ( $7 ~ /^[0-3][0-9]$/ ) { $7 = "XX" } if ( $8 ~ /^[A-Za-z]+$/ ) { $8 = "XXX" } if ( $9 ~ /^[0-2][0-9]:[0-5][0-9]:[0-5][0-9]$/ ) { $9 = "XX:XX:XX" } } } print }' broctl-1.4-minimal/testing/Scripts/diff-ps-output0000775002342100234210000000226312535575000022032 0ustar johannajohanna#! /usr/bin/env bash # # Replace columns from "broctl ps.bro" output that are not predictable # (such as PID) with Xs, and then sort the lines. awk '{ # Process only lines that have first field of "(+)" or "(-)" if ( $1 ~ /\([+-]\)/ ) { # replace username $2 = "xxxxxx" # Check the format of each field, and replace with Xs only if the # format is expected (some fields have unpredictable length, but # we need a constant-width string of Xs). if ( $3 ~ /^[0-9]+$/ ) { $3 = "XXXXX" } # PID if ( $4 ~ /^[0-9]+$/ ) { $4 = "XXXXX" } # PPID if ( $5 ~ /^[0-9]+\.[0-9]$/ ) { $5 = "XX.X" } # %CPU if ( $6 ~ /^[0-9]+\.[0-9]$/ ) { $6 = "XX.X" } # %MEM if ( $7 ~ /^[0-9]+$/ ) { $7 = "XXXXX" } # VSZ if ( $8 ~ /^[0-9]+$/ ) { $8 = "XXXXX" } # RSS if ( $9 ~ /^[?-]/ ) { $9 = "X" } # TT if ( $10 ~ /^[RS]/ ) { $10 = "X" } # S if ( $11 ~ /[0-9]/ ) { $11 = "XX:XX:XX" } # STARTED if ( $12 ~ /^[0-9]/ ) { $12 = "XX:XX:XX" } # TIME } # Do not output the header line (it is system-dependent) if ( NR > 1 ) { print } }' | sort broctl-1.4-minimal/testing/Scripts/diff-diag-output0000775002342100234210000000125312535575000022312 0ustar johannajohanna#! /usr/bin/env bash # # Remove content from "broctl diag" output that is too system-dependent # (currently, this includes the contents of stderr.log, stdout.log, PATH, # bro version, and system information). awk '{ if ( $0 ~ /^==== std(err|out)\.log/ ) { print; skip=1 } else if ( $0 ~ /^====/ ) { print; skip=0 } else if ( $0 ~ /^$/ ) { print } else if ( skip == 0 ) { if ( $0 ~ /^PATH=/ ) { print "PATH=<...>" } else if ( $0 ~ /^BROPATH=/ ) { print "BROPATH=<...>" } else if ( $0 ~ /^Bro / ) { skip=1 } else { print } } }' broctl-1.4-minimal/testing/Scripts/diff-cron-stats0000775002342100234210000000033412535575000022144 0ustar johannajohanna#! /usr/bin/env bash # # Replace columns from broctl cron's stats.log # that are not predictable with Xs. awk '{ if ( $1 ~ /^[0-9]+\.[0-9]+$/ ) { $1 = "XXXXXXXXXX.XX" } if ( NF > 4 ) { $5 = "X" } print }' broctl-1.4-minimal/testing/Scripts/diff-update-output0000775002342100234210000000043612535575000022672 0ustar johannajohanna#! /usr/bin/env bash # # Replace unpredictable "broctl update" output with a constant string. awk '{ if ( $1 != "updating" ) { if ( $0 ~ /sent [0-9][0-9]* ID/ || $0 ~ /processing suspended/ ) { $0 = $1 " (SOMETHING)" } } print }' broctl-1.4-minimal/testing/Scripts/diff-df-output0000775002342100234210000000104212535575000021773 0ustar johannajohanna#! /usr/bin/env bash # # Replace columns from "broctl df" output that are not predictable with Xs. awk '{ if ( $0 !~ /total[ ]+avail/ ) { $2 = "/xxx/xxx" # Check the format of each field, and replace with Xs only if the # format is expected (some fields have unpredictable length, but # we need a constant-width string of Xs). if ( $3 ~ /^[0-9]+[KMG]$/ ) { $3 = "XXX" } if ( $4 ~ /^[0-9]+[KMG]$/ ) { $4 = "XXX" } if ( $5 ~ /^[0-9]+\.[0-9]$/ ) { $5 = "XX.X" } } print }' broctl-1.4-minimal/testing/Scripts/diff-remove-timestamps-unix0000775002342100234210000000025112535575000024507 0ustar johannajohanna#! /usr/bin/env bash # # Replace timestamps in UNIX format (number of seconds, with fractional part) # with XXXs. sed 's/[0-9]\{10\}\.[0-9]\{2,8\}/XXXXXXXXXX.XXXXXX/g' broctl-1.4-minimal/testing/Scripts/diff-remove-localhost-values0000775002342100234210000000021012535575000024620 0ustar johannajohanna#! /usr/bin/env bash # # Replace localhost values with X (e.g., "key=::1" would convert to "key=X"). sed 's/=::1/=X/;s/=127.0.0.1/=X/' broctl-1.4-minimal/testing/Scripts/diff-remove-timestamps-dd-mmm-hh-mm-ss0000775002342100234210000000024712535575000026333 0ustar johannajohanna#! /usr/bin/env bash # # Replace timestamps of the form "13 Mar 12:34:56" with Xs sed 's/[0-9]\{2\} [A-Za-z]\{3\} [0-9]\{2\}:[0-9]\{2\}:[0-9]\{2\}/XX XXX XX:XX:XX/g' broctl-1.4-minimal/testing/Scripts/diff-top-output0000775002342100234210000000115512535575000022211 0ustar johannajohanna#! /usr/bin/env bash # # Replace columns from "broctl top" output that are not predictable # (such as PID) with Xs. awk '{ if ( $1 !~ /Name/ ) { # Check the format of each field, and replace with Xs only if the # format is expected (some fields have unpredictable length, but # we need a constant-width string of Xs). if ( $4 ~ /^[0-9]+$/ ) { $4 = "XXXXX" } # Pid if ( $6 ~ /^[0-9]+[KMG]$/ ) { $6 = "XXX" } # VSize if ( $7 ~ /^[0-9]+[KMG]$/ ) { $7 = "XXX" } # Rss if ( $8 ~ /^[0-9]+%$/ ) { $8 = "XX%" } # Cpu } print }' | sort broctl-1.4-minimal/testing/Scripts/diff-remove-timestamps-yyyy-mm-dd-hh-mm-ss0000775002342100234210000000026612535575000027200 0ustar johannajohanna#! /usr/bin/env bash # # Replace timestamps of the form "2013-03-27-23-07-55" with Xs sed 's/[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\}-[0-9]\{2\}-[0-9]\{2\}-[0-9]\{2\}/XXXX-XX-XX-XX-XX-XX/' broctl-1.4-minimal/testing/command/0000775002342100234210000000000012535575000017202 5ustar johannajohannabroctl-1.4-minimal/testing/command/print-cluster.test0000664002342100234210000000141112535575000022713 0ustar johannajohanna# Test that the print command can print a value from all nodes, or just a # specified node. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff all.out # @TEST-EXEC: btest-diff onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster_no_netifs EOF ret=0 broctl install broctl start # print value from all nodes broctl print Log::default_rotation_interval > all.out 2>&1 # print value from one node broctl print Log::default_rotation_interval worker-2 > onenode.out 2>&1 broctl stop # no nodes are running, so no value exists broctl print Log::default_rotation_interval > stopped.out 2>&1 # the file size should be zero test ! -s stopped.out || ret=1 exit $ret broctl-1.4-minimal/testing/command/config.test0000664002342100234210000000044312535575000021351 0ustar johannajohanna# Test that the config command outputs the configuration. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out . broctl-test-setup broctl install # test the config command (many config items are system-dependent, so just grab # one) broctl config 2>&1 | grep mailsubjectprefix > out broctl-1.4-minimal/testing/command/install-broport.test0000664002342100234210000000120012535575000023227 0ustar johannajohanna# Test that the install command can install a custom value of the broport # broctl option. # # @TEST-EXEC: bash %INPUT . broctl-test-setup ret=0 broctl install # Verify that the test port number is not installed by default grep -q 41234 $BROCTL_INSTALL_PREFIX/spool/installed-scripts-do-not-touch/auto/standalone-layout.bro && ret=1 # Change the configuration to use a test port number echo "broport=41234" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctl install # Verify that the test port number was installed grep -q 41234 $BROCTL_INSTALL_PREFIX/spool/installed-scripts-do-not-touch/auto/standalone-layout.bro || ret=1 exit $ret broctl-1.4-minimal/testing/command/install-sitepolicypath.test0000664002342100234210000000417412535575000024616 0ustar johannajohanna# Test that the broctl install command copies files and subdirectories (in # the case of duplicates, only the first one is copied) from directories # specified in the sitepolicypath broctl option, and that empty and nonexistent # directories in sitepolicypath are ignored. # # @TEST-EXEC: bash %INPUT . broctl-test-setup ret=0 echo "sitepolicypath=$BROCTL_INSTALL_PREFIX/doesnotexist:$BROCTL_INSTALL_PREFIX/test_site:$BROCTL_INSTALL_PREFIX/emptytestdir:$BROCTL_INSTALL_PREFIX/test_site2" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg # Create directories and files specified in sitepolicypath mkdir $BROCTL_INSTALL_PREFIX/emptytestdir mkdir -p $BROCTL_INSTALL_PREFIX/test_site/emptysubdir mkdir -p $BROCTL_INSTALL_PREFIX/test_site/testsubdir echo "my file" > $BROCTL_INSTALL_PREFIX/test_site/testfile echo "my subfile" > $BROCTL_INSTALL_PREFIX/test_site/testsubdir/testsubfile mkdir -p $BROCTL_INSTALL_PREFIX/test_site2/testsubdir echo "my file2" > $BROCTL_INSTALL_PREFIX/test_site2/testfile echo "other file" > $BROCTL_INSTALL_PREFIX/test_site2/testfile2 echo "my subfile2" > $BROCTL_INSTALL_PREFIX/test_site2/testsubdir/testsubfile echo "other subfile" > $BROCTL_INSTALL_PREFIX/test_site2/testsubdir/testsubfile2 # Verify that the files aren't already installed test ! -e spool/installed-scripts-do-not-touch/site || ret=1 broctl install # Verify that the files and subdirectories were installed while read line; do test -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF spool/installed-scripts-do-not-touch/site/testfile spool/installed-scripts-do-not-touch/site/testfile2 spool/installed-scripts-do-not-touch/site/emptysubdir spool/installed-scripts-do-not-touch/site/testsubdir/testsubfile EOF # Verify that for duplicate files, only the first one was installed while read line; do grep -q 2 $BROCTL_INSTALL_PREFIX/$line && ret=1 done << EOF spool/installed-scripts-do-not-touch/site/testfile spool/installed-scripts-do-not-touch/site/testsubdir/testsubfile EOF # Verify that for duplicate subdirs, only the first one was installed test -e $BROCTL_INSTALL_PREFIX/spool/installed-scripts-do-not-touch/site/testsubdir/testsubfile2 && ret=1 exit $ret broctl-1.4-minimal/testing/command/cron-stats.test0000664002342100234210000000176012535575000022204 0ustar johannajohanna# Test that the broctl cron command logs "top" and "capstats" stats on all # nodes in a cluster to the stats.log file, and moves the file to a different # directory. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-cron-stats btest-diff stats.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster bin/bro__test bin/capstats__test EOF ret=0 broctl install # verify that we start with no stats.log file test -e $BROCTL_INSTALL_PREFIX/spool/stats.log && exit 1 broctl start # verify that we start with no stats.log file in the logs/stats directory test -e $BROCTL_INSTALL_PREFIX/logs/stats/stats.log && ret=1 broctl cron # verify that broctl cron moved the stats.log file to the logs/stats directory test -e $BROCTL_INSTALL_PREFIX/spool/stats.log && ret=1 test ! -e $BROCTL_INSTALL_PREFIX/logs/stats/stats.log && ret=1 cp $BROCTL_INSTALL_PREFIX/logs/stats/stats.log stats.out broctl stop exit $ret broctl-1.4-minimal/testing/command/update-cluster.test0000664002342100234210000000132712535575000023047 0ustar johannajohanna# Test that the update command can update all nodes, or just a specified node. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-update-output btest-diff all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-update-output btest-diff onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster_no_netifs EOF ret=0 broctl install broctl start # update all nodes broctl update > all.out 2>&1 # update one node broctl update worker-2 > onenode.out 2>&1 broctl stop # no nodes are running, so no output is expected broctl update > stopped.out 2>&1 test ! -s stopped.out || ret=1 exit $ret broctl-1.4-minimal/testing/command/cleanup-cluster-crash.test0000664002342100234210000000625512535575000024317 0ustar johannajohanna# Test that the cleanup command can cleanup a crashed node in a cluster # (which includes resetting the crashed node's state to "stopped"), # but does not clean the tmpdir unless "--all" is specified. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: btest-diff cleanup.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status2.out # @TEST-EXEC: btest-diff status3.out # @TEST-EXEC: btest-diff cleanup-stopped.out # @TEST-EXEC: btest-diff status4.out # @TEST-EXEC: btest-diff cleanup-onenode.out # @TEST-EXEC: btest-diff cleanup-all.out # @TEST-EXEC: btest-diff cleanup-all-onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster bin/bro__test EOF cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF crash=worker-1 EOF ret=0 broctl install broctl start touch $BROCTL_INSTALL_PREFIX/spool/tmp/testfile touch $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile # verify one node crashed and all others are running broctl status > status1.out 2>&1 ######################### # test cleanup (without any node arguments) broctl cleanup > cleanup.out 2>&1 # verify that the crashed node's state was reset to "stopped" broctl status > status2.out 2>&1 # the node testfile should not exist test ! -e $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile || ret=1 # the tmpdir testfile should still exist test -e $BROCTL_INSTALL_PREFIX/spool/tmp/testfile || ret=1 ######################### # test cleanup when no nodes are running (without any node arguments) # restart crashed node and then stop all other nodes broctl start worker-1 broctl stop manager proxy-1 worker-2 # verify one node crashed and all others are stopped broctl status > status3.out 2>&1 broctl cleanup > cleanup-stopped.out 2>&1 # verify that the crashed node's state was reset to "stopped" broctl status > status4.out 2>&1 broctl start touch $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile ######################### # test cleanup (with a node argument) broctl cleanup worker-1 > cleanup-onenode.out 2>&1 # the node testfile should not exist test ! -e $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile || ret=1 # the tmpdir testfile should still exist test -e $BROCTL_INSTALL_PREFIX/spool/tmp/testfile || ret=1 broctl stop broctl start touch $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile ######################## # test "cleanup --all" (without a node argument) broctl cleanup --all > cleanup-all.out 2>&1 # the node testfile should be gone test ! -e $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile || ret=1 # the tmpdir testfile should be gone test ! -e $BROCTL_INSTALL_PREFIX/spool/tmp/testfile || ret=1 broctl stop broctl start touch $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile touch $BROCTL_INSTALL_PREFIX/spool/tmp/testfile ######################## # test "cleanup --all" (with a node argument) broctl cleanup --all worker-1 > cleanup-all-onenode.out 2>&1 # the node testfile should be gone test ! -e $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile || ret=1 # the tmpdir testfile should be gone test ! -e $BROCTL_INSTALL_PREFIX/spool/tmp/testfile || ret=1 broctl stop exit $ret broctl-1.4-minimal/testing/command/cron-croncmd.test0000664002342100234210000000105012535575000022463 0ustar johannajohanna# Test that the broctl cron command runs a command specified by the # croncmd broctl option. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email EOF outfile=$BROCTL_INSTALL_PREFIX/testcommand.out echo "croncmd=date -u >> ${outfile}" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg ret=0 broctl install # verify that the output file does not exist test -f ${outfile} && ret=1 broctl cron # verify that the croncmd ran successfully grep -q UTC ${outfile} || ret=1 exit $ret broctl-1.4-minimal/testing/command/check-cluster.test0000664002342100234210000000067412535575000022646 0ustar johannajohanna# Test that the check command can check all nodes in a cluster, or just a # specified node. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff all.out # @TEST-EXEC: btest-diff onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__cluster EOF broctl install # check all nodes broctl check > all.out 2>&1 # check one node broctl check proxy-1 > onenode.out 2>&1 broctl-1.4-minimal/testing/command/cron-disk.test0000664002342100234210000000355012535575000021777 0ustar johannajohanna# Test that the broctl cron command sends an email warning on low disk free # space only when the amount of free disk space crosses the threshold # specified by the mindiskspace broctl option. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail bin/df__test --new bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg # Check if a low disk space email was received. Return 0 if yes, and 1 if no. function check_email() { email=$BROCTL_INSTALL_PREFIX/sendmail.out test ! -e $email && return 1 grep -q "Disk space low on localhost:/dev/sda6" $email test $? -ne 0 && return 1 rm $email return 0 } ret=0 broctl install # Verify the default value of mindiskspace broctl config 2>&1 | sed 's/ //g' | grep -q mindiskspace=5 test $? -ne 0 && exit 1 ################ # Test with lots of free disk space (no email warning) broctl cron check_email && ret=1 ################ # Test with a disk that is almost full (email warning) export BROCTL_TEST_DISK_FULL=1 broctl cron check_email || ret=1 ################ # Test again with same disk usage as before (no duplicate warning is sent) broctl cron check_email && ret=1 ################ # Test with lots of free disk space (no email warning) BROCTL_TEST_DISK_FULL= broctl cron check_email && ret=1 ################ # Test with a disk that is almost full (another warning is sent) BROCTL_TEST_DISK_FULL=1 broctl cron check_email || ret=1 ################ # Test with lots of free disk space, but different mindiskspace (email warning) # Remove previous free disk space records (otherwise we won't get an email) rm $BROCTL_INSTALL_PREFIX/spool/state.db # Update configuration echo "mindiskspace=50" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctl install BROCTL_TEST_DISK_FULL= broctl cron check_email || ret=1 exit $ret broctl-1.4-minimal/testing/command/top-cluster.test0000664002342100234210000000162712535575000022372 0ustar johannajohanna# Test that the top command can show all nodes in a cluster, or just a # specified node. Also test that the exit status is zero if all nodes # are running, and nonzero otherwise. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-top-output btest-diff all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-top-output btest-diff onenode.out # @TEST-EXEC: btest-diff stopped.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster_no_netifs EOF ret=0 broctl install broctl start # show all nodes broctl top > all.out 2>&1 test $? -eq 0 || ret=1 # show one node broctl top proxy-1 > onenode.out 2>&1 broctl stop worker-1 # not all nodes are running broctl top test $? -ne 0 || ret=1 broctl stop # all nodes are stopped broctl top > stopped.out 2>&1 test $? -ne 0 || ret=1 exit $ret broctl-1.4-minimal/testing/command/cron-expire.test0000664002342100234210000000406712535575000022345 0ustar johannajohanna# Test that the broctl cron command does not expire log files by default. # Also test that broctl cron expires log files when the logexpireinterval # option is set to a non-zero value (and that empty log dirs are also removed). # Also test that the keeplogs option prevents matching expired logs from being # removed. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email EOF ret=0 testlogdir=$BROCTL_INSTALL_PREFIX/logs/2012-10-31 broctl install # Verify that log expire is off by default broctl config 2>&1 | sed 's/ //g' | grep -q logexpireinterval=0 test $? -ne 0 && exit 1 # Create a log file with a recent timestamp and one with very old timestamp mkdir ${testlogdir} touch ${testlogdir}/recent.log touch -t 201210311030 ${testlogdir}/old.log broctl cron # Verify that broctl cron did not remove any log files test ! -e ${testlogdir}/recent.log && ret=1 test ! -e ${testlogdir}/old.log && ret=1 # Update the configuration by changing the "logexpireinterval" option echo "logexpireinterval=30" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctl install broctl cron # Verify that broctl cron removed the old log file (and not the recent one) test ! -e ${testlogdir}/recent.log && ret=1 test -e ${testlogdir}/old.log && ret=1 # Remove the recent log file and restore the old one rm ${testlogdir}/recent.log touch -t 201210311030 ${testlogdir}/old.log broctl cron # Verify that broctl cron removed the old log and the empty log dir test -e ${testlogdir} && ret=1 # Update the configuration by changing the "keeplogs" option echo "keeplogs=old.*" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctl install # Create some log files with recent and old timestamps mkdir ${testlogdir} touch ${testlogdir}/recent.log touch -t 201210311030 ${testlogdir}/old.log touch -t 201210311030 ${testlogdir}/anotherold.log broctl cron # Verify that broctl cron removed only anotherold.log test ! -e ${testlogdir}/recent.log && ret=1 test ! -e ${testlogdir}/old.log && ret=1 test -e ${testlogdir}/anotherold.log && ret=1 exit $ret broctl-1.4-minimal/testing/command/deploy-cluster.test0000664002342100234210000000241312535575000023056 0ustar johannajohanna# Test that the deploy command can start all nodes before any other broctl # command is run. Test that the deploy command works when there is a mix of # running and stopped nodes. Test that the deploy command returns exit status # of zero when all nodes started successfully. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff deploy1.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status2.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff deploy2.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status3.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster bin/bro__test EOF ret=0 # test that deploy works without first running any other broctl command broctl deploy > deploy1.out 2>&1 test $? -eq 0 || ret=1 broctl status > status1.out # stop one node broctl stop worker-1 broctl status > status2.out # test that deploy works when there is a mix of running/stopped nodes broctl deploy > deploy2.out 2>&1 test $? -eq 0 || ret=1 broctl status > status3.out broctl stop exit $ret broctl-1.4-minimal/testing/command/scripts-cluster.test0000664002342100234210000000266512535575000023262 0ustar johannajohanna# Test that the scripts command can output contents of loaded_scripts.log # on all nodes, or just a specified node. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-timestamps-yyyy-mm-dd-hh-mm-ss btest-diff all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-timestamps-yyyy-mm-dd-hh-mm-ss btest-diff onenode.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-timestamps-yyyy-mm-dd-hh-mm-ss btest-diff c-all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-timestamps-yyyy-mm-dd-hh-mm-ss btest-diff c-onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__cluster EOF # replace one or more continuous lines of absolute paths with one line of text, # and ignore lines with "processing suspended" or "processing continued" rmpaths='awk "{ if(\$1 ~ /\/.*/) { if(p==0) { print \"<...paths...>\"; p=1; } } else { p=0; if(\$1 != \"processing\" ) { print; } } }"' broctl install # show loaded_scripts.log for all nodes broctl scripts > tmp1.out 2>&1 eval ${rmpaths} tmp1.out > all.out # show loaded_scripts.log for one node broctl scripts proxy-1 > tmp2.out 2>&1 eval ${rmpaths} tmp2.out > onenode.out # Test with "-c" for all nodes broctl scripts -c > tmp3.out 2>&1 eval ${rmpaths} tmp3.out > c-all.out # Test with "-c" for one node broctl scripts -c proxy-1 > tmp4.out 2>&1 eval ${rmpaths} tmp4.out > c-onenode.out broctl-1.4-minimal/testing/command/start-stop-standalone.test0000664002342100234210000000262712535575000024360 0ustar johannajohanna# Test that the start command can start a standalone bro and create certain # files, and test that the stop command can stop bro and remove those files. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff start.out # @TEST-EXEC: btest-diff stop.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email bin/bro__test EOF ret=0 broctl install # verify that these files don't already exist before the start command runs test ! -e $BROCTL_INSTALL_PREFIX/spool/bro || ret=1 test ! -e $BROCTL_INSTALL_PREFIX/spool/stats.log || ret=1 broctl start > start.out 2>&1 # the start command creates some files (these are NOT created by bro itself) while read line; do test -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF spool/bro/.cmdline spool/bro/.env_vars spool/bro/.pid spool/bro/.startup spool/bro/stderr.log spool/bro/stdout.log EOF # verify that starting the node was logged in stats.log grep started $BROCTL_INSTALL_PREFIX/spool/stats.log || ret=1 broctl stop > stop.out 2>&1 # the stop command should cleanup the node directory while read line; do test ! -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF spool/bro/.cmdline spool/bro/.env_vars spool/bro/.pid spool/bro/.startup spool/bro/stderr.log spool/bro/stdout.log EOF # verify that stopping the node was logged in stats.log grep stopped $BROCTL_INSTALL_PREFIX/spool/stats.log || ret=1 exit $ret broctl-1.4-minimal/testing/command/cleanup-cluster.test0000664002342100234210000000330312535575000023210 0ustar johannajohanna# Test that the cleanup command does not cleanup any running nodes, and # does not cleanup tmpdir unless the "--all" option is specified. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff cleanup.out # @TEST-EXEC: btest-diff cleanup-onenode.out # @TEST-EXEC: btest-diff cleanup-all.out # @TEST-EXEC: btest-diff cleanup-all-onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster bin/bro__test EOF ret=0 broctl install broctl start touch $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile touch $BROCTL_INSTALL_PREFIX/spool/tmp/testfile ######################### # test the cleanup command (with and without a node argument) broctl cleanup > cleanup.out 2>&1 broctl cleanup worker-1 > cleanup-onenode.out 2>&1 # the node testfile should still exist test -e $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile || ret=1 # the tmpdir testfile should still exist test -e $BROCTL_INSTALL_PREFIX/spool/tmp/testfile || ret=1 ######################### # test "cleanup --all" (without a node argument) broctl cleanup --all > cleanup-all.out 2>&1 # the node testfile should still exist test -e $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile || ret=1 # the tmpdir testfile should be gone test ! -e $BROCTL_INSTALL_PREFIX/spool/tmp/testfile || ret=1 touch $BROCTL_INSTALL_PREFIX/spool/tmp/testfile ######################### # test "cleanup --all" (with a node argument) broctl cleanup --all worker-1 > cleanup-all-onenode.out 2>&1 # the node testfile should still exist test -e $BROCTL_INSTALL_PREFIX/spool/worker-1/testfile || ret=1 # the tmpdir testfile should be gone test ! -e $BROCTL_INSTALL_PREFIX/spool/tmp/testfile || ret=1 broctl stop exit $ret broctl-1.4-minimal/testing/command/restart-cluster.test0000664002342100234210000000201112535575000023240 0ustar johannajohanna# Test that the restart command can start all stopped nodes, or just a # specified node. Test that the restart command can restart all running nodes, # or just a specified node. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff start-all.out # @TEST-EXEC: btest-diff restart-one.out # @TEST-EXEC: btest-diff restart-all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff restart-all-clean.out # @TEST-EXEC: btest-diff start-one.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster bin/bro__test EOF broctl install # start all nodes (using restart command) broctl restart > start-all.out 2>&1 # restart one node broctl restart worker-1 > restart-one.out 2>&1 # restart all nodes broctl restart > restart-all.out 2>&1 # restart all nodes with --clean option broctl restart --clean > restart-all-clean.out 2>&1 broctl stop # start one node (using restart command) broctl restart manager > start-one.out 2>&1 broctl stop broctl-1.4-minimal/testing/command/netstats-cluster.test0000664002342100234210000000144112535575000023427 0ustar johannajohanna# Test that the netstats command can get status of all nodes, or just # a specified node. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-timestamps-unix btest-diff all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-timestamps-unix btest-diff onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster_no_netifs EOF ret=0 broctl install broctl start # get status of all nodes broctl netstats > all.out 2>&1 # get status of one node broctl netstats worker-2 > onenode.out 2>&1 broctl stop # no nodes are running, so no status exists broctl netstats > stopped.out 2>&1 # the file size should be zero test ! -s stopped.out || ret=1 exit $ret broctl-1.4-minimal/testing/command/exit-quit.test0000664002342100234210000000033712535575000022037 0ustar johannajohanna# Test the exit and quit commands. # # @TEST-EXEC: bash %INPUT . broctl-test-setup broctl install # test the exit command broctl exit test $? -eq 0 || exit 1 # test the quit command broctl quit test $? -eq 0 || exit 1 broctl-1.4-minimal/testing/command/nodes-cluster.test0000664002342100234210000000053012535575000022670 0ustar johannajohanna# Test that the nodes command lists all nodes in a cluster. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath | $SCRIPTS/diff-remove-localhost-values" btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__cluster_test EOF broctl nodes > out 2>&1 broctl-1.4-minimal/testing/command/restart-cluster-crash.test0000664002342100234210000000215412535575000024346 0ustar johannajohanna# Test that the restart command can restart crashed nodes and that a crash # report is sent. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: btest-diff restart.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status2.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail etc/node.cfg__cluster bin/bro__test bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF crash=worker-1 EOF ret=0 broctl install broctl start # when we restart, make sure no nodes crash rm $BROCTL_INSTALL_PREFIX/broctltest.cfg # verify that a node crashed broctl status > status1.out 2>&1 # verify that no email has been sent test ! -e $BROCTL_INSTALL_PREFIX/sendmail.out || ret=1 broctl restart > restart.out 2>&1 # verify that a crash report was sent grep -q "Crash report from worker-1" $BROCTL_INSTALL_PREFIX/sendmail.out || ret=1 # verify that all nodes are running broctl status > status2.out 2>&1 broctl stop exit $ret broctl-1.4-minimal/testing/command/start-stop-big-cluster.test0000664002342100234210000000140312535575000024437 0ustar johannajohanna# Test that the start and stop commands can handle a big cluster (i.e., # a cluster with a large number of nodes). # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff start.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: btest-diff stop.out # @TEST-EXEC: btest-diff status2.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__big_cluster bin/bro__test EOF broctl install broctl start > start.out 2>&1 # verify that all nodes are started broctl status > status1.out 2>&1 broctl stop > stop.out 2>&1 # verify that all nodes are stopped broctl status > status2.out 2>&1 # broctl status returns non-zero when not all nodes are running exit 0 broctl-1.4-minimal/testing/command/nodes-standalone.test0000664002342100234210000000036012535575000023340 0ustar johannajohanna# Test that the nodes command lists the standalone bro node. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-localhost-values btest-diff out . broctl-test-setup broctl install broctl nodes > out 2>&1 broctl-1.4-minimal/testing/command/df-cluster.test0000664002342100234210000000102112535575000022145 0ustar johannajohanna# Test that the df command can get disk usage for all nodes in a cluster, or # just a specified node. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-df-output btest-diff all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-df-output btest-diff onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__cluster EOF broctl install # check usage on all nodes broctl df > all.out 2>&1 # check usage on one node broctl df worker-1 > onenode.out 2>&1 broctl-1.4-minimal/testing/command/start-stop-cluster.test0000664002342100234210000000335712535575000023712 0ustar johannajohanna# Test that the start command can start all stopped nodes, or just a specified # node. Test that the stop command can stop all running nodes, or just a # specified node. Test that the start and stop commands return exit status # of zero when all nodes started or stopped successfully. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff start-all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: btest-diff stop-one.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status2.out # @TEST-EXEC: btest-diff stop-remaining.out # @TEST-EXEC: btest-diff status3.out # @TEST-EXEC: btest-diff start-one.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status4.out # @TEST-EXEC: btest-diff start-remaining.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status5.out # @TEST-EXEC: btest-diff stop-all.out # @TEST-EXEC: btest-diff status6.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster bin/bro__test EOF ret=0 broctl install # start all nodes broctl start > start-all.out 2>&1 test $? -eq 0 || ret=1 broctl status > status1.out 2>&1 # stop one node broctl stop worker-1 > stop-one.out 2>&1 broctl status > status2.out 2>&1 # stop all remaining running nodes broctl stop > stop-remaining.out 2>&1 broctl status > status3.out 2>&1 # start one node broctl start manager > start-one.out 2>&1 broctl status > status4.out 2>&1 # start all remaining stopped nodes broctl start > start-remaining.out 2>&1 broctl status > status5.out 2>&1 # stop all nodes broctl stop > stop-all.out 2>&1 test $? -eq 0 || ret=1 broctl status > status6.out 2>&1 exit $ret broctl-1.4-minimal/testing/command/status-cluster.test0000664002342100234210000000171612535575000023112 0ustar johannajohanna# Test that the status command can get status of all nodes, or just a # specified node. Also test that the exit status is zero if all nodes # are running, and nonzero otherwise. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-status-output --peers" btest-diff all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-status-output --peers" btest-diff onenode.out # @TEST-EXEC: btest-diff stopped.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster_no_netifs EOF ret=0 broctl install broctl start # get status of all nodes broctl status > all.out 2>&1 test $? -eq 0 || ret=1 # get status of one node broctl status manager > onenode.out 2>&1 broctl stop worker-1 # not all nodes are running broctl status test $? -ne 0 || ret=1 broctl stop # all nodes are stopped broctl status > stopped.out 2>&1 test $? -ne 0 || ret=1 exit $ret broctl-1.4-minimal/testing/command/start-cluster-slowstart.test0000664002342100234210000000141512535575000024760 0ustar johannajohanna# Test that the start command can handle a Bro node that is slow to initialize. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff start.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: btest-diff status2.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster bin/bro__test EOF cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF slowstart=worker-1 EOF broctl install # start all nodes broctl start > start.out 2>&1 # verify that one node is still initializing broctl status > status1.out 2>&1 broctl stop # verify that all nodes are stopped broctl status > status2.out 2>&1 # broctl status returns non-zero if not all nodes are running exit 0 broctl-1.4-minimal/testing/command/check-standalone.test0000664002342100234210000000166312535575000023314 0ustar johannajohanna# Test that the check command can check a standalone configuration, and # that it does not look at installed policy files, but rather those in # the SitePolicyPath. Test that it returns zero exit status on success, # and nonzero otherwise. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff check1.out # @TEST-EXEC: btest-diff check2.out # @TEST-EXEC: btest-diff check3.out . broctl-test-setup ret=0 broctl install # verify that initial config is ok broctl check > check1.out 2>&1 test $? -eq 0 || ret=1 # verify that broctl check does not look at installed site policy echo "this is an error" >> $BROCTL_INSTALL_PREFIX/spool/installed-scripts-do-not-touch/site/local.bro broctl check > check2.out 2>&1 # verify that broctl check looks at policy files in SitePolicyPath echo "this is an error" >> $BROCTL_INSTALL_PREFIX/share/bro/site/local.bro broctl check > tmp.out 2>&1 test $? -ne 0 || ret=1 head -n 1 tmp.out > check3.out exit $ret broctl-1.4-minimal/testing/command/exec-cluster.test0000664002342100234210000000044612535575000022512 0ustar johannajohanna# Test that the exec command can exec a command on all nodes in a cluster. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__cluster EOF broctl install broctl exec echo hello world > out 2>&1 broctl-1.4-minimal/testing/command/install-broctl-config.test0000664002342100234210000000167312535575000024306 0ustar johannajohanna# Test that the install command creates a broctl-config.bro policy file # containing the values of certain broctl options. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff broctl-config.bro . broctl-test-setup broctlcfg=$BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctlconfig=$BROCTL_INSTALL_PREFIX/spool/installed-scripts-do-not-touch/auto/broctl-config.bro # Specify non-default values for options that are written to broctl-config.bro echo "MailTo=broctltest@somedomain" >> ${broctlcfg} echo "MailAlarmsTo=broctltest2@somedomain2" >> ${broctlcfg} echo "SendMail=/path/to/sendmail" >> ${broctlcfg} echo "MailSubjectPrefix=This is Subject" >> ${broctlcfg} echo "MailFrom=broctltestuser@mydomain" >> ${broctlcfg} echo "LogRotationInterval=12345" >> ${broctlcfg} echo "MailAlarmsInterval=98765" >> ${broctlcfg} echo "IPv6Comm=0" >> ${broctlcfg} ret=0 test ! -e ${broctlconfig} || ret=1 broctl install cp ${broctlconfig} broctl-config.bro exit $ret broctl-1.4-minimal/testing/command/stop-crash-shutdown.test0000664002342100234210000000265012535575000024042 0ustar johannajohanna# Test that the stop command reports a node that crashed during shutdown, # and verify that broctl does not clean the crashed node's working directory # and does not send a crash report. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: btest-diff stop.out # @TEST-EXEC: btest-diff status2.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail etc/node.cfg__cluster bin/bro__test bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF crashshutdown=worker-1 EOF ret=0 broctl install broctl start # verify that all nodes started broctl status > status1.out 2>&1 # test the stop command broctl stop > stop.out 2>&1 # verify that the crashed node is in the crashed state broctl status > status2.out 2>&1 # the stop command should not cleanup the crashed node directory while read line; do test -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF spool/worker-1/.cmdline spool/worker-1/.env_vars spool/worker-1/.pid spool/worker-1/.startup spool/worker-1/stderr.log spool/worker-1/stdout.log EOF # the crashed node should not be logged as "stopped" in stats.log grep stopped $BROCTL_INSTALL_PREFIX/spool/stats.log | grep worker-1 && ret=1 # verify that a crash report was not sent test ! -e $BROCTL_INSTALL_PREFIX/sendmail.out || ret=1 exit $ret broctl-1.4-minimal/testing/command/diag-cluster.test0000664002342100234210000000112612535575000022466 0ustar johannajohanna# Test that the diag command can output diags for all nodes in a cluster, or # just one node. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-diag-output btest-diff all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-diag-output btest-diff onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster bin/bro__test EOF broctl install broctl start # output diags for all nodes broctl diag > all.out 2>&1 # output diags for one node broctl diag worker-2 > onenode.out 2>&1 broctl stop broctl-1.4-minimal/testing/command/stop-slowstop.test0000664002342100234210000000220112535575000022753 0ustar johannajohanna# Test that the stop command can stop a Bro that does not terminate within # "stoptimeout" seconds, and that remaining log files are archived. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: btest-diff stop.out # @TEST-EXEC: btest-diff status2.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email bin/bro__test EOF echo "stoptimeout=10" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF slowstop=bro EOF ret=0 broctl install broctl start # verify that bro is running broctl status > status1.out 2>&1 # verify that a log file exists test -f $BROCTL_INSTALL_PREFIX/spool/bro/loaded_scripts.log || ret=1 broctl stop > stop.out 2>&1 # verify that bro is stopped broctl status > status2.out 2>&1 # verify that the log file was archived test ! -e $BROCTL_INSTALL_PREFIX/spool/bro/loaded_scripts.log || ret=1 # wait for archive-log to finish in the background sleep 5 find $BROCTL_INSTALL_PREFIX/logs/2* -type f > find.out grep -q loaded_scripts find.out || ret=1 exit $ret broctl-1.4-minimal/testing/command/start-cluster-broargs.test0000664002342100234210000000123212535575000024352 0ustar johannajohanna# Test that the start command starts a cluster and passes additional # arguments to Bro as specified in the broargs broctl option. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug.log . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__debug etc/node.cfg__cluster bin/bro__test EOF echo "broargs=mytest myscript" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctl install broctl start # extract the relevant lines from debug.log grep CLUSTER_NODE $BROCTL_INSTALL_PREFIX/spool/debug.log > debug.log broctl stop broctl-1.4-minimal/testing/command/diag-standalone.test0000664002342100234210000000055012535575000023135 0ustar johannajohanna# Test that the diag command can output diags for a standalone bro. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-diag-output btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email bin/bro__test EOF broctl install broctl start broctl diag > out 2>&1 broctl stop broctl-1.4-minimal/testing/command/install-standalone.test0000664002342100234210000000202012535575000023671 0ustar johannajohanna# Test that the install command creates necessary directories and files. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out . broctl-test-setup ret=0 while read line; do test ! -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF logs/current spool/broctl-config.sh spool/state.db spool/installed-scripts-do-not-touch/site/local.bro spool/installed-scripts-do-not-touch/auto/broctl-config.bro spool/installed-scripts-do-not-touch/auto/local-networks.bro spool/installed-scripts-do-not-touch/auto/standalone-layout.bro EOF broctl install > out 2>&1 test -h $BROCTL_INSTALL_PREFIX/logs/current || ret=1 while read line; do test -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF spool/broctl-config.sh spool/state.db spool/installed-scripts-do-not-touch/site/local.bro spool/installed-scripts-do-not-touch/auto/broctl-config.bro spool/installed-scripts-do-not-touch/auto/local-networks.bro spool/installed-scripts-do-not-touch/auto/standalone-layout.bro EOF exit $ret broctl-1.4-minimal/testing/command/cron-restart-crash.test0000664002342100234210000000210412535575000023621 0ustar johannajohanna# Test that the cron command restarts a crashed node and sends a crash report, # unless the "--no-watch" option is specified. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status2.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail etc/node.cfg__cluster bin/bro__test bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF crash=worker-1 EOF ret=0 broctl install broctl start # make sure cron can restart the crashed node rm -f $BROCTL_INSTALL_PREFIX/broctltest.cfg # test with the "--no-watch" option broctl cron --no-watch broctl status > status1.out 2>&1 rm $BROCTL_INSTALL_PREFIX/sendmail.out # test without the "--no-watch" option broctl cron # verify that a crash report was sent grep -q "Crash report from worker-1" $BROCTL_INSTALL_PREFIX/sendmail.out || ret=1 broctl status > status2.out 2>&1 broctl stop exit $ret broctl-1.4-minimal/testing/command/cron-enable-disable.test0000664002342100234210000000106512535575000023673 0ustar johannajohanna# Test that the initial default cron state is correct, and that the state # can be set to either disabled or enabled. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff disable.out # @TEST-EXEC: btest-diff enable.out # @TEST-EXEC: btest-diff out . broctl-test-setup broctl install # check the initial default state broctl cron ? > out 2>&1 # test that the state can be set to disabled broctl cron disable > disable.out 2>&1 broctl cron ? >> out 2>&1 # test that the state can be set to enabled broctl cron enable > enable.out 2>&1 broctl cron ? >> out 2>&1 broctl-1.4-minimal/testing/command/peerstatus-cluster.test0000664002342100234210000000144012535575000023760 0ustar johannajohanna# Test that the peerstatus command can get status of all nodes, or just # a specified node. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-peerstatus-output btest-diff all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-peerstatus-output btest-diff onenode.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster_no_netifs EOF ret=0 broctl install broctl start # get status of all nodes broctl peerstatus > all.out 2>&1 # get status of one node broctl peerstatus worker-2 > onenode.out 2>&1 broctl stop # no nodes are running, so no status exists broctl peerstatus > stopped.out 2>&1 # the file size should be zero test ! -s stopped.out || ret=1 exit $ret broctl-1.4-minimal/testing/command/process-standalone.test0000664002342100234210000000306612535575000023714 0ustar johannajohanna# Test that the process command can run bro on the specified trace file, # with or without extra Bro options or Bro scripts. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out . broctl-test-setup ret=0 broctl install test ! -e $BROCTL_INSTALL_PREFIX/spool/tmp/testing || ret=1 ##################### # run without any extra bro options broctl process $TRACES/dns-session.trace > out 2>&1 # verify that tmp work directory was created test -d $BROCTL_INSTALL_PREFIX/spool/tmp/testing || ret=1 ##################### # run with extra bro options (but no extra bro scripts) broctl process $TRACES/dns-session.trace -p test # verify that specified bro options are at the start of the Bro command-line grep "^-p test " $BROCTL_INSTALL_PREFIX/spool/tmp/testing/.cmdline || ret=1 ##################### # run with extra bro scripts (but no bro options) broctl process $TRACES/dns-session.trace -- test123.bro test456.bro # verify that specified bro scripts are at the end of the Bro command-line grep "test123.bro test456.bro$" $BROCTL_INSTALL_PREFIX/spool/tmp/testing/.cmdline || ret=1 ##################### # run with extra bro options and scripts broctl process $TRACES/dns-session.trace -p opt2 -- script2.bro # verify that specified bro options are at the start of the Bro command-line grep "^-p opt2 " $BROCTL_INSTALL_PREFIX/spool/tmp/testing/.cmdline || ret=1 # verify that specified bro scripts are at the end of the Bro command-line grep "script2.bro$" $BROCTL_INSTALL_PREFIX/spool/tmp/testing/.cmdline || ret=1 exit $ret broctl-1.4-minimal/testing/command/cron-expirestats.test0000664002342100234210000000245612535575000023424 0ustar johannajohanna# Test that the broctl cron command does not expire entries in the stats.log # file by default. Also test that broctl cron expires entries in the stats.log # file when the statslogexpireinterval option is set to a non-zero value. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email EOF ret=0 testlogdir=$BROCTL_INSTALL_PREFIX/logs/stats teststatslog=$testlogdir/stats.log broctl install # Create a stats.log file with an old entry and a recent entry now=`date +%s` yesterday=$(( now - 86400 )) mkdir -p ${testlogdir} echo "${yesterday}.00 bro action old" >> ${teststatslog} echo "${now}.00 bro action new" >> ${teststatslog} # Verify that stats.log expire is off by default broctl config 2>&1 | sed 's/ //g' | grep -q statslogexpireinterval=0 test $? -ne 0 && exit 1 broctl cron # Verify that broctl cron did not remove any log entries grep -q "action old" ${teststatslog} || ret=1 # Update the configuration by changing the "statslogexpireinterval" option echo "statslogexpireinterval=1" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctl install broctl cron # Verify that broctl cron removed the old log entry (and not the recent one) grep -q "action old" ${teststatslog} && ret=1 grep -q "action new" ${teststatslog} || ret=1 exit $ret broctl-1.4-minimal/testing/command/capstats-cluster.test0000664002342100234210000000147512535575000023413 0ustar johannajohanna# Test that the capstats command can get stats on all unique host/interface # pairs in a cluster, or on just the specified node, and also over a # specified time interval. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff all.out # @TEST-EXEC: btest-diff onenode.out # @TEST-EXEC: btest-diff interval.out # @TEST-EXEC: btest-diff onenode-interval.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__cluster bin/capstats__test EOF broctl install # get capstats on all nodes broctl capstats > all.out 2>&1 # get capstats on one node broctl capstats worker-2 > onenode.out 2>&1 # get the capstats over a specified time interval broctl capstats 4 > interval.out 2>&1 # get capstats on one node over a specified time interval broctl capstats worker-2 3 > onenode-interval.out 2>&1 broctl-1.4-minimal/testing/command/install-cluster-layout.test0000664002342100234210000000150012535575000024537 0ustar johannajohanna# Test that the install command installs the cluster-layout.bro file, and # that the contents of that file are affected by certain broctl options. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-cluster-layout btest-diff cluster-layout.bro . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__cluster EOF clusterlayout=$BROCTL_INSTALL_PREFIX/spool/installed-scripts-do-not-touch/auto/cluster-layout.bro ret=0 broctl install # verify that there is no time machine info by default grep -q time-machine ${clusterlayout} test $? -ne 0 || ret=1 echo "TimeMachineHost=192.168.0.11" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg echo "TimeMachinePort=12345/tcp" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctl install cp ${clusterlayout} cluster-layout.bro exit $ret broctl-1.4-minimal/testing/command/start-memlimit.test0000664002342100234210000000117312535575000023055 0ustar johannajohanna# Test that the start command uses the memlimit broctl option when # starting bro. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email bin/bro__test EOF stdoutlog=$BROCTL_INSTALL_PREFIX/spool/bro/stdout.log ret=0 # test using the default value of memlimit broctl install broctl start grep kbytes ${stdoutlog} | grep unlimited || ret=1 broctl stop # test using a custom value of memlimit echo "memlimit=123456" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctl install broctl start grep kbytes ${stdoutlog} | grep 123456 || ret=1 broctl stop exit $ret broctl-1.4-minimal/testing/command/install-local.test0000664002342100234210000000216112535575000022641 0ustar johannajohanna# Test that the "install --local" command creates necessary directories and # files. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__cluster EOF ret=0 while read line; do test ! -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF logs/current spool/broctl-config.sh spool/state.db spool/installed-scripts-do-not-touch/site/local.bro spool/installed-scripts-do-not-touch/auto/broctl-config.bro spool/installed-scripts-do-not-touch/auto/local-networks.bro spool/installed-scripts-do-not-touch/auto/cluster-layout.bro EOF broctl install --local > out 2>&1 test -h $BROCTL_INSTALL_PREFIX/logs/current || ret=1 while read line; do test -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF spool/broctl-config.sh spool/state.db spool/installed-scripts-do-not-touch/site/local.bro spool/installed-scripts-do-not-touch/auto/broctl-config.bro spool/installed-scripts-do-not-touch/auto/local-networks.bro spool/installed-scripts-do-not-touch/auto/cluster-layout.bro EOF exit $ret broctl-1.4-minimal/testing/command/status-timefmt.test0000664002342100234210000000111412535575000023066 0ustar johannajohanna# Test that the status command can output status with an alternate time format # as specified with the timefmt broctl option. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-status-output --time | $SCRIPTS/diff-remove-timestamps-yyyy-mm-dd" btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster_no_netifs EOF echo "timefmt=%Y-%m-%d" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg broctl install broctl start broctl status > out 2>&1 broctl stop broctl-1.4-minimal/testing/command/start-cluster-crash.test0000664002342100234210000000325312535575000024020 0ustar johannajohanna# Test that the start command starts a cluster and reports to the user # that a node crashed, and does not log the crashed node in the stats.log file. # Test that the start command can start a node in the crashed state, and # that it sends a crash report. Test that the start command returns nonzero # exit status when not all nodes start successfully. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff start1.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: btest-diff start2.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status2.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail etc/node.cfg__cluster bin/bro__test bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF crash=worker-1 EOF ret=0 broctl install # start all nodes, and one will crash broctl start > start1.out 2>&1 test $? -ne 0 || ret=1 # the crashed node should not be logged as "started" in stats.log grep started $BROCTL_INSTALL_PREFIX/spool/stats.log | grep worker-1 && ret=1 # verify that a node is in the crashed state broctl status > status1.out 2>&1 # this time we don't want it to crash rm -f $BROCTL_INSTALL_PREFIX/broctltest.cfg # verify that no email has been sent test ! -e $BROCTL_INSTALL_PREFIX/sendmail.out || ret=1 # try to start a node in the "crashed" state broctl start > start2.out 2>&1 # verify that a crash report was sent grep -q "Crash report from worker-1" $BROCTL_INSTALL_PREFIX/sendmail.out || ret=1 # verify that all nodes are running broctl status > status2.out 2>&1 broctl stop exit $ret broctl-1.4-minimal/testing/command/cron-meta.test0000664002342100234210000000174212535575000021774 0ustar johannajohanna# Test that the broctl cron command creates the meta.dat file, and some *.csv # files. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-cron-meta btest-diff meta.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster bin/bro__test bin/capstats__test EOF logsstats=$BROCTL_INSTALL_PREFIX/logs/stats ret=0 broctl install broctl start # verify that we start with no meta.dat file test -e $logsstats/meta.dat && ret=1 test -e $logsstats/www/meta.dat && ret=1 # verify that there are no *.csv files find $logsstats/www -name *.csv > find1.out test -s find1.out && ret=1 broctl cron # verify that broctl cron created the meta.dat file test ! -e $logsstats/meta.dat && ret=1 test ! -e $logsstats/www/meta.dat && ret=1 cp $logsstats/meta.dat meta.out # verify that some *.csv files were created find $logsstats/www -name *.csv > find2.out test ! -s find2.out && ret=1 broctl stop exit $ret broctl-1.4-minimal/testing/command/stop-cluster-crash.test0000664002342100234210000000347712535575000023660 0ustar johannajohanna# Test that the stop command can cleanup a crashed node (including resetting # its state to "stopped") and sends a crash report, and does not log the # crashed node in the stats.log file. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-status-output btest-diff status1.out # @TEST-EXEC: btest-diff stop.out # @TEST-EXEC: btest-diff status2.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail etc/node.cfg__cluster bin/bro__test bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF crash=worker-1 EOF ret=0 broctl install broctl start # the start command creates some files (these are NOT created by bro itself) while read line; do test -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF spool/worker-1/.cmdline spool/worker-1/.env_vars spool/worker-1/.pid spool/worker-1/.startup spool/worker-1/stderr.log spool/worker-1/stdout.log EOF # verify that a node crashed broctl status > status1.out 2>&1 # verify that no email has been sent test ! -e $BROCTL_INSTALL_PREFIX/sendmail.out || ret=1 # test the stop command broctl stop > stop.out 2>&1 # the stop command should cleanup the crashed node directory while read line; do test ! -e $BROCTL_INSTALL_PREFIX/$line || ret=1 done << EOF spool/worker-1/.cmdline spool/worker-1/.env_vars spool/worker-1/.pid spool/worker-1/.startup spool/worker-1/stderr.log spool/worker-1/stdout.log EOF # the crashed node should not be logged as "stopped" in stats.log grep stopped $BROCTL_INSTALL_PREFIX/spool/stats.log | grep worker-1 && ret=1 # verify that a crash report was sent grep -q "Crash report from worker-1" $BROCTL_INSTALL_PREFIX/sendmail.out || ret=1 # verify that all nodes are in the stopped state broctl status > status2.out 2>&1 exit $ret broctl-1.4-minimal/testing/btest.cfg0000664002342100234210000000067712535575000017400 0ustar johannajohanna[btest] TestDirs = initialization command plugin helper TmpDir = %(testbase)s/.tmp BaselineDir = %(testbase)s/Baseline IgnoreDirs = .svn CVS .tmp IgnoreFiles = *.tmp *.swp #* *.trace .DS_Store [environment] INSTALL=%(testbase)s/../build/testing TZ=UTC LC_ALL=C PATH=%(testbase)s/Scripts:%(testbase)s/../../btest:%(default_path)s TRACES=%(testbase)s/Traces SCRIPTS=%(testbase)s/Scripts BROCTLCFG=%(testbase)s/Cfg TMPDIR=%(testbase)s/.tmp broctl-1.4-minimal/testing/README0000664002342100234210000000701212535575000016444 0ustar johannajohannaThis a test suite of small "unit tests" that verify individual pieces of BroCtl functionality. They all utilize BTest, a simple framework/driver for writing unit tests. More information about BTest can be found at http://www.bro.org/development/README.btest.html The test suite's BTest configuration is handled through the ``btest.cfg`` file. Of particular interest is the "TestDirs" settings, which specifies which directories BTest will recursively search for test files. Significant Subdirectories ========================== * Baseline/ Validated baselines for comparison against the output of each test on future runs. If the new output differs from the Baseline output, then the test fails. * Traces/ Packet captures utilized by the various BTest tests. * Cfg/ This is a collection of config files utilized by various BTest tests. The directory hierarchy emulates the hierarchy of the Bro installation directory. Running Tests ============= In order to run the tests you must clone the entire Bro repo (not just the broctl repo). Next, either use the ``make all`` or ``make brief`` ``Makefile`` targets to run all the tests (these will automatically build Bro before running any of the broctl tests). If Bro fails to build, you can define an environment variable BROCTL_TEST_BUILDARGS which specifies additional options that will be passed to Bro's "configure" script. If Bro builds successfully, but one or more tests fail, then you can re-run all failed tests with ``make rerun``. If you want to run just a subset of the tests, then build Bro with ``make buildbro``, followed by ``btest`` directly with desired options/arguments. Examples: * btest If you simply execute btest in this directory with no arguments, then all directories listed as "TestDirs" in btest.cfg will be searched recursively for test files. * btest test_directory You can specify a directory on the command line to run just the tests contained in that directory. This is useful if you wish to run all of a given type of test, without running all the tests there are. For example, "btest command" will run all of the broctl command unit tests. * btest test_directory/test_file You can specify a single test file to run just that test. This is useful when testing a single failing test or when developing a new test. Adding Tests ============ See either the `BTest documentation `_ or the existing unit tests for examples of what they actually look like. The essential components of a new test include: * A test file in one of the subdirectories listed in the ``TestDirs`` of the ``btest.cfg`` file. * If the unit test requires a known-good baseline output against which future tests will be compared (via ``btest-diff``), then that baseline output will need to live in the ``Baseline`` directory. Manually adding that is possible, but it's easier to just use the ``-u`` or ``-U`` options of ``btest`` to do it for you (using ``btest -d`` on a test for which no baseline exists will show you the output so it can be verified first before adding/updating the baseline output). If you create a new top-level testing directory for collecting related tests, then you'll need to add it to the list of ``TestDirs`` in ``btest.cfg``. Do this only if your test really doesn't fit logically in any of the extant directories. Note that any new test you add this way will automatically be included in the testing done in Bro's central automated build & test environment. broctl-1.4-minimal/testing/Traces/0000775002342100234210000000000012535575000017005 5ustar johannajohannabroctl-1.4-minimal/testing/Traces/dns-session.trace0000664002342100234210000000167012535575000022276 0ustar johannajohannaÔò¡ êx7RAAPªƒ§ª‚§ªªE,ãv3áFÔ´*dƒó@a¨5¹ Ø=`ßò´êx7ÈAAPª‚§ªƒ§ªªE,XÖ@> çƒó@Ô´*d5a¨ùúùø¹ Ø>`Dp©}´êx7>`==Pªƒ§ª‚§ªªE(ãy@3¡GÔ´*dƒó@a¨5¹ Ø>ùúùùP>¼Æîêx7G`??Pªƒ§ª‚§ªªE*ã{@3¡CÔ´*dƒó@a¨5¹ Ø>ùúùùP>¼ÆÉêx7\v==Pª‚§ªƒ§ªªE(XØ@> éƒó@Ô´*d5a¨ùúùù¹ Ø@PDpÁ8êx7èXXPªƒ§ª‚§ªªECã}@3¡(Ô´*dƒó@a¨5¹ Ø@ùúùùP>¼ÁÙ‡î €ziêx7®iiPª‚§ªƒ§ªªETXÙ@> ¼ƒó@Ô´*d5a¨ùúùù¹ Ø[PDp`*‡î‰€[4321]ziêx7® ==Pªƒ§ª‚§ªªE(ã3á?Ô´*dƒó@a¨5¹ Ø[ùúú%P>¼Æ¤êx7RÜ ==Pª‚§ªƒ§ªªE(XÚ@> çƒó@Ô´*d5a¨ùúú%¹ Ø\PDpÀðêx7]Ü ==Pª‚§ªƒ§ªªE(XÛ@> æƒó@Ô´*d5a¨ùúú%¹ Ø\PDpÀïëx79==Pªƒ§ª‚§ªªE(ã@3¡0Ô´*dƒó@a¨5¹ Ø\ùúú&P>¼Æ£broctl-1.4-minimal/testing/Baseline/0000775002342100234210000000000012535575000017306 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/helper.make-archive-name/0000775002342100234210000000000012535575000024036 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/helper.make-archive-name/out10000664002342100234210000000004612535575000024651 0ustar johannajohanna2013-12-30/conn.23:39:31-23:40:00.log broctl-1.4-minimal/testing/Baseline/helper.make-archive-name/out20000664002342100234210000000006212535575000024650 0ustar johannajohanna2013-01-02/broctltest.00:03:05-00:09:00.extension broctl-1.4-minimal/testing/Baseline/helper.make-archive-name/out30000664002342100234210000000004512535575000024652 0ustar johannajohanna2013-01-02/test.00:03:05-current.log broctl-1.4-minimal/testing/Baseline/initialization.broctl-node-env-vars/0000775002342100234210000000000012535575000026303 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.broctl-node-env-vars/out0000664002342100234210000000012012535575000027026 0ustar johannajohannaenv_vars = myVar1 = "some Global;val",MyVar2=anotherglobal, myvar5=$PATH:/mydir broctl-1.4-minimal/testing/Baseline/initialization.broctl-node-env-vars/debug.log0000664002342100234210000000343712535575000030103 0ustar johannajohanna18 Nov 21:48:45 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.5832/share/broctl/scripts/helpers/start -v CLUSTER_NODE=manager -v MyVar2=anotherglobal -v myVar1="some Global;val" -v myvar5=$PATH:/mydir /home/repo/bro/aux/broctl/testing/../build/testing/test.5832/spool/manager -1 -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto 18 Nov 21:48:47 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.5832/share/broctl/scripts/helpers/start -v CLUSTER_NODE=proxy-1 -v MyVar2=anotherglobal -v myVar1="some Global;val" -v myvar5=$PATH:/mydir /home/repo/bro/aux/broctl/testing/../build/testing/test.5832/spool/proxy-1 -1 -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto 18 Nov 21:48:50 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.5832/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1 -v MYVAR3=nodeval3 -v MyVar2=anotherglobal -v Myvar4="one;value" -v myVar1="some Node val" -v myvar5=$PATH:/mydir -v myvar6='$PATH' /home/repo/bro/aux/broctl/testing/../build/testing/test.5832/spool/worker-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:48:50 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.5832/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-2 -v MyVar2=anotherglobal -v myVar1="some Global;val" -v myvar5=$PATH:/mydir /home/repo/bro/aux/broctl/testing/../build/testing/test.5832/spool/worker-2 -1 -i 'eth1' -U .status -p broctl -p broctl-live -p local -p worker-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto broctl-1.4-minimal/testing/Baseline/command.print-cluster/0000775002342100234210000000000012535575000023536 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.print-cluster/onenode.out0000664002342100234210000000007012535575000025713 0ustar johannajohanna worker-2 Log::default_rotation_interval = 1.0 day broctl-1.4-minimal/testing/Baseline/command.print-cluster/all.out0000664002342100234210000000033712535575000025042 0ustar johannajohanna manager Log::default_rotation_interval = 1.0 hr proxy-1 Log::default_rotation_interval = 1.0 day worker-1 Log::default_rotation_interval = 1.0 day worker-2 Log::default_rotation_interval = 1.0 day broctl-1.4-minimal/testing/Baseline/command.install-broctl-config/0000775002342100234210000000000012535575000025117 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.install-broctl-config/broctl-config.bro0000664002342100234210000000071412535575000030355 0ustar johannajohanna# Automatically generated. Do not edit. redef Notice::mail_dest = "broctltest@somedomain"; redef Notice::mail_dest_pretty_printed = "broctltest2@somedomain2"; redef Notice::sendmail = "/path/to/sendmail"; redef Notice::mail_subject_prefix = "This is Subject"; redef Notice::mail_from = "broctltestuser@mydomain"; redef Log::default_rotation_interval = 12345 secs; redef Log::default_mail_alarms_interval = 98765 secs; redef Communication::listen_ipv6 = F ; broctl-1.4-minimal/testing/Baseline/command.diag-standalone/0000775002342100234210000000000012535575000023755 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.diag-standalone/out0000664002342100234210000000203012535575000024502 0ustar johannajohanna[bro] Bro 2.2-1 Linux 3.2.0-48-generic ==== No reporter.log ==== stderr.log ==== stdout.log unlimited unlimited unlimited ==== .cmdline -i eth0 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto ==== .env_vars PATH=/tmp/broctltest/test.5050/bin:/tmp/broctltest/test.5050/share/broctl/scripts:/tmp/broctltest/test.5050/bin:/home/repo/bro/aux/broctl/testing/btest/../scripts:/home/repo/bro/aux/broctl/testing/btest/../../../btest:/usr/lib/lightdm/lightdm:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games BROPATH=/tmp/broctltest/test.5050/spool/installed-scripts-do-not-touch/site::/tmp/broctltest/test.5050/spool/installed-scripts-do-not-touch/auto:/tmp/broctltest/test.5050/share/bro:/tmp/broctltest/test.5050/share/bro/policy:/tmp/broctltest/test.5050/share/bro/site CLUSTER_NODE= ==== .status RUNNING [net_run] ==== No prof.log ==== No packet_filter.log ==== loaded_scripts.log Node bro: This is the contents of loaded_scripts.log for broctl testing. broctl-1.4-minimal/testing/Baseline/command.restart-cluster/0000775002342100234210000000000012535575000024066 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.restart-cluster/restart-all.out0000664002342100234210000000030612535575000027050 0ustar johannajohannastopping ... stopping worker-1 ... stopping worker-2 ... stopping proxy-1 ... stopping manager ... starting ... starting manager ... starting proxy-1 ... starting worker-1 ... starting worker-2 ... broctl-1.4-minimal/testing/Baseline/command.restart-cluster/restart-all-clean.out0000664002342100234210000000134012535575000030127 0ustar johannajohannastopping ... stopping worker-1 ... stopping worker-2 ... stopping proxy-1 ... stopping manager ... cleaning up ... checking configurations ... installing ... removing old policies in /home/repo/bro/aux/broctl/testing/../build/testing/test.10034/spool/installed-scripts-do-not-touch/site ... removing old policies in /home/repo/bro/aux/broctl/testing/../build/testing/test.10034/spool/installed-scripts-do-not-touch/auto ... creating policy directories ... installing site policies ... generating cluster-layout.bro ... generating local-networks.bro ... generating broctl-config.bro ... generating broctl-config.sh ... updating nodes ... starting ... starting manager ... starting proxy-1 ... starting worker-1 ... starting worker-2 ... broctl-1.4-minimal/testing/Baseline/command.restart-cluster/start-all.out0000664002342100234210000000030212535575000026515 0ustar johannajohannastopping ... worker-1 not running worker-2 not running proxy-1 not running manager not running starting ... starting manager ... starting proxy-1 ... starting worker-1 ... starting worker-2 ... broctl-1.4-minimal/testing/Baseline/command.restart-cluster/start-one.out0000664002342100234210000000010312535575000026525 0ustar johannajohannastopping ... manager not running starting ... starting manager ... broctl-1.4-minimal/testing/Baseline/command.restart-cluster/restart-one.out0000664002342100234210000000010612535575000027057 0ustar johannajohannastopping ... stopping worker-1 ... starting ... starting worker-1 ... broctl-1.4-minimal/testing/Baseline/command.peerstatus-cluster/0000775002342100234210000000000012535575000024601 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.peerstatus-cluster/onenode.out0000664002342100234210000000055012535575000026761 0ustar johannajohanna worker-2 1365197157.616340 peer=proxy-1 host=127.0.0.1 events_in=208 events_out=208 ops_in=0 ops_out=24 bytes_in=? bytes_out=? 1365197157.616340 peer=manager host=127.0.0.1 events_in=208 events_out=208 ops_in=0 ops_out=24 bytes_in=? bytes_out=? 1365197157.616340 peer= host=127.0.0.1 events_in=208 events_out=208 ops_in=0 ops_out=24 bytes_in=? bytes_out=? broctl-1.4-minimal/testing/Baseline/command.peerstatus-cluster/all.out0000664002342100234210000000322012535575000026077 0ustar johannajohanna manager 1365197155.679942 peer= host=127.0.0.1 events_in=200 events_out=200 ops_in=0 ops_out=72 bytes_in=? bytes_out=? 1365197155.679942 peer=worker-1 host=127.0.0.1 events_in=200 events_out=200 ops_in=0 ops_out=72 bytes_in=? bytes_out=? 1365197155.679942 peer=proxy-1 host=127.0.0.1 events_in=200 events_out=200 ops_in=0 ops_out=72 bytes_in=? bytes_out=? 1365197155.679942 peer=worker-2 host=127.0.0.1 events_in=200 events_out=200 ops_in=0 ops_out=72 bytes_in=? bytes_out=? proxy-1 1365197155.880081 peer= host=127.0.0.1 events_in=201 events_out=201 ops_in=0 ops_out=16 bytes_in=? bytes_out=? 1365197155.880081 peer=worker-2 host=127.0.0.1 events_in=201 events_out=201 ops_in=0 ops_out=16 bytes_in=? bytes_out=? 1365197155.880081 peer=manager host=127.0.0.1 events_in=201 events_out=201 ops_in=0 ops_out=16 bytes_in=? bytes_out=? 1365197155.880081 peer=worker-1 host=127.0.0.1 events_in=201 events_out=201 ops_in=0 ops_out=16 bytes_in=? bytes_out=? worker-1 1365197156.084081 peer= host=127.0.0.1 events_in=195 events_out=195 ops_in=0 ops_out=24 bytes_in=? bytes_out=? 1365197156.084081 peer=manager host=127.0.0.1 events_in=195 events_out=195 ops_in=0 ops_out=24 bytes_in=? bytes_out=? 1365197156.084081 peer=proxy-1 host=127.0.0.1 events_in=195 events_out=195 ops_in=0 ops_out=24 bytes_in=? bytes_out=? worker-2 1365197156.283954 peer=proxy-1 host=127.0.0.1 events_in=195 events_out=195 ops_in=0 ops_out=24 bytes_in=? bytes_out=? 1365197156.283954 peer=manager host=127.0.0.1 events_in=195 events_out=195 ops_in=0 ops_out=24 bytes_in=? bytes_out=? 1365197156.283954 peer= host=127.0.0.1 events_in=195 events_out=195 ops_in=0 ops_out=24 bytes_in=? bytes_out=? broctl-1.4-minimal/testing/Baseline/initialization.node-lb-interfaces/0000775002342100234210000000000012535575000025775 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.node-lb-interfaces/out0000664002342100234210000000213112535575000026524 0ustar johannajohannaHint: Run the broctl "deploy" command to get started. manager - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=manager pin_cpus= test_mykey= type=manager zone_id= proxy-1 - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=proxy-1 pin_cpus= test_mykey= type=proxy zone_id= worker-1-1 - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface=eth1 lb_interfaces=eth0, eth3,eth1 lb_method=interfaces lb_procs=3 name=worker-1-1 pin_cpus= test_mykey= type=worker zone_id= worker-1-2 - addr=::1 aux_scripts= brobase= count=2 env_vars= ether= host=localhost interface=eth3 lb_interfaces=eth0, eth3,eth1 lb_method=interfaces lb_procs=3 name=worker-1-2 pin_cpus= test_mykey= type=worker zone_id= worker-1-3 - addr=::1 aux_scripts= brobase= count=3 env_vars= ether= host=localhost interface=eth0 lb_interfaces=eth0, eth3,eth1 lb_method=interfaces lb_procs=3 name=worker-1-3 pin_cpus= test_mykey= type=worker zone_id= broctl-1.4-minimal/testing/Baseline/plugin.lb_pf_ring-env-vars/0000775002342100234210000000000012535575000024443 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/plugin.lb_pf_ring-env-vars/debug.log0000664002342100234210000001424512535575000026242 0ustar johannajohanna18 Nov 21:55:52 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=manager -v GVAR=global /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/manager -1 -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto 18 Nov 21:55:55 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=proxy-1 -v GVAR=global /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/proxy-1 -1 -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-1 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-10 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-10 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-10 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-11 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-11 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-11 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-2 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-2 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-3 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-3 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-3 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-4 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-4 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-4 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-5 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-5 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-5 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-6 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-6 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-6 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-7 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-7 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-7 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-8 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-8 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-8 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:55:57 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-9 -v GVAR=global -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.8200/spool/worker-1-9 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-9 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto broctl-1.4-minimal/testing/Baseline/command.stop-slowstop/0000775002342100234210000000000012535575000023600 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.stop-slowstop/stop.out0000664002342100234210000000006712535575000025321 0ustar johannajohannastopping bro ... bro did not terminate ... killing ... broctl-1.4-minimal/testing/Baseline/command.stop-slowstop/status2.out0000664002342100234210000000024712535575000025741 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started bro standalone localhost stopped broctl-1.4-minimal/testing/Baseline/command.stop-slowstop/status1.out0000664002342100234210000000030712535575000025735 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started bro standalone localhost running 10361 ??? 06 Feb 07:16:33 broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/0000775002342100234210000000000012535575000024522 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/stop-remaining.out0000664002342100234210000000012512535575000030205 0ustar johannajohannaworker-1 not running stopping worker-2 ... stopping proxy-1 ... stopping manager ... broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/start-all.out0000664002342100234210000000012612535575000027155 0ustar johannajohannastarting manager ... starting proxy-1 ... starting worker-1 ... starting worker-2 ... broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/status3.out0000664002342100234210000000046112535575000026662 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost stopped proxy-1 proxy localhost stopped worker-1 worker localhost stopped worker-2 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/status4.out0000664002342100234210000000052112535575000026660 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 10400 ??? 04 Dec 06:17:59 proxy-1 proxy localhost stopped worker-1 worker localhost stopped worker-2 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/status6.out0000664002342100234210000000046112535575000026665 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost stopped proxy-1 proxy localhost stopped worker-1 worker localhost stopped worker-2 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/start-remaining.out0000664002342100234210000000012712535575000030357 0ustar johannajohannamanager still running starting proxy-1 ... starting worker-1 ... starting worker-2 ... broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/status5.out0000664002342100234210000000066112535575000026666 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 10400 ??? 04 Dec 06:17:59 proxy-1 proxy localhost running 10475 ??? 04 Dec 06:18:02 worker-1 worker localhost running 10513 ??? 04 Dec 06:18:04 worker-2 worker localhost running 10514 ??? 04 Dec 06:18:04 broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/stop-one.out0000664002342100234210000000002612535575000027015 0ustar johannajohannastopping worker-1 ... broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/start-one.out0000664002342100234210000000002512535575000027164 0ustar johannajohannastarting manager ... broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/stop-all.out0000664002342100234210000000012612535575000027005 0ustar johannajohannastopping worker-1 ... stopping worker-2 ... stopping proxy-1 ... stopping manager ... broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/status2.out0000664002342100234210000000062112535575000026657 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 10012 ??? 04 Dec 06:17:48 proxy-1 proxy localhost running 10036 ??? 04 Dec 06:17:50 worker-1 worker localhost stopped worker-2 worker localhost running 10075 ??? 04 Dec 06:17:52 broctl-1.4-minimal/testing/Baseline/command.start-stop-cluster/status1.out0000664002342100234210000000066112535575000026662 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 10012 ??? 04 Dec 06:17:48 proxy-1 proxy localhost running 10036 ??? 04 Dec 06:17:50 worker-1 worker localhost running 10074 ??? 04 Dec 06:17:52 worker-2 worker localhost running 10075 ??? 04 Dec 06:17:52 broctl-1.4-minimal/testing/Baseline/command.stop-crash-shutdown/0000775002342100234210000000000012535575000024657 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.stop-crash-shutdown/stop.out0000664002342100234210000000016712535575000026401 0ustar johannajohannastopping worker-1 ... stopping worker-2 ... worker-1 crashed during shutdown stopping proxy-1 ... stopping manager ... broctl-1.4-minimal/testing/Baseline/command.stop-crash-shutdown/status2.out0000664002342100234210000000046112535575000027016 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost stopped proxy-1 proxy localhost stopped worker-1 worker localhost crashed worker-2 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.stop-crash-shutdown/status1.out0000664002342100234210000000066112535575000027017 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 3689 ??? 08 Feb 21:39:08 proxy-1 proxy localhost running 3713 ??? 08 Feb 21:39:10 worker-1 worker localhost running 3751 ??? 08 Feb 21:39:12 worker-2 worker localhost running 3752 ??? 08 Feb 21:39:12 broctl-1.4-minimal/testing/Baseline/initialization.node-env-vars/0000775002342100234210000000000012535575000025020 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.node-env-vars/out0000664002342100234210000000001412535575000025545 0ustar johannajohannaenv_vars = broctl-1.4-minimal/testing/Baseline/initialization.node-env-vars/debug.log0000664002342100234210000000071312535575000026612 0ustar johannajohanna18 Nov 21:50:13 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.6332/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1 -v MYVAR3=nodeval3 -v Myvar4="one;value" -v myVar1="some Node val" -v myvar6='$PATH' /home/repo/bro/aux/broctl/testing/../build/testing/test.6332/spool/worker-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto broctl-1.4-minimal/testing/Baseline/initialization.node-env-vars/stderr.log0000664002342100234210000000010312535575000027020 0ustar johannajohannamyVar1=some Node val MYVAR3=nodeval3 Myvar4=one;value myvar6=$PATH broctl-1.4-minimal/testing/Baseline/command.nodes-cluster/0000775002342100234210000000000012535575000023512 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.nodes-cluster/out0000664002342100234210000000151512535575000024246 0ustar johannajohannaHint: Run the broctl "deploy" command to get started. manager - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=manager pin_cpus= test_mykey= type=manager zone_id= proxy-1 - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=proxy-1 pin_cpus= test_mykey= type=proxy zone_id= worker-1 - addr=::1 aux_scripts=doesnot.exist brobase= count=1 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method= lb_procs= name=worker-1 pin_cpus= test_mykey= type=worker zone_id= worker-2 - addr=::1 aux_scripts= brobase= count=2 env_vars= ether= host=localhost interface=eth1 lb_interfaces= lb_method= lb_procs= name=worker-2 pin_cpus= test_mykey= type=worker zone_id= broctl-1.4-minimal/testing/Baseline/command.exec-cluster/0000775002342100234210000000000012535575000023326 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.exec-cluster/out0000664002342100234210000000004412535575000024056 0ustar johannajohanna[manager/localhost] > hello world broctl-1.4-minimal/testing/Baseline/command.check-standalone/0000775002342100234210000000000012535575000024126 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.check-standalone/check1.out0000664002342100234210000000002412535575000026011 0ustar johannajohannabro scripts are ok. broctl-1.4-minimal/testing/Baseline/command.check-standalone/check2.out0000664002342100234210000000002412535575000026012 0ustar johannajohannabro scripts are ok. broctl-1.4-minimal/testing/Baseline/command.check-standalone/check3.out0000664002342100234210000000002412535575000026013 0ustar johannajohannabro scripts failed. broctl-1.4-minimal/testing/Baseline/command.update-cluster/0000775002342100234210000000000012535575000023664 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.update-cluster/onenode.out0000664002342100234210000000010712535575000026042 0ustar johannajohannaupdating worker-2 ... worker-2: , line 1: processing suspended broctl-1.4-minimal/testing/Baseline/command.update-cluster/all.out0000664002342100234210000000034412535575000025166 0ustar johannajohannaupdating manager ... updating proxy-1 ... updating worker-1 ... updating worker-2 ... manager: sent 299 IDs proxy-1: sent 299 IDs worker-1: , line 1: processing suspended worker-2: , line 1: processing suspended broctl-1.4-minimal/testing/Baseline/initialization.broctl-new-option/0000775002342100234210000000000012535575000025716 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.broctl-new-option/out0000664002342100234210000000002612535575000026446 0ustar johannajohannafoo1 = this is a test broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/0000775002342100234210000000000012535575000025127 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/cleanup-stopped.out0000664002342100234210000000002612535575000030761 0ustar johannajohannacleaning up nodes ... broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/cleanup-all-onenode.out0000664002342100234210000000002612535575000031500 0ustar johannajohannacleaning up nodes ... broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/cleanup.out0000664002342100234210000000030212535575000027302 0ustar johannajohannacleaning up nodes ... manager is still running, not cleaning work directory proxy-1 is still running, not cleaning work directory worker-2 is still running, not cleaning work directory broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/status3.out0000664002342100234210000000046112535575000027267 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost stopped proxy-1 proxy localhost stopped worker-1 worker localhost crashed worker-2 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/status4.out0000664002342100234210000000046112535575000027270 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost stopped proxy-1 proxy localhost stopped worker-1 worker localhost stopped worker-2 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/cleanup-all.out0000664002342100234210000000030212535575000030050 0ustar johannajohannacleaning up nodes ... manager is still running, not cleaning work directory proxy-1 is still running, not cleaning work directory worker-2 is still running, not cleaning work directory broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/cleanup-onenode.out0000664002342100234210000000002612535575000030732 0ustar johannajohannacleaning up nodes ... broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/status2.out0000664002342100234210000000062112535575000027264 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 4098 ??? 14 Jan 20:18:56 proxy-1 proxy localhost running 4122 ??? 14 Jan 20:18:58 worker-1 worker localhost stopped worker-2 worker localhost running 4161 ??? 14 Jan 20:19:00 broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster-crash/status1.out0000664002342100234210000000062112535575000027263 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 4098 ??? 14 Jan 20:18:56 proxy-1 proxy localhost running 4122 ??? 14 Jan 20:18:58 worker-1 worker localhost crashed worker-2 worker localhost running 4161 ??? 14 Jan 20:19:00 broctl-1.4-minimal/testing/Baseline/command.cron-meta/0000775002342100234210000000000012535575000022610 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.cron-meta/meta.out0000664002342100234210000000031512535575000024266 0ustar johannajohannanode manager manager localhost time Sun Dec 15 03:33:58 2013 version 1.2 os Linux test-machine 3.2.0-53-generic #81-Ubuntu SMP Thu Aug 22 21:01:03 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux host test-machine broctl-1.4-minimal/testing/Baseline/command.stop-cluster-crash/0000775002342100234210000000000012535575000024465 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.stop-cluster-crash/stop.out0000664002342100234210000000014312535575000026201 0ustar johannajohannaworker-1 not running (was crashed) stopping worker-2 ... stopping proxy-1 ... stopping manager ... broctl-1.4-minimal/testing/Baseline/command.stop-cluster-crash/status2.out0000664002342100234210000000046112535575000026624 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost stopped proxy-1 proxy localhost stopped worker-1 worker localhost stopped worker-2 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.stop-cluster-crash/status1.out0000664002342100234210000000062112535575000026621 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 813 ??? 03 Dec 22:28:51 proxy-1 proxy localhost running 837 ??? 03 Dec 22:28:53 worker-1 worker localhost crashed worker-2 worker localhost running 877 ??? 03 Dec 22:28:55 broctl-1.4-minimal/testing/Baseline/command.install-standalone/0000775002342100234210000000000012535575000024517 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.install-standalone/out0000664002342100234210000000033012535575000025245 0ustar johannajohannacreating policy directories ... installing site policies ... generating standalone-layout.bro ... generating local-networks.bro ... generating broctl-config.bro ... generating broctl-config.sh ... updating nodes ... broctl-1.4-minimal/testing/Baseline/command.top-cluster/0000775002342100234210000000000012535575000023204 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.top-cluster/onenode.out0000664002342100234210000000034412535575000025365 0ustar johannajohannaName Type Host Pid Proc VSize Rss Cpu Cmd proxy-1 proxy localhost 11612 child 69M 22M 22% bro proxy-1 proxy localhost 11611 parent 63M 25M 4% bro broctl-1.4-minimal/testing/Baseline/command.top-cluster/stopped.out0000664002342100234210000000043412535575000025414 0ustar johannajohannaName Type Host Pid Proc VSize Rss Cpu Cmd manager manager localhost proxy-1 proxy localhost worker-1 worker localhost worker-2 worker localhost broctl-1.4-minimal/testing/Baseline/command.top-cluster/all.out0000664002342100234210000000125412535575000024507 0ustar johannajohannaName Type Host Pid Proc VSize Rss Cpu Cmd manager manager localhost 11585 child 69M 22M 25% bro manager manager localhost 11584 parent 279M 26M 2% bro proxy-1 proxy localhost 11612 child 69M 22M 21% bro proxy-1 proxy localhost 11611 parent 63M 25M 2% bro worker-1 worker localhost 11652 child 67M 22M 22% bro worker-1 worker localhost 11650 parent 63M 25M 2% bro worker-2 worker localhost 11653 child 67M 22M 25% bro worker-2 worker localhost 11651 parent 63M 25M 2% bro broctl-1.4-minimal/testing/Baseline/command.netstats-cluster/0000775002342100234210000000000012535575000024247 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.netstats-cluster/onenode.out0000664002342100234210000000007012535575000026424 0ustar johannajohanna worker-2: 1365359404.725068 recvd=0 dropped=0 link=0 broctl-1.4-minimal/testing/Baseline/command.netstats-cluster/all.out0000664002342100234210000000016012535575000025545 0ustar johannajohanna worker-1: 1365359403.196411 recvd=0 dropped=0 link=0 worker-2: 1365359403.396799 recvd=0 dropped=0 link=0 broctl-1.4-minimal/testing/Baseline/plugin.lb_myricom-env-vars/0000775002342100234210000000000012535575000024476 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/plugin.lb_myricom-env-vars/debug.log0000664002342100234210000000304412535575000026270 0ustar johannajohanna18 Nov 21:52:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.6827/share/broctl/scripts/helpers/start -v CLUSTER_NODE=manager /home/repo/bro/aux/broctl/testing/../build/testing/test.6827/spool/manager -1 -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto 18 Nov 21:52:23 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.6827/share/broctl/scripts/helpers/start -v CLUSTER_NODE=proxy-1 /home/repo/bro/aux/broctl/testing/../build/testing/test.6827/spool/proxy-1 -1 -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto 18 Nov 21:52:25 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.6827/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-1 -v SNF_FLAGS=0x2 -v SNF_NUM_RINGS=2 -v VAR=123 /home/repo/bro/aux/broctl/testing/../build/testing/test.6827/spool/worker-1-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:52:25 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.6827/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-2 -v SNF_FLAGS=0x2 -v SNF_NUM_RINGS=2 -v VAR=123 /home/repo/bro/aux/broctl/testing/../build/testing/test.6827/spool/worker-1-2 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto broctl-1.4-minimal/testing/Baseline/command.cron-enable-disable/0000775002342100234210000000000012535575000024511 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.cron-enable-disable/out0000664002342100234210000000005012535575000025236 0ustar johannajohannacron enabled cron disabled cron enabled broctl-1.4-minimal/testing/Baseline/command.cron-enable-disable/disable.out0000664002342100234210000000001612535575000026642 0ustar johannajohannacron disabled broctl-1.4-minimal/testing/Baseline/command.cron-enable-disable/enable.out0000664002342100234210000000001512535575000026464 0ustar johannajohannacron enabled broctl-1.4-minimal/testing/Baseline/command.start-cluster-slowstart/0000775002342100234210000000000012535575000025577 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.start-cluster-slowstart/start.out0000664002342100234210000000016412535575000027466 0ustar johannajohannastarting manager ... starting proxy-1 ... starting worker-1 ... starting worker-2 ... (worker-1 still initializing) broctl-1.4-minimal/testing/Baseline/command.start-cluster-slowstart/status2.out0000664002342100234210000000046112535575000027736 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost stopped proxy-1 proxy localhost stopped worker-1 worker localhost crashed worker-2 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.start-cluster-slowstart/status1.out0000664002342100234210000000066112535575000027737 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 10780 ??? 21 Nov 23:20:34 proxy-1 proxy localhost running 10804 ??? 21 Nov 23:20:36 worker-1 worker localhost ??? 10842 ??? 21 Nov 23:20:38 worker-2 worker localhost running 10843 ??? 21 Nov 23:20:38 broctl-1.4-minimal/testing/Baseline/command.df-cluster/0000775002342100234210000000000012535575000022773 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.df-cluster/onenode.out0000664002342100234210000000021012535575000025144 0ustar johannajohanna total avail capacity worker-1/localhost /dev/sda6 238G 102G 55.0 % broctl-1.4-minimal/testing/Baseline/command.df-cluster/all.out0000664002342100234210000000021012535575000024265 0ustar johannajohanna total avail capacity manager/localhost /dev/sda6 238G 102G 55.0 % broctl-1.4-minimal/testing/Baseline/initialization.networks-ipv4/0000775002342100234210000000000012535575000025070 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.networks-ipv4/out0000664002342100234210000000007412535575000025623 0ustar johannajohannaredef Site::local_nets = { 192.168.0.0/16, # my network }; broctl-1.4-minimal/testing/Baseline/command.nodes-standalone/0000775002342100234210000000000012535575000024161 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.nodes-standalone/out0000664002342100234210000000030412535575000024710 0ustar johannajohanna bro - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method= lb_procs= name=bro pin_cpus= test_mykey= type=standalone zone_id= broctl-1.4-minimal/testing/Baseline/command.deploy-cluster/0000775002342100234210000000000012535575000023676 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.deploy-cluster/deploy1.out0000664002342100234210000000161612535575000026010 0ustar johannajohannacreating policy directories ... installing site policies ... generating cluster-layout.bro ... generating local-networks.bro ... generating broctl-config.bro ... generating broctl-config.sh ... checking configurations ... installing ... removing old policies in /home/repo/bro/aux/broctl/testing/../build/testing/test.16908/spool/installed-scripts-do-not-touch/site ... removing old policies in /home/repo/bro/aux/broctl/testing/../build/testing/test.16908/spool/installed-scripts-do-not-touch/auto ... creating policy directories ... installing site policies ... generating cluster-layout.bro ... generating local-networks.bro ... generating broctl-config.bro ... generating broctl-config.sh ... updating nodes ... stopping ... worker-1 not running worker-2 not running proxy-1 not running manager not running starting ... starting manager ... starting proxy-1 ... starting worker-1 ... starting worker-2 ... broctl-1.4-minimal/testing/Baseline/command.deploy-cluster/status3.out0000664002342100234210000000066112535575000026040 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 17431 ??? 25 May 01:20:54 proxy-1 proxy localhost running 17467 ??? 25 May 01:20:56 worker-1 worker localhost running 17512 ??? 25 May 01:20:58 worker-2 worker localhost running 17515 ??? 25 May 01:20:58 broctl-1.4-minimal/testing/Baseline/command.deploy-cluster/status2.out0000664002342100234210000000062112535575000026033 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 17002 ??? 25 May 01:20:38 proxy-1 proxy localhost running 17038 ??? 25 May 01:20:40 worker-1 worker localhost stopped worker-2 worker localhost running 17086 ??? 25 May 01:20:42 broctl-1.4-minimal/testing/Baseline/command.deploy-cluster/status1.out0000664002342100234210000000066112535575000026036 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 17002 ??? 25 May 01:20:38 proxy-1 proxy localhost running 17038 ??? 25 May 01:20:40 worker-1 worker localhost running 17084 ??? 25 May 01:20:42 worker-2 worker localhost running 17086 ??? 25 May 01:20:42 broctl-1.4-minimal/testing/Baseline/command.deploy-cluster/deploy2.out0000664002342100234210000000131712535575000026007 0ustar johannajohannachecking configurations ... installing ... removing old policies in /home/repo/bro/aux/broctl/testing/../build/testing/test.16908/spool/installed-scripts-do-not-touch/site ... removing old policies in /home/repo/bro/aux/broctl/testing/../build/testing/test.16908/spool/installed-scripts-do-not-touch/auto ... creating policy directories ... installing site policies ... generating cluster-layout.bro ... generating local-networks.bro ... generating broctl-config.bro ... generating broctl-config.sh ... updating nodes ... stopping ... worker-1 not running stopping worker-2 ... stopping proxy-1 ... stopping manager ... starting ... starting manager ... starting proxy-1 ... starting worker-1 ... starting worker-2 ... broctl-1.4-minimal/testing/Baseline/command.scripts-cluster/0000775002342100234210000000000012535575000024071 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.scripts-cluster/onenode.out0000664002342100234210000000004612535575000026251 0ustar johannajohannaproxy-1 scripts are ok. <...paths...> broctl-1.4-minimal/testing/Baseline/command.scripts-cluster/c-onenode.out0000664002342100234210000000004612535575000026471 0ustar johannajohannaproxy-1 scripts are ok. <...paths...> broctl-1.4-minimal/testing/Baseline/command.scripts-cluster/c-all.out0000664002342100234210000000023212535575000025607 0ustar johannajohannamanager scripts are ok. <...paths...> proxy-1 scripts are ok. <...paths...> worker-1 scripts are ok. <...paths...> worker-2 scripts are ok. <...paths...> broctl-1.4-minimal/testing/Baseline/command.scripts-cluster/all.out0000664002342100234210000000023212535575000025367 0ustar johannajohannamanager scripts are ok. <...paths...> proxy-1 scripts are ok. <...paths...> worker-1 scripts are ok. <...paths...> worker-2 scripts are ok. <...paths...> broctl-1.4-minimal/testing/Baseline/initialization.networks-ipv4-ipv6/0000775002342100234210000000000012535575000025752 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.networks-ipv4-ipv6/out0000664002342100234210000000013412535575000026502 0ustar johannajohannaredef Site::local_nets = { 192.168.0.0/16, # my network [fe80::]/64, # another network }; broctl-1.4-minimal/testing/Baseline/initialization.networks-ipv6/0000775002342100234210000000000012535575000025072 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.networks-ipv6/out0000664002342100234210000000007612535575000025627 0ustar johannajohannaredef Site::local_nets = { [fe80::]/64, # another network }; broctl-1.4-minimal/testing/Baseline/command.start-cluster-broargs/0000775002342100234210000000000012535575000025174 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.start-cluster-broargs/debug.log0000664002342100234210000000277212535575000026775 0ustar johannajohanna18 Nov 21:44:34 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.5016/share/broctl/scripts/helpers/start -v CLUSTER_NODE=manager /home/repo/bro/aux/broctl/testing/../build/testing/test.5016/spool/manager -1 -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto mytest myscript 18 Nov 21:44:36 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.5016/share/broctl/scripts/helpers/start -v CLUSTER_NODE=proxy-1 /home/repo/bro/aux/broctl/testing/../build/testing/test.5016/spool/proxy-1 -1 -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto mytest myscript 18 Nov 21:44:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.5016/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1 /home/repo/bro/aux/broctl/testing/../build/testing/test.5016/spool/worker-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto mytest myscript 18 Nov 21:44:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.5016/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-2 /home/repo/bro/aux/broctl/testing/../build/testing/test.5016/spool/worker-2 -1 -i 'eth1' -U .status -p broctl -p broctl-live -p local -p worker-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto mytest myscript broctl-1.4-minimal/testing/Baseline/plugin.lb_myricom/0000775002342100234210000000000012535575000022737 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/plugin.lb_myricom/debug.log0000664002342100234210000001232512535575000024533 0ustar johannajohanna18 Nov 21:54:04 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=manager /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/manager -1 -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto 18 Nov 21:54:06 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=proxy-1 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/proxy-1 -1 -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-1 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-10 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-10 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-10 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-11 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-11 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-11 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-2 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-2 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-3 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-3 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-3 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-4 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-4 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-4 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-5 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-5 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-5 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-6 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-6 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-6 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-7 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-7 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-7 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-8 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-8 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-8 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:54:09 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-9 -v SNF_FLAGS=0x101 -v SNF_NUM_RINGS=11 /home/repo/bro/aux/broctl/testing/../build/testing/test.7292/spool/worker-1-9 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-9 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto broctl-1.4-minimal/testing/Baseline/initialization.broctl-global-env-vars/0000775002342100234210000000000012535575000026616 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.broctl-global-env-vars/out0000664002342100234210000000012012535575000027341 0ustar johannajohannaenv_vars = myVar1 = "some Global;val",MyVar2=anotherglobal, myvar5=$PATH:/mydir broctl-1.4-minimal/testing/Baseline/initialization.broctl-global-env-vars/debug.log0000664002342100234210000000335612535575000030416 0ustar johannajohanna21 May 21:25:25 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.21301/share/broctl/scripts/helpers/start -v CLUSTER_NODE=manager -v MyVar2=anotherglobal -v myVar1="some Global;val" -v myvar5=$PATH:/mydir /home/repo/bro/aux/broctl/testing/../build/testing/test.21301/spool/manager -1 -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto 21 May 21:25:27 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.21301/share/broctl/scripts/helpers/start -v CLUSTER_NODE=proxy-1 -v MyVar2=anotherglobal -v myVar1="some Global;val" -v myvar5=$PATH:/mydir /home/repo/bro/aux/broctl/testing/../build/testing/test.21301/spool/proxy-1 -1 -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto 21 May 21:25:28 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.21301/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1 -v MyVar2=anotherglobal -v myVar1="some Global;val" -v myvar5=$PATH:/mydir /home/repo/bro/aux/broctl/testing/../build/testing/test.21301/spool/worker-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 21 May 21:25:28 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.21301/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-2 -v MyVar2=anotherglobal -v myVar1="some Global;val" -v myvar5=$PATH:/mydir /home/repo/bro/aux/broctl/testing/../build/testing/test.21301/spool/worker-2 -1 -i 'eth1' -U .status -p broctl -p broctl-live -p local -p worker-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto broctl-1.4-minimal/testing/Baseline/initialization.broctl-global-env-vars/stderr.log0000664002342100234210000000041512535575000030624 0ustar johannajohannamyVar1=some Global;val MyVar2=anotherglobal myvar5=/home/repo/bro/aux/broctl/testing/../build/testing/test.21301/bin:/home/repo/bro/aux/broctl/testing/Scripts:/home/repo/bro/aux/broctl/testing/../../btest:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/mydir broctl-1.4-minimal/testing/Baseline/initialization.node-lb-pfring/0000775002342100234210000000000012535575000025137 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.node-lb-pfring/out0000664002342100234210000000525212535575000025675 0ustar johannajohannaHint: Run the broctl "deploy" command to get started. manager - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=manager pin_cpus= test_mykey= type=manager zone_id= proxy-1 - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=proxy-1 pin_cpus= test_mykey= type=proxy zone_id= worker-1-1 - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-1 pin_cpus= test_mykey= type=worker zone_id= worker-1-10 - addr=::1 aux_scripts= brobase= count=10 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-10 pin_cpus= test_mykey= type=worker zone_id= worker-1-11 - addr=::1 aux_scripts= brobase= count=11 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-11 pin_cpus= test_mykey= type=worker zone_id= worker-1-2 - addr=::1 aux_scripts= brobase= count=2 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-2 pin_cpus= test_mykey= type=worker zone_id= worker-1-3 - addr=::1 aux_scripts= brobase= count=3 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-3 pin_cpus= test_mykey= type=worker zone_id= worker-1-4 - addr=::1 aux_scripts= brobase= count=4 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-4 pin_cpus= test_mykey= type=worker zone_id= worker-1-5 - addr=::1 aux_scripts= brobase= count=5 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-5 pin_cpus= test_mykey= type=worker zone_id= worker-1-6 - addr=::1 aux_scripts= brobase= count=6 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-6 pin_cpus= test_mykey= type=worker zone_id= worker-1-7 - addr=::1 aux_scripts= brobase= count=7 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-7 pin_cpus= test_mykey= type=worker zone_id= worker-1-8 - addr=::1 aux_scripts= brobase= count=8 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-8 pin_cpus= test_mykey= type=worker zone_id= worker-1-9 - addr=::1 aux_scripts= brobase= count=9 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=11 name=worker-1-9 pin_cpus= test_mykey= type=worker zone_id= broctl-1.4-minimal/testing/Baseline/initialization.node-names/0000775002342100234210000000000012535575000024362 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.node-names/out0000664002342100234210000000114112535575000025111 0ustar johannajohanna logcollector - addr=127.0.0.1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=logcollector pin_cpus= test_mykey= type=manager zone_id= communicator - addr=127.0.0.1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=communicator pin_cpus= test_mykey= type=proxy zone_id= gatherer - addr=127.0.0.1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method= lb_procs= name=gatherer pin_cpus= test_mykey= type=worker zone_id= broctl-1.4-minimal/testing/Baseline/command.check-cluster/0000775002342100234210000000000012535575000023457 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.check-cluster/onenode.out0000664002342100234210000000003012535575000025630 0ustar johannajohannaproxy-1 scripts are ok. broctl-1.4-minimal/testing/Baseline/command.check-cluster/all.out0000664002342100234210000000014212535575000024755 0ustar johannajohannamanager scripts are ok. proxy-1 scripts are ok. worker-1 scripts are ok. worker-2 scripts are ok. broctl-1.4-minimal/testing/Baseline/command.status-cluster/0000775002342100234210000000000012535575000023725 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.status-cluster/onenode.out0000664002342100234210000000030712535575000026105 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 12656 3 08 Apr 21:51:30 broctl-1.4-minimal/testing/Baseline/command.status-cluster/stopped.out0000664002342100234210000000046112535575000026135 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost stopped proxy-1 proxy localhost stopped worker-1 worker localhost stopped worker-2 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.status-cluster/all.out0000664002342100234210000000066112535575000025231 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 12656 3 08 Apr 21:51:30 proxy-1 proxy localhost running 12693 3 08 Apr 21:51:32 worker-1 worker localhost running 12748 2 08 Apr 21:51:34 worker-2 worker localhost running 12749 2 08 Apr 21:51:34 broctl-1.4-minimal/testing/Baseline/initialization.broctl-mixed-case/0000775002342100234210000000000012535575000025636 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.broctl-mixed-case/out0000664002342100234210000000003212535575000026363 0ustar johannajohannalogrotationinterval = 123 broctl-1.4-minimal/testing/Baseline/command.cron-restart-crash/0000775002342100234210000000000012535575000024444 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.cron-restart-crash/status2.out0000664002342100234210000000066112535575000026605 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 29509 ??? 10 Apr 22:08:07 proxy-1 proxy localhost running 29541 ??? 10 Apr 22:08:09 worker-1 worker localhost running 30236 ??? 10 Apr 22:08:14 worker-2 worker localhost running 29588 ??? 10 Apr 22:08:11 broctl-1.4-minimal/testing/Baseline/command.cron-restart-crash/status1.out0000664002342100234210000000062112535575000026600 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 29509 ??? 10 Apr 22:08:07 proxy-1 proxy localhost running 29541 ??? 10 Apr 22:08:09 worker-1 worker localhost crashed worker-2 worker localhost running 29588 ??? 10 Apr 22:08:11 broctl-1.4-minimal/testing/Baseline/command.install-cluster-layout/0000775002342100234210000000000012535575000025363 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.install-cluster-layout/cluster-layout.bro0000664002342100234210000000144412535575000031066 0ustar johannajohanna# Automatically generated. Do not edit. redef Cluster::nodes = { ["control"] = [$node_type=Cluster::CONTROL, $ip=127.0.0.1, $zone_id="", $p=47760/tcp], ["manager"] = [$node_type=Cluster::MANAGER, $ip=127.0.0.1, $zone_id="", $p=47761/tcp, $workers=set("worker-1", "worker-2")], ["proxy-1"] = [$node_type=Cluster::PROXY, $ip=127.0.0.1, $zone_id="", $p=47762/tcp, $manager="manager", $workers=set("worker-1", "worker-2")], ["worker-1"] = [$node_type=Cluster::WORKER, $ip=127.0.0.1, $zone_id="", $p=47763/tcp, $interface="eth0", $manager="manager", $proxy="proxy-1"], ["worker-2"] = [$node_type=Cluster::WORKER, $ip=127.0.0.1, $zone_id="", $p=47764/tcp, $interface="eth1", $manager="manager", $proxy="proxy-1"], ["time-machine"] = [$node_type=Cluster::TIME_MACHINE, $ip=192.168.0.11, $p=12345/tcp], }; broctl-1.4-minimal/testing/Baseline/command.status-timefmt/0000775002342100234210000000000012535575000023711 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.status-timefmt/out0000664002342100234210000000063512535575000024447 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 7962 3 2014-01-05 proxy-1 proxy localhost running 7994 3 2014-01-05 worker-1 worker localhost running 8038 2 2014-01-05 worker-2 worker localhost running 8039 2 2014-01-05 broctl-1.4-minimal/testing/Baseline/command.start-stop-big-cluster/0000775002342100234210000000000012535575000025261 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.start-stop-big-cluster/stop.out0000664002342100234210000000104112535575000026773 0ustar johannajohannastopping worker-1-1 ... stopping worker-1-10 ... stopping worker-1-2 ... stopping worker-1-3 ... stopping worker-1-4 ... stopping worker-1-5 ... stopping worker-1-6 ... stopping worker-1-7 ... stopping worker-1-8 ... stopping worker-1-9 ... stopping worker-2-1 ... stopping worker-2-10 ... stopping worker-2-2 ... stopping worker-2-3 ... stopping worker-2-4 ... stopping worker-2-5 ... stopping worker-2-6 ... stopping worker-2-7 ... stopping worker-2-8 ... stopping worker-2-9 ... stopping proxy-1 ... stopping proxy-2 ... stopping manager ... broctl-1.4-minimal/testing/Baseline/command.start-stop-big-cluster/start.out0000664002342100234210000000104112535575000027143 0ustar johannajohannastarting manager ... starting proxy-1 ... starting proxy-2 ... starting worker-1-1 ... starting worker-1-10 ... starting worker-1-2 ... starting worker-1-3 ... starting worker-1-4 ... starting worker-1-5 ... starting worker-1-6 ... starting worker-1-7 ... starting worker-1-8 ... starting worker-1-9 ... starting worker-2-1 ... starting worker-2-10 ... starting worker-2-2 ... starting worker-2-3 ... starting worker-2-4 ... starting worker-2-5 ... starting worker-2-6 ... starting worker-2-7 ... starting worker-2-8 ... starting worker-2-9 ... broctl-1.4-minimal/testing/Baseline/command.start-stop-big-cluster/status2.out0000664002342100234210000000223312535575000027417 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost stopped proxy-1 proxy localhost stopped proxy-2 proxy localhost stopped worker-1-1 worker localhost stopped worker-1-10 worker localhost stopped worker-1-2 worker localhost stopped worker-1-3 worker localhost stopped worker-1-4 worker localhost stopped worker-1-5 worker localhost stopped worker-1-6 worker localhost stopped worker-1-7 worker localhost stopped worker-1-8 worker localhost stopped worker-1-9 worker localhost stopped worker-2-1 worker localhost stopped worker-2-10 worker localhost stopped worker-2-2 worker localhost stopped worker-2-3 worker localhost stopped worker-2-4 worker localhost stopped worker-2-5 worker localhost stopped worker-2-6 worker localhost stopped worker-2-7 worker localhost stopped worker-2-8 worker localhost stopped worker-2-9 worker localhost stopped broctl-1.4-minimal/testing/Baseline/command.start-stop-big-cluster/status1.out0000664002342100234210000000357312535575000027426 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 22404 ??? 21 Nov 20:17:06 proxy-1 proxy localhost running 22443 ??? 21 Nov 20:17:08 proxy-2 proxy localhost running 22442 ??? 21 Nov 20:17:08 worker-1-1 worker localhost running 22741 ??? 21 Nov 20:17:10 worker-1-10 worker localhost running 22734 ??? 21 Nov 20:17:10 worker-1-2 worker localhost running 22744 ??? 21 Nov 20:17:10 worker-1-3 worker localhost running 22729 ??? 21 Nov 20:17:10 worker-1-4 worker localhost running 22731 ??? 21 Nov 20:17:10 worker-1-5 worker localhost running 22748 ??? 21 Nov 20:17:10 worker-1-6 worker localhost running 22733 ??? 21 Nov 20:17:10 worker-1-7 worker localhost running 22742 ??? 21 Nov 20:17:10 worker-1-8 worker localhost running 22750 ??? 21 Nov 20:17:10 worker-1-9 worker localhost running 22753 ??? 21 Nov 20:17:10 worker-2-1 worker localhost running 22752 ??? 21 Nov 20:17:10 worker-2-10 worker localhost running 22754 ??? 21 Nov 20:17:10 worker-2-2 worker localhost running 22756 ??? 21 Nov 20:17:10 worker-2-3 worker localhost running 22759 ??? 21 Nov 20:17:10 worker-2-4 worker localhost running 22746 ??? 21 Nov 20:17:10 worker-2-5 worker localhost running 22745 ??? 21 Nov 20:17:10 worker-2-6 worker localhost running 22757 ??? 21 Nov 20:17:10 worker-2-7 worker localhost running 22760 ??? 21 Nov 20:17:10 worker-2-8 worker localhost running 22758 ??? 21 Nov 20:17:10 worker-2-9 worker localhost running 22761 ??? 21 Nov 20:17:10 broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster/0000775002342100234210000000000012535575000024031 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.cleanup-cluster/cleanup-all-onenode.out0000664002342100234210000000012012535575000030375 0ustar johannajohannacleaning up nodes ... worker-1 is still running, not cleaning work directory broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster/cleanup.out0000664002342100234210000000037412535575000026215 0ustar johannajohannacleaning up nodes ... manager is still running, not cleaning work directory proxy-1 is still running, not cleaning work directory worker-1 is still running, not cleaning work directory worker-2 is still running, not cleaning work directory broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster/cleanup-all.out0000664002342100234210000000037412535575000026763 0ustar johannajohannacleaning up nodes ... manager is still running, not cleaning work directory proxy-1 is still running, not cleaning work directory worker-1 is still running, not cleaning work directory worker-2 is still running, not cleaning work directory broctl-1.4-minimal/testing/Baseline/command.cleanup-cluster/cleanup-onenode.out0000664002342100234210000000012012535575000027627 0ustar johannajohannacleaning up nodes ... worker-1 is still running, not cleaning work directory broctl-1.4-minimal/testing/Baseline/command.capstats-cluster/0000775002342100234210000000000012535575000024224 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.capstats-cluster/onenode.out0000664002342100234210000000021212535575000026377 0ustar johannajohanna Interface kpps mbps (10s average) ---------------------------------------- localhost/eth1 3.0 82.5 broctl-1.4-minimal/testing/Baseline/command.capstats-cluster/interval.out0000664002342100234210000000033112535575000026576 0ustar johannajohanna Interface kpps mbps (4s average) ---------------------------------------- localhost/eth0 7.1 250.4 localhost/eth1 3.0 82.5 Total 10.1 332.9 broctl-1.4-minimal/testing/Baseline/command.capstats-cluster/onenode-interval.out0000664002342100234210000000021112535575000030220 0ustar johannajohanna Interface kpps mbps (3s average) ---------------------------------------- localhost/eth1 3.0 82.5 broctl-1.4-minimal/testing/Baseline/command.capstats-cluster/all.out0000664002342100234210000000033212535575000025523 0ustar johannajohanna Interface kpps mbps (10s average) ---------------------------------------- localhost/eth0 7.1 250.4 localhost/eth1 3.0 82.5 Total 10.1 332.9 broctl-1.4-minimal/testing/Baseline/command.diag-cluster/0000775002342100234210000000000012535575000023306 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.diag-cluster/onenode.out0000664002342100234210000000210012535575000025457 0ustar johannajohanna[worker-2] Bro 2.2-1 Linux 3.2.0-48-generic ==== No reporter.log ==== stderr.log ==== stdout.log unlimited unlimited unlimited ==== .cmdline -i eth1 -U .status -p broctl -p broctl-live -p local -p worker-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto ==== .env_vars PATH=/tmp/broctltest/test.28034/bin:/tmp/broctltest/test.28034/share/broctl/scripts:/tmp/broctltest/test.28034/bin:/home/repo/bro/aux/broctl/testing/btest/../scripts:/home/repo/bro/aux/broctl/testing/btest/../../../btest:/usr/lib/lightdm/lightdm:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games BROPATH=/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/site::/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/auto:/tmp/broctltest/test.28034/share/bro:/tmp/broctltest/test.28034/share/bro/policy:/tmp/broctltest/test.28034/share/bro/site CLUSTER_NODE=worker-2 ==== .status RUNNING [net_run] ==== No prof.log ==== No packet_filter.log ==== loaded_scripts.log Node worker-2: This is the contents of loaded_scripts.log for broctl testing. broctl-1.4-minimal/testing/Baseline/command.diag-cluster/all.out0000664002342100234210000001034412535575000024611 0ustar johannajohanna[manager] Bro 2.2-1 Linux 3.2.0-48-generic ==== No reporter.log ==== stderr.log ==== stdout.log unlimited unlimited unlimited ==== .cmdline -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto ==== .env_vars PATH=/tmp/broctltest/test.28034/bin:/tmp/broctltest/test.28034/share/broctl/scripts:/tmp/broctltest/test.28034/bin:/home/repo/bro/aux/broctl/testing/btest/../scripts:/home/repo/bro/aux/broctl/testing/btest/../../../btest:/usr/lib/lightdm/lightdm:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games BROPATH=/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/site::/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/auto:/tmp/broctltest/test.28034/share/bro:/tmp/broctltest/test.28034/share/bro/policy:/tmp/broctltest/test.28034/share/bro/site CLUSTER_NODE=manager ==== .status RUNNING [net_run] ==== No prof.log ==== No packet_filter.log ==== loaded_scripts.log Node manager: This is the contents of loaded_scripts.log for broctl testing. [proxy-1] Bro 2.2-1 Linux 3.2.0-48-generic ==== No reporter.log ==== stderr.log ==== stdout.log unlimited unlimited unlimited ==== .cmdline -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto ==== .env_vars PATH=/tmp/broctltest/test.28034/bin:/tmp/broctltest/test.28034/share/broctl/scripts:/tmp/broctltest/test.28034/bin:/home/repo/bro/aux/broctl/testing/btest/../scripts:/home/repo/bro/aux/broctl/testing/btest/../../../btest:/usr/lib/lightdm/lightdm:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games BROPATH=/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/site::/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/auto:/tmp/broctltest/test.28034/share/bro:/tmp/broctltest/test.28034/share/bro/policy:/tmp/broctltest/test.28034/share/bro/site CLUSTER_NODE=proxy-1 ==== .status RUNNING [net_run] ==== No prof.log ==== No packet_filter.log ==== loaded_scripts.log Node proxy-1: This is the contents of loaded_scripts.log for broctl testing. [worker-1] Bro 2.2-1 Linux 3.2.0-48-generic ==== No reporter.log ==== stderr.log ==== stdout.log unlimited unlimited unlimited ==== .cmdline -i eth0 -U .status -p broctl -p broctl-live -p local -p worker-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto ==== .env_vars PATH=/tmp/broctltest/test.28034/bin:/tmp/broctltest/test.28034/share/broctl/scripts:/tmp/broctltest/test.28034/bin:/home/repo/bro/aux/broctl/testing/btest/../scripts:/home/repo/bro/aux/broctl/testing/btest/../../../btest:/usr/lib/lightdm/lightdm:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games BROPATH=/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/site::/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/auto:/tmp/broctltest/test.28034/share/bro:/tmp/broctltest/test.28034/share/bro/policy:/tmp/broctltest/test.28034/share/bro/site CLUSTER_NODE=worker-1 ==== .status RUNNING [net_run] ==== No prof.log ==== No packet_filter.log ==== loaded_scripts.log Node worker-1: This is the contents of loaded_scripts.log for broctl testing. [worker-2] Bro 2.2-1 Linux 3.2.0-48-generic ==== No reporter.log ==== stderr.log ==== stdout.log unlimited unlimited unlimited ==== .cmdline -i eth1 -U .status -p broctl -p broctl-live -p local -p worker-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto ==== .env_vars PATH=/tmp/broctltest/test.28034/bin:/tmp/broctltest/test.28034/share/broctl/scripts:/tmp/broctltest/test.28034/bin:/home/repo/bro/aux/broctl/testing/btest/../scripts:/home/repo/bro/aux/broctl/testing/btest/../../../btest:/usr/lib/lightdm/lightdm:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games BROPATH=/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/site::/tmp/broctltest/test.28034/spool/installed-scripts-do-not-touch/auto:/tmp/broctltest/test.28034/share/bro:/tmp/broctltest/test.28034/share/bro/policy:/tmp/broctltest/test.28034/share/bro/site CLUSTER_NODE=worker-2 ==== .status RUNNING [net_run] ==== No prof.log ==== No packet_filter.log ==== loaded_scripts.log Node worker-2: This is the contents of loaded_scripts.log for broctl testing. broctl-1.4-minimal/testing/Baseline/initialization.node-lb-pfring-pin-cpus/0000775002342100234210000000000012535575000026673 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.node-lb-pfring-pin-cpus/out0000664002342100234210000000236612535575000027434 0ustar johannajohannaHint: Run the broctl "deploy" command to get started. manager - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=manager pin_cpus= test_mykey= type=manager zone_id= proxy-1 - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=proxy-1 pin_cpus= test_mykey= type=proxy zone_id= worker-1-1 - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=4 name=worker-1-1 pin_cpus=0 test_mykey= type=worker zone_id= worker-1-2 - addr=::1 aux_scripts= brobase= count=2 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=4 name=worker-1-2 pin_cpus=1 test_mykey= type=worker zone_id= worker-1-3 - addr=::1 aux_scripts= brobase= count=3 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=4 name=worker-1-3 pin_cpus=2 test_mykey= type=worker zone_id= worker-1-4 - addr=::1 aux_scripts= brobase= count=4 env_vars= ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=4 name=worker-1-4 pin_cpus=0 test_mykey= type=worker zone_id= broctl-1.4-minimal/testing/Baseline/command.start-cluster-crash/0000775002342100234210000000000012535575000024635 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.start-cluster-crash/start1.out0000664002342100234210000000023712535575000026606 0ustar johannajohannastarting manager ... starting proxy-1 ... starting worker-1 ... starting worker-2 ... worker-1 terminated immediately after starting; check output with "diag" broctl-1.4-minimal/testing/Baseline/command.start-cluster-crash/status2.out0000664002342100234210000000066112535575000026776 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 31773 ??? 25 Nov 19:03:26 proxy-1 proxy localhost running 31797 ??? 25 Nov 19:03:28 worker-1 worker localhost running 32071 ??? 25 Nov 19:03:33 worker-2 worker localhost running 31836 ??? 25 Nov 19:03:30 broctl-1.4-minimal/testing/Baseline/command.start-cluster-crash/start2.out0000664002342100234210000000014712535575000026607 0ustar johannajohannamanager still running proxy-1 still running starting worker-1 (was crashed) ... worker-2 still running broctl-1.4-minimal/testing/Baseline/command.start-cluster-crash/status1.out0000664002342100234210000000062112535575000026771 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 31773 ??? 25 Nov 19:03:26 proxy-1 proxy localhost running 31797 ??? 25 Nov 19:03:28 worker-1 worker localhost crashed worker-2 worker localhost running 31836 ??? 25 Nov 19:03:30 broctl-1.4-minimal/testing/Baseline/command.process-standalone/0000775002342100234210000000000012535575000024527 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.process-standalone/out0000664002342100234210000000071012535575000025257 0ustar johannajohanna/home/repo/bro/aux/broctl/testing/../build/testing/test.8513/share/broctl/scripts/run-bro-on-trace 0 /home/repo/bro/aux/broctl/testing/../build/testing/test.8513/spool/tmp/testing /home/repo/bro/aux/broctl/testing/Traces/dns-session.trace -U .status -p broctl -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto broctl/process-trace ### Bro output in /home/repo/bro/aux/broctl/testing/../build/testing/test.8513/spool/tmp/testing broctl-1.4-minimal/testing/Baseline/plugin.ps/0000775002342100234210000000000012535575000021225 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/plugin.ps/onenode.out0000664002342100234210000000140712535575000023407 0ustar johannajohanna USER PID PPID %CPU %MEM VSZ RSS TT S STARTED TIME COMMAND >>> localhost (-) bro_user 11737 11728 7.2 0.6 286556 26684 ? S 21:35:06 00:00:00 bro (-) bro_user 11738 11737 23.6 0.5 71252 23192 ? S 21:35:06 00:00:01 bro (-) bro_user 11764 11755 11.0 0.6 65176 26464 ? S 21:35:08 00:00:00 bro (-) bro_user 11765 11764 22.3 0.5 71048 23188 ? R 21:35:08 00:00:00 bro (-) bro_user 11803 11784 28.0 0.6 65316 26544 ? S 21:35:10 00:00:00 bro (+) bro_user 11804 11787 26.0 0.6 65316 26560 ? S 21:35:10 00:00:00 bro (+) bro_user 11805 11804 18.0 0.5 69008 23224 ? S 21:35:10 00:00:00 bro (-) bro_user 11807 11803 17.0 0.5 69012 23208 ? R 21:35:10 00:00:00 bro broctl-1.4-minimal/testing/Baseline/plugin.ps/stopped.out0000664002342100234210000000014712535575000023436 0ustar johannajohanna USER PID PPID %CPU %MEM VSZ RSS TT S STARTED TIME COMMAND >>> localhost broctl-1.4-minimal/testing/Baseline/plugin.ps/all.out0000664002342100234210000000140712535575000022530 0ustar johannajohanna USER PID PPID %CPU %MEM VSZ RSS TT S STARTED TIME COMMAND >>> localhost (+) bro_user 11737 11728 7.2 0.6 286556 26684 ? S 21:35:06 00:00:00 bro (+) bro_user 11738 11737 23.4 0.5 71252 23192 ? S 21:35:06 00:00:01 bro (+) bro_user 11764 11755 11.0 0.6 65176 26464 ? S 21:35:08 00:00:00 bro (+) bro_user 11765 11764 22.0 0.5 71048 23188 ? R 21:35:08 00:00:00 bro (+) bro_user 11803 11784 28.0 0.6 65316 26544 ? S 21:35:10 00:00:00 bro (+) bro_user 11804 11787 26.0 0.6 65316 26560 ? R 21:35:10 00:00:00 bro (+) bro_user 11805 11804 17.0 0.5 69008 23224 ? S 21:35:10 00:00:00 bro (+) bro_user 11807 11803 16.0 0.5 69012 23208 ? R 21:35:10 00:00:00 bro broctl-1.4-minimal/testing/Baseline/helper.to-bytes/0000775002342100234210000000000012535575000022332 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/helper.to-bytes/out10000664002342100234210000000016312535575000023145 0ustar johannajohanna/99k 0 10 10240 10240 10485760 10485760 1.07374e+10 1.07374e+10 0 10 1e+10 1572864 1572864 1610612736 1610612736 broctl-1.4-minimal/testing/Baseline/helper.to-bytes/out60000664002342100234210000000012212535575000023145 0ustar johannajohanna/99k 0 10 10k 10K 10m 10M 10g 10G 0 10 10000000000 1.5m 1572864 1610612736 1.5G broctl-1.4-minimal/testing/Baseline/helper.to-bytes/out50000664002342100234210000000012212535575000023144 0ustar johannajohanna/99k 0 10 10k 10K 10m 10M 10g 10G 0 10 10000000000 1.5m 1572864 1610612736 1.5G broctl-1.4-minimal/testing/Baseline/helper.to-bytes/out40000664002342100234210000000012512535575000023146 0ustar johannajohanna/99k 0 10 10k 10K 10m 10M 10g 10G 0 10 10000000000 1572864 1572864 1610612736 1.5G broctl-1.4-minimal/testing/Baseline/helper.to-bytes/out20000664002342100234210000000017212535575000023146 0ustar johannajohanna/99k 0 10 10240 10240 10485760 10485760 1.07374e+10 1.07374e+10 0 10240 1.024e+13 1572864 1572864 1610612736 1610612736 broctl-1.4-minimal/testing/Baseline/helper.to-bytes/out30000664002342100234210000000015612535575000023151 0ustar johannajohanna/99k 0B 10 10240 10240 10485760 10485760 1.07374e+10 1.07374e+10 0 10 1e+10 1.5m 1.5M 1610612736 1610612736 broctl-1.4-minimal/testing/Baseline/command.start-stop-standalone/0000775002342100234210000000000012535575000025171 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.start-stop-standalone/stop.out0000664002342100234210000000002112535575000026700 0ustar johannajohannastopping bro ... broctl-1.4-minimal/testing/Baseline/command.start-stop-standalone/start.out0000664002342100234210000000002112535575000027050 0ustar johannajohannastarting bro ... broctl-1.4-minimal/testing/Baseline/plugin.lb_pf_ring/0000775002342100234210000000000012535575000022704 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/plugin.lb_pf_ring/debug3.log0000664002342100234210000001361212535575000024563 0ustar johannajohanna18 Nov 21:57:34 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=manager /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/manager -1 -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto 18 Nov 21:57:36 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=proxy-1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/proxy-1 -1 -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-1 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-10 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-10 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-10 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-11 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-11 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-11 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-2 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-2 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-3 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-3 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-3 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-4 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-4 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-4 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-5 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-5 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-5 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-6 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-6 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-6 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-7 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-7 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-7 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-8 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-8 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-8 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:39 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-9 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-9 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-9 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto broctl-1.4-minimal/testing/Baseline/plugin.lb_pf_ring/debug1.log0000664002342100234210000001374212535575000024565 0ustar johannajohanna18 Nov 21:56:56 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=manager /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/manager -1 -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto 18 Nov 21:56:59 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=proxy-1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/proxy-1 -1 -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-1 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-10 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-10 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-10 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-11 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-11 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-11 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-2 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-2 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-3 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-3 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-3 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-4 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-4 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-4 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-5 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-5 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-5 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-6 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-6 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-6 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-7 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-7 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-7 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-8 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-8 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-8 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:01 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-9 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 -v PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-9 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-9 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto broctl-1.4-minimal/testing/Baseline/plugin.lb_pf_ring/debug2.log0000664002342100234210000001273512535575000024567 0ustar johannajohanna18 Nov 21:57:15 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=manager /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/manager -1 -U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto 18 Nov 21:57:17 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=proxy-1 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/proxy-1 -1 -U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-1 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-1 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-10 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-10 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-10 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-11 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-11 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-11 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-2 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-2 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-3 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-3 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-3 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-4 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-4 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-4 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-5 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-5 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-5 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-6 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-6 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-6 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-7 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-7 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-7 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-8 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-8 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-8 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto 18 Nov 21:57:20 [execute] localhost: /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/share/broctl/scripts/helpers/start -v CLUSTER_NODE=worker-1-9 -v PCAP_PF_RING_APPNAME=bro-eth0 -v PCAP_PF_RING_CLUSTER_ID=21 /home/repo/bro/aux/broctl/testing/../build/testing/test.9100/spool/worker-1-9 -1 -i 'eth0' -U .status -p broctl -p broctl-live -p local -p worker-1-9 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto broctl-1.4-minimal/testing/Baseline/command.install-local/0000775002342100234210000000000012535575000023461 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.install-local/out0000664002342100234210000000037012535575000024213 0ustar johannajohannaHint: Run the broctl "deploy" command to get started. creating policy directories ... installing site policies ... generating cluster-layout.bro ... generating local-networks.bro ... generating broctl-config.bro ... generating broctl-config.sh ... broctl-1.4-minimal/testing/Baseline/command.restart-cluster-crash/0000775002342100234210000000000012535575000025164 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.restart-cluster-crash/restart.out0000664002342100234210000000032312535575000027377 0ustar johannajohannastopping ... worker-1 not running (was crashed) stopping worker-2 ... stopping proxy-1 ... stopping manager ... starting ... starting manager ... starting proxy-1 ... starting worker-1 ... starting worker-2 ... broctl-1.4-minimal/testing/Baseline/command.restart-cluster-crash/status2.out0000664002342100234210000000066112535575000027325 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 26085 ??? 04 Dec 03:58:39 proxy-1 proxy localhost running 26107 ??? 04 Dec 03:58:41 worker-1 worker localhost running 26142 ??? 04 Dec 03:58:43 worker-2 worker localhost running 26141 ??? 04 Dec 03:58:43 broctl-1.4-minimal/testing/Baseline/command.restart-cluster-crash/status1.out0000664002342100234210000000062112535575000027320 0ustar johannajohannaGetting process status ... Getting peer status ... Name Type Host Status Pid Peers Started manager manager localhost running 25711 ??? 04 Dec 03:58:30 proxy-1 proxy localhost running 25735 ??? 04 Dec 03:58:32 worker-1 worker localhost crashed worker-2 worker localhost running 25774 ??? 04 Dec 03:58:34 broctl-1.4-minimal/testing/Baseline/initialization.node-lb-myricom/0000775002342100234210000000000012535575000025331 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.node-lb-myricom/out0000664002342100234210000000601212535575000026062 0ustar johannajohannaHint: Run the broctl "deploy" command to get started. manager - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=manager pin_cpus= test_mykey= type=manager zone_id= proxy-1 - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=proxy-1 pin_cpus= test_mykey= type=proxy zone_id= worker-1-1 - addr=::1 aux_scripts= brobase= count=1 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-1 pin_cpus= test_mykey= type=worker zone_id= worker-1-10 - addr=::1 aux_scripts= brobase= count=10 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-10 pin_cpus= test_mykey= type=worker zone_id= worker-1-11 - addr=::1 aux_scripts= brobase= count=11 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-11 pin_cpus= test_mykey= type=worker zone_id= worker-1-2 - addr=::1 aux_scripts= brobase= count=2 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-2 pin_cpus= test_mykey= type=worker zone_id= worker-1-3 - addr=::1 aux_scripts= brobase= count=3 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-3 pin_cpus= test_mykey= type=worker zone_id= worker-1-4 - addr=::1 aux_scripts= brobase= count=4 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-4 pin_cpus= test_mykey= type=worker zone_id= worker-1-5 - addr=::1 aux_scripts= brobase= count=5 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-5 pin_cpus= test_mykey= type=worker zone_id= worker-1-6 - addr=::1 aux_scripts= brobase= count=6 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-6 pin_cpus= test_mykey= type=worker zone_id= worker-1-7 - addr=::1 aux_scripts= brobase= count=7 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-7 pin_cpus= test_mykey= type=worker zone_id= worker-1-8 - addr=::1 aux_scripts= brobase= count=8 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-8 pin_cpus= test_mykey= type=worker zone_id= worker-1-9 - addr=::1 aux_scripts= brobase= count=9 env_vars=SNF_FLAGS=0x101,SNF_NUM_RINGS=11 ether= host=localhost interface=eth0 lb_interfaces= lb_method=myricom lb_procs=11 name=worker-1-9 pin_cpus= test_mykey= type=worker zone_id= broctl-1.4-minimal/testing/Baseline/command.config/0000775002342100234210000000000012535575000022170 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.config/out0000664002342100234210000000003212535575000022715 0ustar johannajohannamailsubjectprefix = [Bro] broctl-1.4-minimal/testing/Baseline/initialization.node-lb-pfring-multiple-id/0000775002342100234210000000000012535575000027362 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/initialization.node-lb-pfring-multiple-id/out0000664002342100234210000000320212535575000030111 0ustar johannajohannaHint: Run the broctl "deploy" command to get started. manager - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=manager pin_cpus= test_mykey= type=manager zone_id= proxy-1 - addr=::1 aux_scripts= brobase= count=1 env_vars= ether= host=localhost interface= lb_interfaces= lb_method= lb_procs= name=proxy-1 pin_cpus= test_mykey= type=proxy zone_id= worker-1-1 - addr=::1 aux_scripts= brobase= count=1 env_vars=PCAP_PF_RING_APPNAME=bro-eth0,PCAP_PF_RING_CLUSTER_ID=21,PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=2 name=worker-1-1 pin_cpus= test_mykey= type=worker zone_id= worker-1-2 - addr=::1 aux_scripts= brobase= count=2 env_vars=PCAP_PF_RING_APPNAME=bro-eth0,PCAP_PF_RING_CLUSTER_ID=21,PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 ether= host=localhost interface=eth0 lb_interfaces= lb_method=pf_ring lb_procs=2 name=worker-1-2 pin_cpus= test_mykey= type=worker zone_id= worker-2-1 - addr=::1 aux_scripts= brobase= count=3 env_vars=PCAP_PF_RING_APPNAME=bro-eth1,PCAP_PF_RING_CLUSTER_ID=22,PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 ether= host=localhost interface=eth1 lb_interfaces= lb_method=pf_ring lb_procs=2 name=worker-2-1 pin_cpus= test_mykey= type=worker zone_id= worker-2-2 - addr=::1 aux_scripts= brobase= count=4 env_vars=PCAP_PF_RING_APPNAME=bro-eth1,PCAP_PF_RING_CLUSTER_ID=22,PCAP_PF_RING_USE_CLUSTER_PER_FLOW_4_TUPLE=1 ether= host=localhost interface=eth1 lb_interfaces= lb_method=pf_ring lb_procs=2 name=worker-2-2 pin_cpus= test_mykey= type=worker zone_id= broctl-1.4-minimal/testing/Baseline/command.cron-stats/0000775002342100234210000000000012535575000023020 5ustar johannajohannabroctl-1.4-minimal/testing/Baseline/command.cron-stats/stats.out0000664002342100234210000000452212535575000024712 0ustar johannajohanna1387075318.44 manager action started 1387075320.49 proxy-1 action started 1387075322.54 worker-1 action started 1387075322.54 worker-2 action started 1387075328.26 manager parent vsize 30384128 1387075328.26 manager parent cmd python 1387075328.26 manager parent pid 13551 1387075328.26 manager parent cpu 0 1387075328.26 manager parent rss 5668864 1387075328.26 proxy-1 parent vsize 30384128 1387075328.26 proxy-1 parent cmd python 1387075328.26 proxy-1 parent pid 13575 1387075328.26 proxy-1 parent cpu 0 1387075328.26 proxy-1 parent rss 5672960 1387075328.26 worker-1 parent vsize 30384128 1387075328.26 worker-1 parent cmd python 1387075328.26 worker-1 parent pid 13613 1387075328.26 worker-1 parent cpu 0 1387075328.26 worker-1 parent rss 5668864 1387075328.26 worker-2 parent vsize 30384128 1387075328.26 worker-2 parent cmd python 1387075328.26 worker-2 parent pid 13614 1387075328.26 worker-2 parent cpu 0 1387075328.26 worker-2 parent rss 5672960 1387075328.26 worker-1 interface nic_drops 0.0 1387075328.26 worker-1 interface o 0.0 1387075328.26 worker-1 interface i 0.0 1387075328.26 worker-1 interface mbps 250.4 1387075328.26 worker-1 interface nonip 18.0 1387075328.26 worker-1 interface kbytes 306810.0 1387075328.26 worker-1 interface u 28.0 1387075328.26 worker-1 interface t 71628.0 1387075328.26 worker-1 interface pkts 71674.0 1387075328.26 worker-1 interface nic_pkts 71703.0 1387075328.26 worker-1 interface kpps 7.1 1387075328.26 worker-2 interface nic_drops 0.0 1387075328.26 worker-2 interface o 0.0 1387075328.26 worker-2 interface i 0.0 1387075328.26 worker-2 interface mbps 82.5 1387075328.26 worker-2 interface nonip 35.0 1387075328.26 worker-2 interface kbytes 101090.0 1387075328.26 worker-2 interface u 26.0 1387075328.26 worker-2 interface t 29749.0 1387075328.26 worker-2 interface pkts 29810.0 1387075328.26 worker-2 interface nic_pkts 29812.0 1387075328.26 worker-2 interface kpps 3.0 1387075328.26 $total interface nic_drops 0.0 1387075328.26 $total interface o 0.0 1387075328.26 $total interface i 0.0 1387075328.26 $total interface mbps 332.9 1387075328.26 $total interface nonip 53.0 1387075328.26 $total interface kbytes 407900.0 1387075328.26 $total interface u 54.0 1387075328.26 $total interface t 101377.0 1387075328.26 $total interface pkts 101484.0 1387075328.26 $total interface nic_pkts 101515.0 1387075328.26 $total interface kpps 10.1 broctl-1.4-minimal/testing/Cfg/0000775002342100234210000000000012535575000016263 5ustar johannajohannabroctl-1.4-minimal/testing/Cfg/etc/0000775002342100234210000000000012535575000017036 5ustar johannajohannabroctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__test_sendmail0000664002342100234210000000020512535575000024053 0ustar johannajohanna# Rather than send emails, use the test sendmail script to output message # text to a temporary file. sendmail=@PREFIX@/bin/sendmail broctl-1.4-minimal/testing/Cfg/etc/node.cfg__cluster0000664002342100234210000000032212535575000022341 0ustar johannajohanna# Cluster configuration. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost interface=eth0 [worker-2] type=worker host=localhost interface=eth1 broctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__pfring0000664002342100234210000000027312535575000022512 0ustar johannajohanna# Don't send emails or summary reports, and turn on debug output. # Specify a non-zero pfringclusterid (so that PF_RING can be tested). sendmail= tracesummary= debug=1 pfringclusterid=21 broctl-1.4-minimal/testing/Cfg/etc/node.cfg__myricom0000664002342100234210000000030212535575000022335 0ustar johannajohanna# Cluster myricom configuration. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost interface=eth0 lb_procs=11 lb_method=myricom broctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__pfring_env0000664002342100234210000000035512535575000023363 0ustar johannajohanna# Don't send emails or summary reports, and turn on debug output. # Specify a non-zero pfringclusterid (so that PF_RING can be tested). # Specify an env. variable. sendmail= tracesummary= debug=1 pfringclusterid=21 env_vars=GVAR=global broctl-1.4-minimal/testing/Cfg/etc/node.cfg__node_names0000664002342100234210000000027612535575000023000 0ustar johannajohanna# Cluster configuration with unusual node names. [logcollector] type=manager host=localhost [communicator] type=proxy host=localhost [gatherer] type=worker host=localhost interface=eth0 broctl-1.4-minimal/testing/Cfg/etc/node.cfg__lb_interfaces0000664002342100234210000000034612535575000023466 0ustar johannajohanna# Cluster "interfaces" load-balancing configuration. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost lb_procs=3 lb_method=interfaces lb_interfaces=eth0, eth3,eth1 broctl-1.4-minimal/testing/Cfg/etc/node.cfg__big_cluster0000664002342100234210000000053112535575000023164 0ustar johannajohanna# Big cluster (i.e., lots of nodes on one host) configuration. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [proxy-2] type=proxy host=localhost [worker-1] type=worker host=localhost interface=eth0 lb_method=pf_ring lb_procs=10 [worker-2] type=worker host=localhost interface=eth1 lb_method=pf_ring lb_procs=10 broctl-1.4-minimal/testing/Cfg/etc/node.cfg__pfring_2_nics0000664002342100234210000000042412535575000023405 0ustar johannajohanna# Cluster PF_RING configuration. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost interface=eth0 lb_procs=2 lb_method=pf_ring [worker-2] type=worker host=localhost interface=eth1 lb_procs=2 lb_method=pf_ring broctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__mixedcase0000664002342100234210000000022512535575000023164 0ustar johannajohanna# Specify an option name with mixed case and extraneous whitespace before # and after the option name and value. logroTaTioniNterval = 123 broctl-1.4-minimal/testing/Cfg/etc/networks.cfg__ipv40000664002342100234210000000005512535575000022474 0ustar johannajohanna# IPv4 networks. 192.168.0.0/16 my network broctl-1.4-minimal/testing/Cfg/etc/node.cfg__env_vars0000664002342100234210000000051712535575000022511 0ustar johannajohanna# Cluster configuration with a node-specific env_vars specified. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost interface=eth0 env_vars=myVar1="some Node val",MYVAR3=nodeval3, Myvar4 = "one;value",myvar6='$PATH' [worker-2] type=worker host=localhost interface=eth1 broctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__sitepluginpath0000664002342100234210000000030512535575000024261 0ustar johannajohanna# Specify directories containing test plugins, and a couple other # directories that don't. SitePluginPath=@PREFIX@/doesnotexist:@PREFIX@/testplugins:@PREFIX@/emptydir:@PREFIX@/moreplugins debug=1 broctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__debug0000664002342100234210000000014212535575000022306 0ustar johannajohanna# Don't send emails or summary reports, and turn on debug output. sendmail= tracesummary= debug=1 broctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__env_vars0000664002342100234210000000026212535575000023046 0ustar johannajohanna# Don't send emails or summary reports, and turn on debug output. sendmail= tracesummary= debug=1 env_vars=myVar1 = "some Global;val",MyVar2=anotherglobal, myvar5=$PATH:/mydir broctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__new_option0000664002342100234210000000012112535575000023376 0ustar johannajohanna# Specify an option that is not documented or used anywhere. foo1=this is a test broctl-1.4-minimal/testing/Cfg/etc/node.cfg__pfring_pin_cpus0000664002342100234210000000031712535575000024051 0ustar johannajohanna# Cluster PF_RING configuration. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost interface=eth0 lb_procs=4 lb_method=pf_ring pin_cpus=0,1,2 broctl-1.4-minimal/testing/Cfg/etc/networks.cfg__ipv4_ipv60000664002342100234210000000013612535575000023440 0ustar johannajohanna# Mix of IPv4 and IPv6 networks. 192.168.0.0/16 my network fe80::/64 another network broctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__no_email0000664002342100234210000000007712535575000023012 0ustar johannajohanna# Don't send emails or summary reports sendmail= tracesummary= broctl-1.4-minimal/testing/Cfg/etc/node.cfg__cluster_test0000664002342100234210000000036112535575000023403 0ustar johannajohanna# Cluster test configuration. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost interface=eth0 aux_scripts=doesnot.exist [worker-2] type=worker host=localhost interface=eth1 broctl-1.4-minimal/testing/Cfg/etc/node.cfg__pfring0000664002342100234210000000030212535575000022143 0ustar johannajohanna# Cluster PF_RING configuration. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost interface=eth0 lb_procs=11 lb_method=pf_ring broctl-1.4-minimal/testing/Cfg/etc/broctl.cfg__compresscmd0000664002342100234210000000023212535575000023537 0ustar johannajohanna# Test the compresscmd and compressextension options. compresscmd=@PREFIX@/bin/compress -i compressextension=broctlcompress # Don't send email sendmail= broctl-1.4-minimal/testing/Cfg/etc/node.cfg__cluster_no_netifs0000664002342100234210000000045212535575000024411 0ustar johannajohanna# Cluster configuration without any network interfaces specified (this is # mainly useful because Bro will not need any superuser privileges). [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost [worker-2] type=worker host=localhost broctl-1.4-minimal/testing/Cfg/etc/node.cfg__myricom_env0000664002342100234210000000050712535575000023214 0ustar johannajohanna# Cluster myricom configuration with override of an env. var. set # by the broctl myricom plugin, and an additional env. var. specified. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost interface=eth0 lb_procs=2 lb_method=myricom env_vars=SNF_FLAGS=0x2,VAR=123 broctl-1.4-minimal/testing/Cfg/etc/networks.cfg__ipv60000664002342100234210000000006312535575000022475 0ustar johannajohanna# IPv6 networks. fe80::/64 another network broctl-1.4-minimal/testing/Cfg/bin/0000775002342100234210000000000012535575000017033 5ustar johannajohannabroctl-1.4-minimal/testing/Cfg/bin/sendmail__test0000775002342100234210000000053212535575000021753 0ustar johannajohanna#! /usr/bin/env bash # # This script is a replacement for the "sendmail" command, and is used for # testing that broctl executes sendmail and gives it some message text. if [ -n "${BROCTL_INSTALL_PREFIX}" ]; then # Write message text from stdin to a temporary file. cat - >> ${BROCTL_INSTALL_PREFIX}/sendmail.out exit $? fi exit 1 broctl-1.4-minimal/testing/Cfg/bin/bro__test0000775002342100234210000000760312535575000020747 0ustar johannajohanna#! /usr/bin/env python # # This script can be used in place of Bro for testing purposes to simulate # some of the behavior of Bro. from __future__ import print_function import os, atexit, getopt, signal, sys, time def setprocstate(str): if statusfile: stfile = open(statusfile, "w") stfile.write(str) stfile.close() def catchsigterm(signum, frame): sys.exit(0) def createloadedscriptslog(thisnode): lsl = open("loaded_scripts.log", "w") lsl.write("Node %s: This is the contents of loaded_scripts.log for broctl testing.\n" % thisnode) lsl.close() livemode = False statusfile = None brotestcfg = {"crash": "", "crashshutdown": "", "slowstart": "", "slowstop": "", "envvars": "" } # Parse cmd-line args (most of them can be ignored). optlist, args = getopt.getopt(sys.argv[1:], "bde:f:ghi:p:r:y:Y:s:t:w:vx:z:CD:FI:K:LOPR:ST:U:WZ") for (opt, val) in optlist: if opt == "-v": # broctl doesn't care which version bro reports print("bro version 2.2-1", file=sys.stderr) sys.exit(0) elif opt == "-U": statusfile = val elif opt == "-p": if val == "broctl-live": livemode = True # Check if the test config file exists (Bro does not do this). The config # file can be used to control the behavior of this script. BroBase = os.getenv("BROCTL_INSTALL_PREFIX", "") cfgfilepath = os.path.join(BroBase, "broctltest.cfg") if os.path.isfile(cfgfilepath): testcfg = open(cfgfilepath, "r") for line in testcfg.readlines(): brovar,broval = line.strip().split('=', 1) brovar = brovar.strip() broval = broval.strip() if brovar not in brotestcfg: print("Error: unknown option '%s' in: %s" % (brovar, cfgfilepath), file=sys.stderr) sys.exit(1) brotestcfg[brovar] = broval testcfg.close() # The env. var. is set by broctl and can be used to determine if we're a # manager, proxy, or worker (for a standalone config, this env. var. is not # set). nodename = os.getenv("CLUSTER_NODE", "bro") if livemode: # Set an exit handler to update status upon exit (broctl "start" and "stop" # check this status). if nodename not in brotestcfg["crashshutdown"].split(): atexit.register(setprocstate, "TERMINATED [atexit]\n") # Check config file whether this node should simulate a Bro crash or not. if nodename in brotestcfg["crash"].split(): sys.exit(1) if nodename in brotestcfg["slowstart"].split(): # This delay time needs to be greater than the time broctl waits for # bro to enter the "running" state. time.sleep(10) # Set the status to notify broctl that we're up and running (broctl ignores # the part in brackets). setprocstate("RUNNING [net_run]\n") if nodename in brotestcfg["slowstop"].split(): # Ignore SIGTERM so that "broctl stop" must fallback to using SIGKILL. signal.signal(signal.SIGTERM, signal.SIG_IGN) else: # Catch SIGTERM so the exit handler runs after a "broctl stop". signal.signal(signal.SIGTERM, catchsigterm) # Create loaded_scripts.log (only the broctl "scripts" and "diag" commands # check for this file). createloadedscriptslog(nodename) # This is for testing if broctl can set env. vars. correctly envvars = brotestcfg["envvars"] if envvars: for envvar in envvars.split(): envval = os.getenv(envvar, "") # output for testing purposes (Bro doesn't do this) print("%s=%s" % (envvar, envval), file=sys.stderr) # Unlike bro, just wait long enough so that the slowest test case has time # to finish, and then just exit to avoid having unwanted processes # running if a test case fails to cleanup. time.sleep(100) sys.exit(0) # Create loaded_scripts.log (only the broctl "scripts" and "diag" commands # check for this file). createloadedscriptslog(nodename) broctl-1.4-minimal/testing/Cfg/bin/compress__test0000775002342100234210000000060112535575000022007 0ustar johannajohanna#! /usr/bin/env bash # # This script is a test compress script (broctl requires that a custom # compress command must write a transformed version of stdin to stdout). if [ "$1" = "-i" ]; then msg="compress option specified" else msg="compress no option specified" fi sed 's/This is a BROCTL TEST//' # show that command-line options are recognized echo $msg broctl-1.4-minimal/testing/Cfg/bin/df__test0000775002342100234210000000064412535575000020554 0ustar johannajohanna#! /usr/bin/env bash # # This script is a replacement for the "df" command, and is used for certain # broctl test cases where we need predictable output. echo "Filesystem 1024-blocks Used Available Capacity Mounted on" if [ -n "${BROCTL_TEST_DISK_FULL}" ]; then echo "/dev/sda6 249577356 245042244 4535112 98% /" else echo "/dev/sda6 249577356 131831812 105067708 56% /" fi broctl-1.4-minimal/testing/Cfg/bin/capstats__test0000775002342100234210000000134112535575000022000 0ustar johannajohanna#! /usr/bin/env bash # # This script is a replacement for the "capstats" command, and is used for # certain broctl test cases. while [ -n "$1" ]; do if [ "$1" = "-i" ]; then netif=$2 shift elif [ "$1" = "-I" ]; then interval=$2 shift fi shift done if [ "$netif" = "eth0" ]; then msg="1365006359.859727 pkts=71674 kpps=7.1 kbytes=306810 mbps=250.4 nic_pkts=71703 nic_drops=0 u=28 t=71628 i=0 o=0 nonip=18" else msg="1365006359.859727 pkts=29810 kpps=3.0 kbytes=101090 mbps=82.5 nic_pkts=29812 nic_drops=0 u=26 t=29749 i=0 o=0 nonip=35" fi sleep $interval # Output an example capstats output (broctl ignores the timestamp value) # Note: the capstats command outputs to stderr echo $msg 1>&2 broctl-1.4-minimal/testing/Cfg/testplugins/0000775002342100234210000000000012535575000020644 5ustar johannajohannabroctl-1.4-minimal/testing/Cfg/testplugins/broctltest.py__init_true0000664002342100234210000000053112535575000025623 0ustar johannajohanna# Broctl test plugin that does nothing except initialize. import BroControl.plugin class BroctlTest(BroControl.plugin.Plugin): def __init__(self): super(BroctlTest, self).__init__(apiversion=1) def name(self): return "broctltest" def pluginVersion(self): return 1 def init(self): return True broctl-1.4-minimal/testing/Cfg/testplugins/anothertest.py__init_true0000664002342100234210000000053412535575000026001 0ustar johannajohanna# Broctl test plugin that does nothing except initialize. import BroControl.plugin class AnotherTest(BroControl.plugin.Plugin): def __init__(self): super(AnotherTest, self).__init__(apiversion=1) def name(self): return "anothertest" def pluginVersion(self): return 1 def init(self): return True broctl-1.4-minimal/testing/initialization/0000775002342100234210000000000012535575000020613 5ustar johannajohannabroctl-1.4-minimal/testing/initialization/node-lb-pfring-pin-cpus.test0000664002342100234210000000057612535575000026063 0ustar johannajohanna# Test that worker nodes using PF_RING load balancing can use the pin_cpus # option correctly. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath | $SCRIPTS/diff-remove-localhost-values" btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__pfring_pin_cpus EOF broctl nodes > out 2>&1 broctl-1.4-minimal/testing/initialization/networks-ipv4.test0000664002342100234210000000055712535575000024257 0ustar johannajohanna# Test that IPv4 networks in networks.cfg are interpreted correctly. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/networks.cfg__ipv4 EOF broctl install grep -v "^#" $BROCTL_INSTALL_PREFIX/spool/installed-scripts-do-not-touch/auto/local-networks.bro | grep -v "^$" > out broctl-1.4-minimal/testing/initialization/broctl-global-env-vars.test0000664002342100234210000000216312535575000026000 0ustar johannajohanna# Test of env_vars (specified only in broctl.cfg). Test that env. vars. are # applied to all nodes. Test that the # environment variable names and values are case-sensitive. Test that # extraneous whitespace is ignored in the "env_vars" list in broctl.cfg. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug.log # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath" btest-diff stderr.log . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__env_vars etc/node.cfg__cluster bin/bro__test EOF cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF envvars=myVar1 MyVar2 myvar5 EOF broctl install # verify that the env_vars option has correct value broctl config 2>&1 | grep -i env_vars > out # verify that the env. vars. are passed to Bro rm $BROCTL_INSTALL_PREFIX/spool/debug.log broctl start grep -i myvar $BROCTL_INSTALL_PREFIX/spool/debug.log > debug.log grep -i myvar $BROCTL_INSTALL_PREFIX/spool/manager/stderr.log > stderr.log broctl stop broctl-1.4-minimal/testing/initialization/node-names.test0000664002342100234210000000047512535575000023550 0ustar johannajohanna# Test that nodes can have unusual names. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-localhost-values btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__node_names EOF broctl install || exit 1 broctl nodes > out 2>&1 broctl-1.4-minimal/testing/initialization/broctl-new-option.test0000664002342100234210000000043512535575000025100 0ustar johannajohanna# Test that broctl.cfg options that aren't used or documented can be specified. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__new_option EOF broctl config 2>&1 | grep foo1 > out broctl-1.4-minimal/testing/initialization/networks-ipv6.test0000664002342100234210000000055712535575000024261 0ustar johannajohanna# Test that IPv6 networks in networks.cfg are interpreted correctly. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/networks.cfg__ipv6 EOF broctl install grep -v "^#" $BROCTL_INSTALL_PREFIX/spool/installed-scripts-do-not-touch/auto/local-networks.bro | grep -v "^$" > out broctl-1.4-minimal/testing/initialization/broctl-mixed-case.test0000664002342100234210000000054612535575000025023 0ustar johannajohanna# Test that option names in broctl.cfg are case-insensitive, and that # whitespace is ignored before and after option names and values. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__mixedcase EOF broctl config 2>&1 | grep -i LogRotationInterval > out broctl-1.4-minimal/testing/initialization/node-lb-interfaces.test0000664002342100234210000000064112535575000025156 0ustar johannajohanna# Test that worker nodes using "interfaces" load balancing are expanded to new # nodes that have names of the form: - # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath | $SCRIPTS/diff-remove-localhost-values" btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__lb_interfaces EOF broctl nodes > out 2>&1 broctl-1.4-minimal/testing/initialization/node-lb-myricom.test0000664002342100234210000000062612535575000024515 0ustar johannajohanna# Test that worker nodes using myricom load balancing are expanded to new # nodes that have names of the form: - # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath | $SCRIPTS/diff-remove-localhost-values" btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__myricom EOF broctl nodes > out 2>&1 broctl-1.4-minimal/testing/initialization/node-lb-pfring-multiple-id.test0000664002342100234210000000076612535575000026553 0ustar johannajohanna# Test that a worker node using PF_RING load balancing on multiple interfaces # has different cluster IDs automatically assigned (one for each group of # processes sniffing the same interface). # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath | $SCRIPTS/diff-remove-localhost-values" btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__pfring etc/node.cfg__pfring_2_nics EOF broctl nodes > out 2>&1 broctl-1.4-minimal/testing/initialization/networks-ipv4-ipv6.test0000664002342100234210000000063112535575000025132 0ustar johannajohanna# Test that both IPv4 and IPv6 networks can be specified in networks.cfg and # are interpreted correctly. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/networks.cfg__ipv4_ipv6 EOF broctl install grep -v "^#" $BROCTL_INSTALL_PREFIX/spool/installed-scripts-do-not-touch/auto/local-networks.bro | grep -v "^$" > out broctl-1.4-minimal/testing/initialization/node-lb-pfring.test0000664002342100234210000000062512535575000024322 0ustar johannajohanna# Test that worker nodes using PF_RING load balancing are expanded to new # nodes that have names of the form: - # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath | $SCRIPTS/diff-remove-localhost-values" btest-diff out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/node.cfg__pfring EOF broctl nodes > out 2>&1 broctl-1.4-minimal/testing/initialization/broctl-node-env-vars.test0000664002342100234210000000145412535575000025467 0ustar johannajohanna# Test of env_vars (specified both in broctl.cfg and node.cfg). Test that the # node-specific values override the global values. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug.log . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__env_vars etc/node.cfg__env_vars bin/bro__test EOF broctl install # verify that the env_vars option has global (and not node-specific) values broctl config 2>&1 | grep -i env_vars > out # verify that the correct (global vs. node) env. vars. are passed to Bro rm $BROCTL_INSTALL_PREFIX/spool/debug.log broctl start grep -i myvar $BROCTL_INSTALL_PREFIX/spool/debug.log > debug.log broctl stop broctl-1.4-minimal/testing/initialization/node-env-vars.test0000664002342100234210000000206212535575000024200 0ustar johannajohanna# Test of env_vars (specified only in node.cfg). Test that env. vars. are # only applied to nodes that specify the "env_vars" option. Test that the # environment variable names and values are case-sensitive. Test that # extraneous whitespace is ignored in the "env_vars" list in node.cfg. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug.log # @TEST-EXEC: btest-diff stderr.log . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__debug etc/node.cfg__env_vars bin/bro__test EOF cat > $BROCTL_INSTALL_PREFIX/broctltest.cfg << EOF envvars=myVar1 MYVAR3 Myvar4 myvar6 EOF broctl install # verify that the env_vars option is empty broctl config 2>&1 | grep -i env_vars > out # verify that the env. vars. are passed to Bro broctl start grep -i myvar $BROCTL_INSTALL_PREFIX/spool/debug.log > debug.log grep -i myvar $BROCTL_INSTALL_PREFIX/spool/worker-1/stderr.log > stderr.log broctl stop broctl-1.4-minimal/testing/plugin/0000775002342100234210000000000012535575000017062 5ustar johannajohannabroctl-1.4-minimal/testing/plugin/ps.test0000664002342100234210000000136412535575000020411 0ustar johannajohanna# Test that the ps plugin can show bro processes on all nodes, or just a # specified node. # # @TEST-SERIALIZE: broccoli # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-ps-output btest-diff all.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-ps-output btest-diff onenode.out # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-ps-output btest-diff stopped.out . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email etc/node.cfg__cluster_no_netifs EOF broctl install broctl start # get status of all nodes broctl ps.bro > all.out 2>&1 # get status of one node broctl ps.bro worker-2 > onenode.out 2>&1 broctl stop # no bro processes running broctl ps.bro > stopped.out 2>&1 broctl-1.4-minimal/testing/plugin/lb_myricom.test0000664002342100234210000000107712535575000022124 0ustar johannajohanna# Test that each worker node is started with SNF_* environment variables # set by the lb_myricom plugin when the necessary node.cfg options are # specified. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug.log . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__debug etc/node.cfg__myricom bin/bro__test EOF broctl install broctl start grep CLUSTER_NODE $BROCTL_INSTALL_PREFIX/spool/debug.log > debug.log broctl stop broctl-1.4-minimal/testing/plugin/lb_pf_ring.test0000664002342100234210000000256612535575000022075 0ustar johannajohanna# Test that each worker node is started with PF_RING environment variables # set by the lb_pf_ring plugin when the necessary broctl.cfg and node.cfg # options are specified. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug1.log # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug2.log # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug3.log . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__pfring etc/node.cfg__pfring bin/bro__test EOF broctlcfg=$BROCTL_INSTALL_PREFIX/etc/broctl.cfg debuglog=$BROCTL_INSTALL_PREFIX/spool/debug.log # Default cluster type broctl install broctl start grep CLUSTER_NODE ${debuglog} > debug1.log broctl stop # Round-robin cluster type echo "pfringclustertype=round-robin" >> ${broctlcfg} broctl install rm ${debuglog} broctl start grep CLUSTER_NODE ${debuglog} > debug2.log broctl stop # 6-tuple cluster type sed "s/pfringclustertype=round-robin/pfringclustertype=6-tuple/" ${broctlcfg} > ${broctlcfg}.new && mv ${broctlcfg}.new ${broctlcfg} broctl install rm ${debuglog} broctl start grep CLUSTER_NODE ${debuglog} > debug3.log broctl stop broctl-1.4-minimal/testing/plugin/lb_myricom-env-vars.test0000664002342100234210000000106212535575000023655 0ustar johannajohanna# Test that we can override SNF_* environment variables set by the lb_myricom # plugin, and test that we can add additional env. variables. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug.log . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__debug etc/node.cfg__myricom_env bin/bro__test EOF broctl install broctl start grep CLUSTER_NODE $BROCTL_INSTALL_PREFIX/spool/debug.log > debug.log broctl stop broctl-1.4-minimal/testing/plugin/lb_pf_ring-env-vars.test0000664002342100234210000000101212535575000023615 0ustar johannajohanna# Test that we can add additional environment variables to the ones set # by the lb_pf_ring plugin. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-timestamps-dd-mmm-hh-mm-ss | $SCRIPTS/diff-remove-abspath" btest-diff debug.log . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__pfring_env etc/node.cfg__pfring bin/bro__test EOF broctl install broctl start grep CLUSTER_NODE $BROCTL_INSTALL_PREFIX/spool/debug.log > debug.log broctl stop broctl-1.4-minimal/testing/plugin/plugin-sitepluginpath.test0000664002342100234210000000165112535575000024322 0ustar johannajohanna# Test that plugins are found in a directory specified by the SitePluginPath # option, and that directories that don't contain plugins are ignored. # # @TEST-EXEC: bash %INPUT . broctl-test-setup # Create dirs specified in the SitePluginPath option mkdir $BROCTL_INSTALL_PREFIX/testplugins mkdir $BROCTL_INSTALL_PREFIX/moreplugins mkdir $BROCTL_INSTALL_PREFIX/emptydir while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__sitepluginpath testplugins/broctltest.py__init_true --new testplugins/anothertest.py__init_true --new EOF mv $BROCTL_INSTALL_PREFIX/testplugins/anothertest.py $BROCTL_INSTALL_PREFIX/moreplugins replaceprefix etc/broctl.cfg debuglog=$BROCTL_INSTALL_PREFIX/spool/debug.log broctl exit # verify that the test plugins were loaded grep "Loaded plugin broctltest" ${debuglog} | grep -q testplugins test $? -eq 0 grep "Loaded plugin anothertest" ${debuglog} | grep -q moreplugins test $? -eq 0 broctl-1.4-minimal/testing/test_api/0000775002342100234210000000000012535575000017374 5ustar johannajohannabroctl-1.4-minimal/testing/test_api/test_state.py0000664002342100234210000000162212535575000022126 0ustar johannajohannafrom __future__ import print_function from BroControl.state import SqliteState def test_state_basic(): s = SqliteState(":memory:") assert s.get("key") == None s.set("key", "value") assert s.get("key") == "value" s.set("int", 101) assert s.get("int") == 101 s.set("bool", False) assert s.get("bool") == False def test_state_update(): s = SqliteState(":memory:") s.set("key", "value") assert s.get("key") == "value" s.set("key", "newvalue") assert s.get("key") == "newvalue" def test_state_setdefault(): s = SqliteState(":memory:") s.set("key", "value") assert s.get("key") == "value" s.setdefault("key", "newvalue") assert s.get("key") == "value" def test_state_items(): s = SqliteState(":memory:") s.set("a", 1) s.set("b", "two") d = dict(s.items()) print(d) assert d["a"] == 1 assert d["b"] == "two" broctl-1.4-minimal/testing/helper/0000775002342100234210000000000012535575000017043 5ustar johannajohannabroctl-1.4-minimal/testing/helper/archive-log-compresscmd.test0000664002342100234210000000422112535575000024460 0ustar johannajohanna# Test that the archive-log script archives and compresses a specified # log file (including a connection summary report) according to the # CompressCmd and CompressExtension broctl options. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__compresscmd bin/compress__test --new EOF replaceprefix etc/broctl.cfg archivelog=$BROCTL_INSTALL_PREFIX/share/broctl/scripts/archive-log logdir=$BROCTL_INSTALL_PREFIX/logs/2013-12-30 connlog=${logdir}/conn.22:24:20-22:30:00.log.broctlcompress testlog=${logdir}/broctltest.22:24:20-22:30:00.log.broctlcompress connsummarylog=${logdir}/conn-summary.22:24:20-22:30:00.log.broctlcompress origconnlog=conn.2013-12-30-22-24-20.log origtestlog=broctltest.2013-12-30-22-24-20.log ret=0 broctl install # Create Bro's working directory, chdir to that dir, and create rotated logs mkdir $BROCTL_INSTALL_PREFIX/spool/bro cd $BROCTL_INSTALL_PREFIX/spool/bro cat > ${origconnlog} << _EOF_ # This is a BROCTL TEST _EOF_ cat > ${origtestlog} << _EOF_ # This is a BROCTL TEST _EOF_ ############################################### # Test archive-log for the conn.log file ${archivelog} ${origconnlog} conn 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that the logs were archived test -f ${origconnlog} && ret=1 test ! -f ${connlog} && ret=1 test ! -f ${connsummarylog} && ret=1 # verify that the logs were compressed according to the broctl options grep -q "compressed" ${connlog} || ret=1 grep -q "compress option" ${connlog} || ret=1 grep -q ">== Total ===" ${connsummarylog} || ret=1 grep -q "compress option" ${connsummarylog} || ret=1 ############################################### # Test archive-log for a different log file # verify that the broctltest.log was not archived yet test -f ${testlog} && ret=1 ${archivelog} ${origtestlog} broctltest 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that broctltest.log was archived test -f ${origtestlog} && ret=1 test ! -f ${testlog} && ret=1 # verify that broctltest.log was compressed according to the broctl options grep -q "compressed" ${testlog} || ret=1 grep -q "compress option" ${testlog} || ret=1 exit $ret broctl-1.4-minimal/testing/helper/archive-log-no-mail.test0000664002342100234210000000267612535575000023511 0ustar johannajohanna# Test that if the archive-log script is archiving conn.log and if # MailConnectionSummary=0, then a connection summary report is archived, # but not emailed. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg echo "MailConnectionSummary=0" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg archivelog=$BROCTL_INSTALL_PREFIX/share/broctl/scripts/archive-log logdir=$BROCTL_INSTALL_PREFIX/logs/2013-12-30 connlog=${logdir}/conn.22:24:20-22:30:00.log.gz connsummarylog=${logdir}/conn-summary.22:24:20-22:30:00.log.gz origconnlog=conn.2013-12-30-22-24-20.log ret=0 broctl install # Create Bro's working directory, chdir to that dir, and create rotated logs mkdir $BROCTL_INSTALL_PREFIX/spool/bro cd $BROCTL_INSTALL_PREFIX/spool/bro cat > ${origconnlog} << _EOF_ # This is a test conn.log _EOF_ ############################################### # Test archive-log for the conn.log file ${archivelog} ${origconnlog} conn 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that the logs were archived test -f ${origconnlog} && ret=1 test ! -f ${connlog} && ret=1 test ! -f ${connsummarylog} && ret=1 # verify that the logs were compressed grep -q "This is a test" ${connlog} && ret=1 grep -q ">== Total ===" ${connsummarylog} && ret=1 # verify that no email was sent test -f $BROCTL_INSTALL_PREFIX/sendmail.out && ret=1 exit $ret broctl-1.4-minimal/testing/helper/archive-log-makearchivename.test0000664002342100234210000000311612535575000025263 0ustar johannajohanna# Test that the archive-log script archives and compresses a specified log # file using an alternative make-archive-name script when the makearchivename # broctl option is specified. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__no_email EOF makearchname=$BROCTL_INSTALL_PREFIX/share/broctl/scripts/make-archive-name testarchname=$BROCTL_INSTALL_PREFIX/test-arch-name archivelog=$BROCTL_INSTALL_PREFIX/share/broctl/scripts/archive-log logdir=$BROCTL_INSTALL_PREFIX/logs/2013-12-30 testlog=${logdir}/broctltest.22_24_20-22_30_00.log.gz origtestlog=broctltest.2013-12-30-22-24-20.log echo "makearchivename=${testarchname}" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg # Create the new script (behaves differently than original script) sed "s/%s:%s:%s/%s_%s_%s/" ${makearchname} > ${testarchname} chmod 755 ${testarchname} ret=0 broctl install # Create Bro's working directory, chdir to that dir, and create a rotated log mkdir $BROCTL_INSTALL_PREFIX/spool/bro cd $BROCTL_INSTALL_PREFIX/spool/bro cat > ${origtestlog} << _EOF_ # This is a test broctltest.log _EOF_ ############################################### # Test archive-log with an alternate make-archive-name # verify that broctltest.log was not archived yet test -f ${testlog} && ret=1 ${archivelog} ${origtestlog} broctltest 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that broctltest.log was archived test -f ${origtestlog} && ret=1 test ! -f ${testlog} && ret=1 # verify that broctltest.log was compressed grep -q "This is a test" ${testlog} && ret=1 exit $ret broctl-1.4-minimal/testing/helper/archive-log-logdir.test0000664002342100234210000000414312535575000023424 0ustar johannajohanna# Test that the archive-log script archives and compresses a specified log # file (including a connection summary report) when a custom log directory # is specified with the "LogDir" option. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg echo "LogDir=$BROCTL_INSTALL_PREFIX/mylogs" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg archivelog=$BROCTL_INSTALL_PREFIX/share/broctl/scripts/archive-log logdir=$BROCTL_INSTALL_PREFIX/mylogs/2013-12-30 connlog=${logdir}/conn.22:24:20-22:30:00.log.gz testlog=${logdir}/broctltest.22:24:20-22:30:00.log.gz connsummarylog=${logdir}/conn-summary.22:24:20-22:30:00.log.gz origconnlog=conn.2013-12-30-22-24-20.log origtestlog=broctltest.2013-12-30-22-24-20.log # Create the custom log dir (broctl does not do this) mkdir $BROCTL_INSTALL_PREFIX/mylogs ret=0 broctl install # Create Bro's working directory, chdir to that dir, and create rotated logs mkdir $BROCTL_INSTALL_PREFIX/spool/bro cd $BROCTL_INSTALL_PREFIX/spool/bro cat > ${origconnlog} << _EOF_ # This is a test conn.log _EOF_ cat > ${origtestlog} << _EOF_ # This is a test broctltest.log _EOF_ ############################################### # Test archive-log for the conn.log file ${archivelog} ${origconnlog} conn 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that the logs were archived test -f ${origconnlog} && ret=1 test ! -f ${connlog} && ret=1 test ! -f ${connsummarylog} && ret=1 # verify that the logs were compressed grep -q "This is a test" ${connlog} && ret=1 grep -q ">== Total ===" ${connsummarylog} && ret=1 ############################################### # Test archive-log for a different log file # verify that the broctltest.log was not archived yet test -f ${testlog} && ret=1 ${archivelog} ${origtestlog} broctltest 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that broctltest.log was archived test -f ${origtestlog} && ret=1 test ! -f ${testlog} && ret=1 # verify that broctltest.log was compressed grep -q "This is a test" ${testlog} && ret=1 exit $ret broctl-1.4-minimal/testing/helper/archive-log.test0000664002342100234210000000423412535575000022147 0ustar johannajohanna# Test that the archive-log script archives and compresses a specified log # file, and that a connection summary report is emailed and archived if # conn.log is being archived. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg archivelog=$BROCTL_INSTALL_PREFIX/share/broctl/scripts/archive-log logdir=$BROCTL_INSTALL_PREFIX/logs/2013-12-30 connlog=${logdir}/conn.22:24:20-22:30:00.log.gz testlog=${logdir}/broctltest.22:24:20-22:30:00.log.gz connsummarylog=${logdir}/conn-summary.22:24:20-22:30:00.log.gz origconnlog=conn.2013-12-30-22-24-20.log origtestlog=broctltest.2013-12-30-22-24-20.log ret=0 broctl install # Create Bro's working directory, chdir to that dir, and create rotated logs mkdir $BROCTL_INSTALL_PREFIX/spool/bro cd $BROCTL_INSTALL_PREFIX/spool/bro cat > ${origconnlog} << _EOF_ # This is a test conn.log _EOF_ cat > ${origtestlog} << _EOF_ # This is a test broctltest.log _EOF_ ############################################### # Test archive-log for the conn.log file ${archivelog} ${origconnlog} conn 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that the logs were archived test -f ${origconnlog} && ret=1 test ! -f ${connlog} && ret=1 test ! -f ${connsummarylog} && ret=1 # verify that the logs were compressed grep -q "This is a test" ${connlog} && ret=1 grep -q ">== Total ===" ${connsummarylog} && ret=1 # verify that a connection summary report was emailed grep -q ">== Total ===" $BROCTL_INSTALL_PREFIX/sendmail.out || ret=1 rm $BROCTL_INSTALL_PREFIX/sendmail.out ############################################### # Test archive-log for a different log file # verify that the broctltest.log was not archived yet test -f ${testlog} && ret=1 ${archivelog} ${origtestlog} broctltest 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that broctltest.log was archived test -f ${origtestlog} && ret=1 test ! -f ${testlog} && ret=1 # verify that broctltest.log was compressed grep -q "This is a test" ${testlog} && ret=1 # verify that no email was sent test -f $BROCTL_INSTALL_PREFIX/sendmail.out && ret=1 exit $ret broctl-1.4-minimal/testing/helper/to-bytes.test0000664002342100234210000000267712535575000021526 0ustar johannajohanna# Test that the to-bytes.awk helper script can correctly convert numeric # values that are typically found in the output of the df and top commands. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-to-bytes-output btest-diff out1 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-to-bytes-output btest-diff out2 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-to-bytes-output btest-diff out3 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-to-bytes-output btest-diff out4 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-to-bytes-output btest-diff out5 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-to-bytes-output btest-diff out6 . broctl-test-setup tobytes=$BROCTL_INSTALL_PREFIX/share/broctl/scripts/helpers/to-bytes.awk # Create a test file containing input values for the to-bytes.awk script. cat > testfile << _EOF_ /99k 0B 10B 10k 10K 10m 10M 10g 10G 0 10 10000000000 1.5m 1.5M 1.5g 1.5G _EOF_ # test with no options cat testfile | awk -f ${tobytes} > out1 # test with def_factor cat testfile | awk -v def_factor=1024 -f ${tobytes} > out2 # test with start_field cat testfile | awk -v start_field=3 -f ${tobytes} > out3 # test with end_field cat testfile | awk -v end_field=3 -f ${tobytes} > out4 # test with start_field and end_field cat testfile | awk -v start_field=2 -v end_field=3 -f ${tobytes} > out5 # test with all options cat testfile | awk -v start_field=2 -v end_field=3 -v def_factor=1024 -f ${tobytes} > out6 broctl-1.4-minimal/testing/helper/archive-log-no-compress.test0000664002342100234210000000370312535575000024412 0ustar johannajohanna# Test that the archive-log script archives, but not compresses, a specified # log file (including a connection summary report) if CompressLogs=0. # # @TEST-EXEC: bash %INPUT . broctl-test-setup while read line; do installcfgfile "$line"; done << EOF etc/broctl.cfg__test_sendmail bin/sendmail__test --new EOF replaceprefix etc/broctl.cfg echo "CompressLogs=0" >> $BROCTL_INSTALL_PREFIX/etc/broctl.cfg archivelog=$BROCTL_INSTALL_PREFIX/share/broctl/scripts/archive-log logdir=$BROCTL_INSTALL_PREFIX/logs/2013-12-30 connlog=${logdir}/conn.22:24:20-22:30:00.log testlog=${logdir}/broctltest.22:24:20-22:30:00.log connsummarylog=${logdir}/conn-summary.22:24:20-22:30:00.log origconnlog=conn.2013-12-30-22-24-20.log origtestlog=broctltest.2013-12-30-22-24-20.log ret=0 broctl install # Create Bro's working directory, chdir to that dir, and create rotated logs mkdir $BROCTL_INSTALL_PREFIX/spool/bro cd $BROCTL_INSTALL_PREFIX/spool/bro cat > ${origconnlog} << _EOF_ # This is a test conn.log _EOF_ cat > ${origtestlog} << _EOF_ # This is a test broctltest.log _EOF_ ############################################### # Test archive-log for the conn.log file ${archivelog} ${origconnlog} conn 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that the logs were archived test -f ${origconnlog} && ret=1 test ! -f ${connlog} && ret=1 test ! -f ${connsummarylog} && ret=1 # verify that the logs were not compressed grep -q "This is a test" ${connlog} || ret=1 grep -q ">== Total ===" ${connsummarylog} || ret=1 ############################################### # Test archive-log for a different log file # verify that the broctltest.log was not archived yet test -f ${testlog} && ret=1 ${archivelog} ${origtestlog} broctltest 13-12-30_22.24.20 13-12-30_22.30.00 0 ascii # verify that broctltest.log was archived test -f ${origtestlog} && ret=1 test ! -f ${testlog} && ret=1 # verify that broctltest.log was not compressed grep -q "This is a test" ${testlog} || ret=1 exit $ret broctl-1.4-minimal/testing/helper/make-archive-name.test0000664002342100234210000000113512535575000023216 0ustar johannajohanna# Test that the make-archive-name script produces the expected output. # # @TEST-EXEC: bash %INPUT # @TEST-EXEC: btest-diff out1 # @TEST-EXEC: btest-diff out2 # @TEST-EXEC: btest-diff out3 . broctl-test-setup makearchivename=$BROCTL_INSTALL_PREFIX/share/broctl/scripts/make-archive-name # Test with all arguments specified ${makearchivename} conn.log ascii 2013-12-30-23-39-31 2013-12-30-23-40-00 > out1 ${makearchivename} broctltest.extension ascii 2013-01-02-00-03-05 2013-01-02-00-09-00 > out2 # Test without the last optional argument ${makearchivename} test.log ascii 2013-01-02-00-03-05 > out3 broctl-1.4-minimal/testing/Makefile0000664002342100234210000000105412535575000017224 0ustar johannajohanna DIAG=diag.log BTEST=../../btest/btest all: cleanup buildbro btest-verbose # Showing all tests. btest-verbose: @$(BTEST) -j -f $(DIAG) brief: cleanup buildbro btest-brief # Brief output showing only failed tests. btest-brief: @$(BTEST) -j -b -f $(DIAG) # Rerun only the failed tests. rerun: @$(BTEST) -r -j -f $(DIAG) buildbro: @./Scripts/build-bro cleanup: @rm -f $(DIAG) # Remove the broctl test build dir. cleanall: @rm -f $(DIAG) @./Scripts/build-bro cleanall .PHONY: all btest-verbose btest-brief brief rerun buildbro cleanup cleanall broctl-1.4-minimal/man/0000775002342100234210000000000012535575000014662 5ustar johannajohannabroctl-1.4-minimal/man/broctl.80000664002342100234210000000572312535575000016247 0ustar johannajohanna.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.46.4. .TH BROCTL "8" "November 2014" "" "System Administration Utilities" .SH NAME .B broctl \- interactive shell for managing Bro installations .SH SYNOPSIS .B broctl [\fIcommand\fR] .SH DESCRIPTION .B broctl is an interactive interface for managing either a standalone or a Bro cluster installation. If a \fBbroctl\fR command is specified directly on the command-line, then \fBbroctl\fR performs the action associated with that command immediately (instead of running the interactive interface). Before actually running .B broctl you first need to edit the \fBbroctl.cfg\fR, \fBnode.cfg\fR, and \fBnetworks.cfg\fR files. In the \fBbroctl.cfg\fR file, you should review the \fBbroctl\fR options and make sure the options are set correctly for your environment. Next, edit the \fBnode.cfg\fR file and specify the nodes that you will be running. Finally, edit the \fBnetworks.cfg\fR file and list each network that is considered local to the monitored environment (see the examples in the file for the format to use). When running \fBbroctl\fR for the first time, you must run the \fBbroctl\fR \fBdeploy\fR command before running any other commands in order to apply the configuration settings. You must also run \fBbroctl deploy\fR each time you change the configuration (including any Bro scripts) or upgrade Bro. .SH OPTIONS .TP \fBcapstats\fR [] [] Report interface statistics with capstats .TP \fBcheck\fR [] Check configuration before installing it .TP \fBcleanup\fR [\-\-all] [] Delete working dirs (flush state) on nodes .TP \fBconfig\fR Print broctl configuration .TP \fBcron\fR [\-\-no\-watch] Perform jobs intended to run from cron .TP \fBcron\fR enable|disable|? Enable/disable "cron" jobs .TP \fBdeploy\fR Check, install, and restart .TP \fBdf\fR [] Print nodes' current disk usage .TP \fBdiag\fR [] Output diagnostics for nodes .TP \fBexec\fR Execute shell command on all hosts .TP \fBexit\fR Exit from the interactive interface .TP \fBinstall\fR Update broctl installation/configuration .TP \fBnetstats\fR [] Print nodes' current packet counters .TP \fBnodes\fR Print node configuration .TP \fBpeerstatus\fR [] Print status of nodes' remote connections .TP \fBprint\fR [] Print values of script variable at nodes .TP \fBprocess\fR [] [\-\- ] Run Bro (with options and scripts) on trace .TP \fBrestart\fR [\-\-clean] [] Stop and then restart processing .TP \fBscripts\fR [\-c] [] List the Bro scripts the nodes will load .TP \fBstart\fR [] Start processing .TP \fBstatus\fR [] Summarize node status .TP \fBstop\fR [] Stop processing .TP \fBtop\fR [] Show Bro processes ala top .TP \fBupdate\fR [] Update configuration of nodes on the fly .PP Commands provided by plugins: .TP \fBps.bro\fR [] Show Bro processes on nodes' systems .SH AUTHOR .B broctl was written by The Bro Project . broctl-1.4-minimal/configure0000775002342100234210000001407612535575000016026 0ustar johannajohanna#!/bin/sh # Convenience wrapper for easily viewing/setting options that # the project's CMake scripts will recognize set -e command="$0 $*" # check for `cmake` command type cmake > /dev/null 2>&1 || { echo "\ This package requires CMake, please install it first, then you may use this configure script to access CMake equivalent functionality.\ " >&2; exit 1; } usage="\ Usage: $0 [OPTION]... [VAR=VALUE]... Build Directory: --builddir=DIR place build files in directory [build] Installation Directories: --prefix=PREFIX installation directory [/usr/local/bro] --scriptdir=PATH root installation directory for Bro scripts [PREFIX/share/bro] --conf-files-dir=DIR config files installation directory [PREFIX/etc] --localstatedir=PATH path to store log files and run-time data (within log/ and spool/ subdirs) [PREFIX] --spooldir=PATH path to store run-time data [PREFIX/spool] --logdir=PATH path to store log file [PREFIX/logs] --python-install-dir the desired installation directory for any auxiliary python modules (if present) [PREFIX/lib/broctl] Required Packages in Non-Standard Locations: --with-pcap=PATH path to libpcap install root --with-python=PATH path to Python interpreter --with-python-lib=PATH path to libpython --with-python-inc=PATH path to Python headers --with-swig=PATH path to SWIG executable Packaging Options (for developers): --binary-package toggle special logic for binary packaging --ignore-dirs=PATHS paths to ignore when creating source package (semicolon delimited and quoted when multiple) --pkg-name-prefix=NAME use the given name as the package prefix instead of the default CMake project name --osx-sysroot=PATH path to the OS X SDK to compile against --osx-min-version=VER minimum OS X version (the deployment target) Required Packages in Non-Standard Locations: --with-bro=PATH path to Bro install root " sourcedir="$( cd "$( dirname "$0" )" && pwd )" # Function to append a CMake cache entry definition to the # CMakeCacheEntries variable # $1 is the cache entry variable name # $2 is the cache entry variable type # $3 is the cache entry variable value append_cache_entry () { CMakeCacheEntries="$CMakeCacheEntries -D $1:$2=$3" } # set defaults builddir=build prefix=/usr/local/bro CMakeCacheEntries="" append_cache_entry CMAKE_INSTALL_PREFIX PATH $prefix append_cache_entry PY_MOD_INSTALL_DIR PATH $prefix/lib/broctl append_cache_entry BRO_SCRIPT_INSTALL_PATH STRING $prefix/share/bro append_cache_entry CPACK_SOURCE_IGNORE_FILES STRING # parse arguments while [ $# -ne 0 ]; do case "$1" in -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; *) optarg= ;; esac case "$1" in --help|-h) echo "${usage}" 1>&2 exit 1 ;; --builddir=*) builddir=$optarg ;; --prefix=*) prefix=$optarg append_cache_entry CMAKE_INSTALL_PREFIX PATH $optarg append_cache_entry PY_MOD_INSTALL_DIR PATH $optarg/lib/broctl ;; --scriptdir=*) append_cache_entry BRO_SCRIPT_INSTALL_PATH STRING $optarg user_set_scriptdir="true" ;; --conf-files-dir=*) append_cache_entry BRO_ETC_INSTALL_DIR PATH $optarg user_set_conffilesdir="true" ;; --localstatedir=*) append_cache_entry BRO_LOCAL_STATE_DIR PATH $optarg ;; --spooldir=*) append_cache_entry BRO_SPOOL_DIR PATH $optarg ;; --logdir=*) append_cache_entry BRO_LOG_DIR PATH $optarg ;; --with-bro=*) append_cache_entry BRO_ROOT_DIR PATH $optarg ;; --with-pcap=*) append_cache_entry PCAP_ROOT_DIR PATH $optarg ;; --with-python=*) append_cache_entry PYTHON_EXECUTABLE PATH $optarg ;; --with-python-lib=*) append_cache_entry PYTHON_LIBRARY PATH $optarg ;; --with-python-inc=*) append_cache_entry PYTHON_INCLUDE_DIR PATH $optarg append_cache_entry PYTHON_INCLUDE_PATH PATH $optarg ;; --with-swig=*) append_cache_entry SWIG_EXECUTABLE PATH $optarg ;; --binary-package) append_cache_entry BINARY_PACKAGING_MODE BOOL true ;; --ignore-dirs=*) append_cache_entry CPACK_SOURCE_IGNORE_FILES STRING $optarg ;; --pkg-name-prefix=*) append_cache_entry PACKAGE_NAME_PREFIX STRING $optarg ;; --osx-sysroot=*) append_cache_entry CMAKE_OSX_SYSROOT PATH $optarg ;; --osx-min-version=*) append_cache_entry CMAKE_OSX_DEPLOYMENT_TARGET STRING $optarg ;; *) echo "Invalid option '$1'. Try $0 --help to see available options." exit 1 ;; esac shift done if [ "$user_set_scriptdir" != "true" ]; then append_cache_entry BRO_SCRIPT_INSTALL_PATH STRING $prefix/share/bro fi if [ "$user_set_conffilesdir" != "true" ]; then append_cache_entry BRO_ETC_INSTALL_DIR PATH $prefix/etc fi if [ -d $builddir ]; then # If build directory exists, check if it has a CMake cache if [ -f $builddir/CMakeCache.txt ]; then # If the CMake cache exists, delete it so that this configuration # is not tainted by a previous one rm -f $builddir/CMakeCache.txt fi else # Create build directory mkdir -p $builddir fi echo "Build Directory : $builddir" echo "Source Directory: $sourcedir" cd $builddir cmake $CMakeCacheEntries $sourcedir echo "# This is the command used to configure this build" > config.status echo $command >> config.status chmod u+x config.status broctl-1.4-minimal/setup.py0000664002342100234210000000000012535575000015607 0ustar johannajohannabroctl-1.4-minimal/COPYING0000664002342100234210000000345712535575000015153 0ustar johannajohannaCopyright (c) 1995-2013, The Regents of the University of California through the Lawrence Berkeley National Laboratory and the International Computer Science Institute. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: (1) Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. (2) Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. (3) Neither the name of the University of California, Lawrence Berkeley National Laboratory, U.S. Dept. of Energy, International Computer Science Institute, nor the names of contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Note that some files in the distribution may carry their own copyright notices. broctl-1.4-minimal/util/0000775002342100234210000000000012535575000015064 5ustar johannajohannabroctl-1.4-minimal/util/make-plots.r0000664002342100234210000001315712535575000017332 0ustar johannajohanna# Text & pch scaling. scale.cex <- 1.4 scale.cex.lab <- 1.4 scale.cex.legend <- 1.0 # Parameters for nicer plotting sample <- 10 num <- 50 shift <- 0 plotLoad <- function(tag, host, key, style, factor=1) { file <- paste(tag, ".", host, ".dat", sep="") data <- read.table(file, header=TRUE) print(file) times <- data$time vals <- data[[key]] / factor l <- xy.coords(times, vals) l$x = l$x[seq(1, length(l$x), by=sample)] l$y = l$y[seq(1, length(l$y), by=sample)] p <- seq(1 + shift * length(l$x) / num, length(l$x), length=num) lines(l$x, l$y, col=style) points(l$x[p], l$y[p], col=style, pch=style) } plotSeries <- function(tag, hosts, type, factor=1) { style <- 1 labels <- c() for ( i in seq(1, length(hosts)) ) { plotLoad(tag, hosts[i], type, style, factor=factor) style <- style + 1 labels <- c(labels, hosts[i]) } lsize <- length(labels) cornerLegend(legend=labels, col=c(1:lsize), lty=1, pch=c(1:lsize), corner=2, cex=scale.cex.legend, ncol=5) dev.off() } plotScale <- function(file, tag, host, ymax, title, xlab, ylab) { postscript(file, paper="special", width=11, height=6.5) par(cex=1.3) file <- paste(tag, ".", host, ".dat", sep="") data <- read.table(file, header=TRUE) times <- data$time timeplot(c(min(times), max(times)), c(0, ymax), type="n", xlab=xlab, ylab=ylab, timezone=7, main=title) } ########## Stolen from Holger ####################### weekdays<-c("Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat") weekdaysLong<-c("Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday") time2str<-function(unixt, timezone=1) { t<-timestamp(unixt, timezone) s<-weekdays[t[1]+1] s<-paste(s, t[2], sep=" ") s<-paste(s, sprintf("%02g", t[3]), sep=":") s } timeticks <- function (start, end, tickdist=NULL, labeldist=NULL, offset=1, timezone=1) { if(identical(tickdist,NULL)) tickdist<-timetickdist(start, end) if(identical(labeldist, NULL)) labeldist<-tickdist pos<-start-1 res=list(ticks=c(), labels=c()) while(pos < end) { pos<-nexttick(pos, tickdist, offset) if(pos<=end) { res$ticks<-c(res$ticks, pos) if (identical((pos+offset*3600)%%labeldist,0)) res$labels<-c(res$labels, time2str(pos, timezone=offset)) else res$labels<-c(res$labels, " ") } } res } nexttick <- function (cur, dist, offset=1) { nextt <- cur curTZ = cur+offset*3600 if (identical(curTZ%%dist,0)) nextt <- cur+dist else nextt <- cur+(dist-(curTZ%%dist)) nextt } timetickdist <- function (start, end) { d <- end-start tickdist <- 3600*24 if (d<=3600*24*7) tickdist<-3600*12 if (d<=3600*24*3) tickdist<-3600*6 if (d<=3600*24) tickdist<-3600*2 if (d<=3600*12) tickdist<-3600 if (d<=3600) tickdist<-15*60 tickdist } cet <- function (unixt) { timestamp(unixt, 1) } timestamp<-function (unixt, offset) { unixt<-floor(unixt) secs<-unixt%%60 unixt<-unixt%/%60 mins<-unixt%%60 unixt<-(unixt%/%60) + offset hrs<-unixt%%24 unixt<-unixt%/%24 days<-(unixt-3)%%7 c(days,hrs,mins,secs) } timeaxis <- function(xrange, offset=1, labels=T, timezone=1) { t <- timeticks(xrange[1], xrange[2], offset=offset, timezone=timezone) if (labels) axis(1, at=t$ticks, labels=t$labels) else axis(1, at=t$ticks, labels=F) } timeplot <- function(x, y, offset=1, labels=T, timezone=1, ...) { plot(x, y, axes=F, ...) box() axis(2) timeaxis(range(x), offset, labels, timezone=timezone) } cornerLegend<-function(corner = 1, xoffs=0, yoffs=0, ...) { xalign = 0 yalign = 0 smoothf=c(1,1) if (corner == 1){ corner<-c(par()$usr[1], par()$usr[3]) xalign = 0 yalign = 0 }else if (corner == 2){ corner<-c(par()$usr[1], par()$usr[4]) xalign = 0 yalign = 1 smoothf=c(1,-1) }else if (corner == 3){ corner<-c(par()$usr[2], par()$usr[4]) xalign = 1 yalign = 1 smoothf= c(-1,-1) }else{ corner<-c(par()$usr[2], par()$usr[3]) xalign = 1 yalign = 0 smoothf = c(-1,1) } cat(corner, "\n") smooth<-c(0,0) if(par("xlog")){ corner[1]<-10^corner[1] smooth[1]<-0 }else{ smooth[1]<-(par("usr")[2]-par("usr")[1])/50 } if(par("ylog")){ corner[2]<-10^corner[2] smooth[2]<-(10^par("usr")[4]-10^par("usr")[3])/-50 }else{ smooth[2]<-(par("usr")[4]-par("usr")[3])/50 } smooth<-smooth*smoothf cat (smooth, "\n") legend(x=corner[1]+smooth[1]+xoffs, y=corner[2]+smooth[2]+yoffs, xjust=xalign, yjust=yalign, ...) } ########## End of Stolen from Holger ####################### # Interface statistics hosts <- read.table("interface.hosts.dat", header=TRUE, as.is=TRUE)$name plotScale("bandwith.eps", "interface", hosts[1], 500, "Bandwidth", "Time", "Mbps") plotSeries("interface", hosts, "mbps") # CPU Load Child Process hosts <- read.table("child.hosts.dat", header=TRUE, as.is=TRUE)$name plotScale("cpu-child.eps", "child", hosts[1], 120, "CPU Load - Child Process", "Time", "Load") plotSeries("child", hosts, "cpu") # CPU Load Parent Process hosts <- read.table("parent.hosts.dat", header=TRUE, as.is=TRUE)$name plotScale("cpu-parent.eps", "parent", hosts[1], 120, "CPU Load - Parent Process", "Time", "Load") plotSeries("parent", hosts, "cpu") # Memory Parent Process hosts <- read.table("parent.hosts.dat", header=TRUE, as.is=TRUE)$name plotScale("mem-parent.eps", "parent", hosts[1], 2, "Memory - Parent Process", "Time", "GBytes") plotSeries("parent", hosts, "vsize", factor=1024*1024*1024) # Memory Child Process hosts <- read.table("child.hosts.dat", header=TRUE, as.is=TRUE)$name plotScale("mem-child.eps", "child", hosts[1], 2, "Memory - Child Process", "Time", "GBytes") plotSeries("child", hosts, "vsize", factor=1024*1024*1024) broctl-1.4-minimal/util/reformat-stats0000775002342100234210000000456312535575000017775 0ustar johannajohanna#! /usr/bin/env python # # Turns spool/stats.log into a format more something suitable for R. # # reformat-stats # # Existing data in dst-dir will be deleted. from __future__ import print_function import sys import math import os def filterOutput(tag, host): os.system("cat %s/%s.dat | egrep '%s|^ *time' >%s/%s.%s.dat" % (Dest, tag, host, Dest, tag, host)) def makeOutput(file, tag): out = open("%s/%s.dat" % (Dest, tag), "w") hosts = {} data = {} keys = {} for line in open(file): f = line.split() if f[3] == "error": continue try: (time, host, t, key, val) = f except ValueError: try: (time, host, t, key) = f val = "-" except ValueError: print("cannot parse '%s'" % line, file=sys.stderr) continue if t != tag: continue hosts[host] = 1 time = math.floor(float(time)) val = val if not time in data: data[time] = {} interval = data[time] if not host in interval: interval[host] = {} vals = interval[host] vals[key] = val keys[key] = 1 intervals = data.keys() intervals.sort() keys = keys.keys() out.write("%10s %10s" % ("time", "node")) for k in keys: out.write(" %10s" % k) out.write("\n") for t in intervals: itv = data[t] idxs = itv.keys() idxs.sort() for idx in idxs: vals = itv[idx] out.write("%10.0f %10s" % (t, idx)) for k in keys: if k in vals: out.write(" %10s" % vals[k]) else: out.write(" %10s" % "-") out.write("\n") out.close() hosts = hosts.keys() hosts.sort() for host in hosts: filterOutput(tag, host) hostlist = open("%s/%s.hosts.dat" % (Dest, tag), "w") hostlist.write("name\n") for host in hosts: hostlist.write("%s\n" % host) if len(sys.argv) != 3: print("Usage: reformat-stats ") print("Existing data in will be deleted!") sys.exit(1) Dest = sys.argv[2] os.system("rm -rf %s" % Dest) os.mkdir(Dest) for tag in ["parent", "child", "interface"]: makeOutput(sys.argv[1], tag) broctl-1.4-minimal/util/extract-strictly-local-conns0000775002342100234210000000157112535575000022551 0ustar johannajohanna#! /usr/bin/env python from __future__ import print_function import sys import SubnetTree def readNetworks(file): nets = SubnetTree.SubnetTree() for line in open(file): line = line.strip() if not line or line.startswith("#"): continue fields = line.split() cidr = fields[0] descr = " ".join(fields[1:]) try: nets[cidr] = descr except KeyError: print("cannot parse network specification '%s'" % cidr, file=sys.stderr) return nets if len(sys.argv) != 2: print("usage: %s networks.cfg = 2.6.0") # If this CMake project is a sub-project of another, we will not # configure the generic packaging because CPack will fail in the case # that the parent project has already configured packaging if ("${PROJECT_SOURCE_DIR}" STREQUAL "${CMAKE_SOURCE_DIR}") include(ConfigurePackaging) ConfigurePackaging(${VERSION}) endif () ######################################################################## ## Build Summary if (SPOOL) set(spoolDir ${SPOOL}) else () set(spoolDir ${CMAKE_INSTALL_PREFIX}/spool) endif () if (LOGS) set(logDir ${LOGS}) else () set(logDir ${CMAKE_INSTALL_PREFIX}/logs) endif () message( "\n=================| Broctl Install Summary |===================" "\n" "\nInstall prefix: ${CMAKE_INSTALL_PREFIX}" "\nBro root: ${BRO_ROOT_DIR}" "\nScripts Dir: ${policydir}" "\nSpool Dir: ${spoolDir}" "\nLog Dir: ${logDir}" "\nConfig File Dir: ${BRO_ETC_INSTALL_DIR}" "\n" "\n================================================================\n" ) include(UserChangedWarning) broctl-1.4-minimal/scripts/0000775002342100234210000000000012535575000015576 5ustar johannajohannabroctl-1.4-minimal/scripts/broctl/0000775002342100234210000000000012535575000017063 5ustar johannajohannabroctl-1.4-minimal/scripts/broctl/main.bro0000664002342100234210000000203712535575000020515 0ustar johannajohanna# Load the script to support the "scripts" command. @load misc/loaded-scripts # All cluster nodes are inherently controllable with BroControl. # TODO: This kind of sucks right now though because it always causes the # communications framework to hold open a port which can cause # high CPU usage on lightly loaded links due to the core packet # extraction loop. @load frameworks/control/controllee ## All nodes allow remote control from loopback. This solves an occasional ## problem in some all-local installations. redef Communication::nodes += { # We're waiting for connections from this host for control. ["local-control"] = [$host=127.0.0.1, $class="control", $events=Control::controller_events], }; ## Reconfigure the reporter framework to stop printing to STDERR ## because STDERR is redirected and not normally visible when through ## BroControl. The logs will still be available through the normal ## reporter stream in the logging framework. redef Reporter::warnings_to_stderr = F; redef Reporter::errors_to_stderr = F; broctl-1.4-minimal/scripts/broctl/__load__.bro0000664002342100234210000000001512535575000021276 0ustar johannajohanna@load ./main broctl-1.4-minimal/scripts/broctl/standalone.bro0000664002342100234210000000061012535575000021714 0ustar johannajohanna##! Configuration for a standalone system used with BroControl. @load standalone-layout # Log rotation support. redef Log::default_rotation_interval = 1 hrs; redef Log::default_rotation_postprocessor_cmd = "archive-log"; # Record all packets into trace file. # This will only be happen if the -w flag is given on the command line. @load misc/trim-trace-file redef record_all_packets = T; broctl-1.4-minimal/scripts/broctl/check.bro0000664002342100234210000000117612535575000020651 0ustar johannajohanna##! This script contains tuning that's particular to running BroControl's ##! ``check`` and ``scripts`` commands and is only loaded at those times. redef Log::default_rotation_interval=0secs; # When checking the configuration, Bro needs to exit after fully initializing. event bro_init() &priority=-10 { terminate_communication(); } # We want the local loaded_scripts.log on worker and proxy configurations event bro_init() &priority=-10 { local f = Log::get_filter(LoadedScripts::LOG, "default"); f$log_local = T; Log::remove_filter(LoadedScripts::LOG, "default"); Log::add_filter(LoadedScripts::LOG, f); } broctl-1.4-minimal/scripts/broctl/process-trace.bro0000664002342100234210000000033412535575000022341 0ustar johannajohanna##! This script contains tuning that's particular to running BroControl's ##! ``process-trace`` command and is only loaded at that time. redef Log::default_rotation_interval=0secs; redef Log::enable_local_logging = T; broctl-1.4-minimal/scripts/broctl/auto.bro0000664002342100234210000000037012535575000020537 0ustar johannajohanna##! Loads scripts that are auto-generated by BroControl and may contain ##! options that override the settings of the distribution's node ##! configuration or even the user's local-.bro configuration. @load local-networks @load broctl-config broctl-1.4-minimal/cmake/0000775002342100234210000000000012535575001015170 5ustar johannajohannabroctl-1.4-minimal/cmake/FindGooglePerftools.cmake0000664002342100234210000000334312535575001022110 0ustar johannajohanna# - Try to find GooglePerftools headers and libraries # # Usage of this module as follows: # # find_package(GooglePerftools) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # GooglePerftools_ROOT_DIR Set this variable to the root installation of # GooglePerftools if the module has problems finding # the proper installation path. # # Variables defined by this module: # # GOOGLEPERFTOOLS_FOUND System has GooglePerftools libs/headers # TCMALLOC_FOUND System has GooglePerftools tcmalloc library # GooglePerftools_LIBRARIES The GooglePerftools libraries # GooglePerftools_LIBRARIES_DEBUG The GooglePerftools libraries for heap checking. # GooglePerftools_INCLUDE_DIR The location of GooglePerftools headers find_path(GooglePerftools_ROOT_DIR NAMES include/google/heap-profiler.h ) find_library(GooglePerftools_LIBRARIES_DEBUG NAMES tcmalloc_and_profiler HINTS ${GooglePerftools_ROOT_DIR}/lib ) find_library(GooglePerftools_LIBRARIES NAMES tcmalloc HINTS ${GooglePerftools_ROOT_DIR}/lib ) find_path(GooglePerftools_INCLUDE_DIR NAMES google/heap-profiler.h HINTS ${GooglePerftools_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(GooglePerftools DEFAULT_MSG GooglePerftools_LIBRARIES GooglePerftools_LIBRARIES_DEBUG GooglePerftools_INCLUDE_DIR ) find_package_handle_standard_args(tcmalloc DEFAULT_MSG GooglePerftools_LIBRARIES ) mark_as_advanced( GooglePerftools_ROOT_DIR GooglePerftools_LIBRARIES GooglePerftools_LIBRARIES_DEBUG GooglePerftools_INCLUDE_DIR ) broctl-1.4-minimal/cmake/MiscTests.cmake0000664002342100234210000000201012535575001020101 0ustar johannajohannainclude(CheckCXXSourceCompiles) include(CheckCSourceCompiles) # This autoconf variable is obsolete; it's portable to assume C89 and signal # handlers returning void set(RETSIGTYPE "void") set(RETSIGVAL "") check_c_source_compiles(" #include #include extern int socket(int, int, int); extern int connect(int, const struct sockaddr *, int); extern int send(int, const void *, int, int); extern int recvfrom(int, void *, int, int, struct sockaddr *, int *); int main() { return 0; } " DO_SOCK_DECL) if (DO_SOCK_DECL) message(STATUS "socket() and friends need explicit declaration") endif () check_cxx_source_compiles(" #include #include extern \"C\" { int openlog(const char* ident, int logopt, int facility); int syslog(int priority, const char* message_fmt, ...); int closelog(); } int main() { return 0; } " SYSLOG_INT) if (SYSLOG_INT) message(STATUS "syslog prototypes need declaration") endif () broctl-1.4-minimal/cmake/ChangeMacInstallNames.cmake0000664002342100234210000000660212535575001022317 0ustar johannajohanna# Calling this macro with the name of a list variable will modify that # list such that any third party libraries that do not come with a # vanilla Mac OS X system will be replaced by an adjusted library that # has an install_name relative to the location of any executable that # links to it. # # Also, it will schedule the modified libraries for installation in a # 'support_libs' subdirectory of the CMAKE_INSTALL_PREFIX. # # The case of third party libraries depending on other third party # libraries is currently not handled by this macro. # # Ex. # # set(libs /usr/lib/libz.dylib # /usr/lib/libssl.dylib # /usr/local/lib/libmagic.dylib # /usr/local/lib/libGeoIP.dylib # /usr/local/lib/somestaticlib.a) # # include(ChangeMacInstallNames) # ChangeMacInstallNames(libs) # # Should result in ${libs} containing: # /usr/lib/libz.dylib # /usr/lib/libssl.dylib # ${CMAKE_BINARY_DIR}/darwin_support_libs/libmagic.dylib # ${CMAKE_BINARY_DIR}/darwin_support_libs/libGeoIP.dylib # /usr/local/lib/somestaticlib.a # # such that we can now do: # # add_executable(some_exe ${srcs}) # target_link_libraries(some_exe ${libs}) # # Any binary packages created from such a build should be self-contained # and provide working installs on vanilla OS X systems. macro(ChangeMacInstallNames libListVar) if (APPLE) find_program(INSTALL_NAME_TOOL install_name_tool) set(MAC_INSTALL_NAME_DEPS) set(SUPPORT_BIN_DIR ${CMAKE_BINARY_DIR}/darwin_support_libs) set(SUPPORT_INSTALL_DIR support_libs) file(MAKE_DIRECTORY ${SUPPORT_BIN_DIR}) foreach (_lib ${${libListVar}}) # only care about install_name for shared libraries that are # not shipped in Apple's vanilla OS X installs string(REGEX MATCH ^/usr/lib/* apple_provided_lib ${_lib}) string(REGEX MATCH dylib$ is_shared_lib ${_lib}) if (NOT apple_provided_lib AND is_shared_lib) get_filename_component(_libname ${_lib} NAME) set(_adjustedLib ${SUPPORT_BIN_DIR}/${_libname}) set(_tmpLib ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/${_libname}) # make a tempory copy so we can adjust permissions configure_file(${_lib} ${_tmpLib} COPYONLY) # copy to build directory with correct write permissions file(COPY ${_tmpLib} DESTINATION ${SUPPORT_BIN_DIR} FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) # remove the old library from the list provided as macro # argument and add the new library with modified install_name list(REMOVE_ITEM ${libListVar} ${_lib}) list(APPEND ${libListVar} ${_adjustedLib}) # update the install target to install the third party libs # with modified install_name install(FILES ${_adjustedLib} DESTINATION ${SUPPORT_INSTALL_DIR}) # perform the install_name change execute_process(COMMAND install_name_tool -id @executable_path/../${SUPPORT_INSTALL_DIR}/${_libname} ${_adjustedLib}) endif () endforeach () endif () endmacro() broctl-1.4-minimal/cmake/InstallShellScript.cmake0000664002342100234210000000465212535575001021764 0ustar johannajohanna# Schedules a file to be installed by the 'install' target, but first # transformed by configure_file(... @ONLY) as well as by changing the # shell script's hashbang (#!) line to use the absolute path to the # interpreter in the path of the user running ./configure (or CMake equiv.). # # Hashbangs are not transformed when in binary packaging mode because, # if NMI systems are to be used in creating binary packages, that could # result in picking up a python interpreter in a non-standard location for # a given distro. (NMI tends to install non-essential prerequisite packages # in atypical locations). # # _dstdir: absolute path to the directory in which to install the transformed # source file # _srcfile: path relevant to CMAKE_CURRENT_SOURCE_DIR pointing to the shell # script to install # [_dstfilename]: an optional argument for how to (re)name the file as # it's installed inside _dstdir macro(InstallShellScript _dstdir _srcfile) if (NOT "${ARGN}" STREQUAL "") set(_dstfilename ${ARGN}) else () get_filename_component(_dstfilename ${_srcfile} NAME) endif () set(orig_file ${CMAKE_CURRENT_SOURCE_DIR}/${_srcfile}) set(configed_file ${CMAKE_CURRENT_BINARY_DIR}/${_srcfile}) set(dehashbanged_file ${CMAKE_CURRENT_BINARY_DIR}/${_srcfile}.dehashbanged) configure_file(${orig_file} ${configed_file} @ONLY) file(READ ${configed_file} _srclines) file(WRITE ${dehashbanged_file} "") if (NOT BINARY_PACKAGING_MODE) set(_regex "^#![ ]*/usr/bin/env[ ]+([^\n ]*)") string(REGEX MATCH ${_regex} _match ${_srclines}) if (_match) set(_shell ${CMAKE_MATCH_1}) if (${_shell} STREQUAL "python" AND PYTHON_EXECUTABLE) set(${_shell}_interp ${PYTHON_EXECUTABLE}) else () find_program(${_shell}_interp ${_shell}) endif () if (NOT ${_shell}_interp) message(FATAL_ERROR "Absolute path to interpreter '${_shell}' not found, " "failed to configure shell script: ${orig_file}") endif () string(REGEX REPLACE ${_regex} "#!${${_shell}_interp}" _srclines "${_srclines}") endif () endif () file(WRITE ${dehashbanged_file} "${_srclines}") install(PROGRAMS ${dehashbanged_file} DESTINATION ${_dstdir} RENAME ${_dstfilename}) endmacro(InstallShellScript) broctl-1.4-minimal/cmake/package_preinstall.sh.in0000775002342100234210000000167212535575001021772 0ustar johannajohanna#!/bin/sh # This script is meant to be used by binary packages pre-installation. # Variables between @ symbols are replaced by CMake at configure time. configFiles="@INSTALLED_CONFIG_FILES@" backupNamesFile=/tmp/bro_install_backups # Checks if a config file exists in a default location and makes a backup # so that a modified version is not clobbered backupFile () { origFile="$1" if [ -e ${origFile} ]; then # choose a file suffix that doesn't already exist ver=1 while [ -e ${origFile}.${ver} ]; do ver=$(( ver + 1 )) done backupFile=${origFile}.${ver} cp -p ${origFile} ${backupFile} # the post upgrade script will check whether the installed # config file actually differs from existing version # and delete unnecessary backups echo "${backupFile}" >> ${backupNamesFile} fi } for file in ${configFiles}; do backupFile "${file}" done broctl-1.4-minimal/cmake/CheckTypes.cmake0000664002342100234210000000223012535575001020231 0ustar johannajohannainclude(CheckTypeSize) check_type_size("long int" SIZEOF_LONG_INT) check_type_size("long long" SIZEOF_LONG_LONG) check_type_size("void *" SIZEOF_VOID_P) # checks existence of ${_type}, and if it does not, sets CMake variable ${_var} # to alternative type, ${_alt_type} macro(CheckType _type _alt_type _var) # don't perform check if we have a result from a previous CMake run if (NOT HAVE_${_var}) check_type_size(${_type} ${_var}) if (NOT ${_var}) set(${_var} ${_alt_type}) else () unset(${_var}) unset(${_var} CACHE) endif () endif () endmacro(CheckType _type _alt_type _var) set(CMAKE_EXTRA_INCLUDE_FILES sys/types.h) CheckType(int32_t int int32_t) CheckType(u_int32_t u_int u_int32_t) CheckType(u_int16_t u_short u_int16_t) CheckType(u_int8_t u_char u_int8_t) set(CMAKE_EXTRA_INCLUDE_FILES) set(CMAKE_EXTRA_INCLUDE_FILES sys/socket.h) CheckType(socklen_t int socklen_t) set(CMAKE_EXTRA_INCLUDE_FILES) set(CMAKE_EXTRA_INCLUDE_FILES netinet/in.h netinet/ip6.h) check_type_size("struct ip6_opt" IP6_OPT) check_type_size("struct ip6_ext" IP6_EXT) set(CMAKE_EXTRA_INCLUDE_FILES) broctl-1.4-minimal/cmake/PCAPTests.cmake0000664002342100234210000000353712535575001017750 0ustar johannajohannainclude(CheckFunctionExists) include(CheckSymbolExists) include(CheckCSourceCompiles) include(CheckIncludeFiles) set(CMAKE_REQUIRED_INCLUDES ${PCAP_INCLUDE_DIR}) set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY}) check_include_files(pcap-int.h HAVE_PCAP_INT_H) check_function_exists(pcap_freecode HAVE_LIBPCAP_PCAP_FREECODE) if (NOT HAVE_LIBPCAP_PCAP_FREECODE) set(DONT_HAVE_LIBPCAP_PCAP_FREECODE true) message(STATUS "No implementation for pcap_freecode()") endif () check_c_source_compiles(" #include int main () { int snaplen; int linktype; struct bpf_program fp; int optimize; bpf_u_int32 netmask; char str[10]; char error[1024]; snaplen = 50; linktype = DLT_EN10MB; optimize = 1; netmask = 0L; str[0] = 'i'; str[1] = 'p'; str[2] = '\\\\0'; (void)pcap_compile_nopcap( snaplen, linktype, &fp, str, optimize, netmask, &error); return 0; } " LIBPCAP_PCAP_COMPILE_NOPCAP_HAS_ERROR_PARAMETER) if (NOT LIBPCAP_PCAP_COMPILE_NOPCAP_HAS_ERROR_PARAMETER) # double check check_c_source_compiles(" #include int main () { int snaplen; int linktype; struct bpf_program fp; int optimize; bpf_u_int32 netmask; char str[10]; snaplen = 50; linktype = DLT_EN10MB; optimize = 1; netmask = 0L; str[0] = 'i'; str[1] = 'p'; str[2] = '\\\\0'; (void)pcap_compile_nopcap(snaplen, linktype, &fp, str, optimize, netmask); return 0; } " LIBPCAP_PCAP_COMPILE_NOPCAP_NO_ERROR_PARAMETER) if (NOT LIBPCAP_PCAP_COMPILE_NOPCAP_NO_ERROR_PARAMETER) message(FATAL_ERROR "Can't determine if pcap_compile_nopcap takes an error parameter") endif () endif () check_symbol_exists(DLT_PPP_SERIAL pcap.h HAVE_DLT_PPP_SERIAL) if (NOT HAVE_DLT_PPP_SERIAL) set(DLT_PPP_SERIAL 50) endif () set(CMAKE_REQUIRED_INCLUDES) set(CMAKE_REQUIRED_LIBRARIES) broctl-1.4-minimal/cmake/FindFLEX.cmake0000664002342100234210000001633012535575001017534 0ustar johannajohanna# - Find flex executable and provides a macro to generate custom build rules # # The module defines the following variables: # FLEX_FOUND - true is flex executable is found # FLEX_EXECUTABLE - the path to the flex executable # FLEX_VERSION - the version of flex # FLEX_LIBRARIES - The flex libraries # # The minimum required version of flex can be specified using the # standard syntax, e.g. FIND_PACKAGE(FLEX 2.5.13) # # # If flex is found on the system, the module provides the macro: # FLEX_TARGET(Name FlexInput FlexOutput [COMPILE_FLAGS ]) # which creates a custom command to generate the file from # the file. If COMPILE_FLAGS option is specified, the next # parameter is added to the flex command line. Name is an alias used to # get details of this custom command. Indeed the macro defines the # following variables: # FLEX_${Name}_DEFINED - true is the macro ran successfully # FLEX_${Name}_OUTPUTS - the source file generated by the custom rule, an # alias for FlexOutput # FLEX_${Name}_INPUT - the flex source file, an alias for ${FlexInput} # # Flex scanners oftenly use tokens defined by Bison: the code generated # by Flex depends of the header generated by Bison. This module also # defines a macro: # ADD_FLEX_BISON_DEPENDENCY(FlexTarget BisonTarget) # which adds the required dependency between a scanner and a parser # where and are the first parameters of # respectively FLEX_TARGET and BISON_TARGET macros. # # ==================================================================== # Example: # # find_package(BISON) # find_package(FLEX) # # BISON_TARGET(MyParser parser.y ${CMAKE_CURRENT_BINARY_DIR}/parser.cpp) # FLEX_TARGET(MyScanner lexer.l ${CMAKE_CURRENT_BIANRY_DIR}/lexer.cpp) # ADD_FLEX_BISON_DEPENDENCY(MyScanner MyParser) # # include_directories(${CMAKE_CURRENT_BINARY_DIR}) # add_executable(Foo # Foo.cc # ${BISON_MyParser_OUTPUTS} # ${FLEX_MyScanner_OUTPUTS} # ) # ==================================================================== #============================================================================= # Copyright 2009 Kitware, Inc. # Copyright 2006 Tristan Carel # Modified 2010 by Jon Siwek, backporting for CMake 2.6 compat # # Distributed under the OSI-approved BSD License (the "License"): # CMake - Cross Platform Makefile Generator # Copyright 2000-2009 Kitware, Inc., Insight Software Consortium # All rights reserved. # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # * Neither the names of Kitware, Inc., the Insight Software Consortium, # nor the names of their contributors may be used to endorse or promote # products derived from this software without specific prior written # permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # # This software is distributed WITHOUT ANY WARRANTY; without even the # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # See the License for more information. #============================================================================= FIND_PROGRAM(FLEX_EXECUTABLE flex DOC "path to the flex executable") MARK_AS_ADVANCED(FLEX_EXECUTABLE) FIND_LIBRARY(FL_LIBRARY NAMES fl DOC "path to the fl library") MARK_AS_ADVANCED(FL_LIBRARY) SET(FLEX_LIBRARIES ${FL_LIBRARY}) IF(FLEX_EXECUTABLE) EXECUTE_PROCESS(COMMAND ${FLEX_EXECUTABLE} --version OUTPUT_VARIABLE FLEX_version_output ERROR_VARIABLE FLEX_version_error RESULT_VARIABLE FLEX_version_result OUTPUT_STRIP_TRAILING_WHITESPACE) IF(NOT ${FLEX_version_result} EQUAL 0) IF(FLEX_FIND_REQUIRED) MESSAGE(SEND_ERROR "Command \"${FLEX_EXECUTABLE} --version\" failed with output:\n${FLEX_version_output}\n${FLEX_version_error}") ELSE() MESSAGE("Command \"${FLEX_EXECUTABLE} --version\" failed with output:\n${FLEX_version_output}\n${FLEX_version_error}\nFLEX_VERSION will not be available") ENDIF() ELSE() STRING(REGEX REPLACE "^flex (.*)$" "\\1" FLEX_VERSION "${FLEX_version_output}") ENDIF() #============================================================ # FLEX_TARGET (public macro) #============================================================ # MACRO(FLEX_TARGET Name Input Output) SET(FLEX_TARGET_usage "FLEX_TARGET( [COMPILE_FLAGS ]") IF(${ARGC} GREATER 3) IF(${ARGC} EQUAL 5) IF("${ARGV3}" STREQUAL "COMPILE_FLAGS") SET(FLEX_EXECUTABLE_opts "${ARGV4}") SEPARATE_ARGUMENTS(FLEX_EXECUTABLE_opts) ELSE() MESSAGE(SEND_ERROR ${FLEX_TARGET_usage}) ENDIF() ELSE() MESSAGE(SEND_ERROR ${FLEX_TARGET_usage}) ENDIF() ENDIF() ADD_CUSTOM_COMMAND(OUTPUT ${Output} COMMAND ${FLEX_EXECUTABLE} ARGS ${FLEX_EXECUTABLE_opts} -o${Output} ${Input} DEPENDS ${Input} COMMENT "[FLEX][${Name}] Building scanner with flex ${FLEX_VERSION}" WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) SET(FLEX_${Name}_DEFINED TRUE) SET(FLEX_${Name}_OUTPUTS ${Output}) SET(FLEX_${Name}_INPUT ${Input}) SET(FLEX_${Name}_COMPILE_FLAGS ${FLEX_EXECUTABLE_opts}) ENDMACRO(FLEX_TARGET) #============================================================ #============================================================ # ADD_FLEX_BISON_DEPENDENCY (public macro) #============================================================ # MACRO(ADD_FLEX_BISON_DEPENDENCY FlexTarget BisonTarget) IF(NOT FLEX_${FlexTarget}_OUTPUTS) MESSAGE(SEND_ERROR "Flex target `${FlexTarget}' does not exists.") ENDIF() IF(NOT BISON_${BisonTarget}_OUTPUT_HEADER) MESSAGE(SEND_ERROR "Bison target `${BisonTarget}' does not exists.") ENDIF() SET_SOURCE_FILES_PROPERTIES(${FLEX_${FlexTarget}_OUTPUTS} PROPERTIES OBJECT_DEPENDS ${BISON_${BisonTarget}_OUTPUT_HEADER}) ENDMACRO(ADD_FLEX_BISON_DEPENDENCY) #============================================================ ENDIF(FLEX_EXECUTABLE) INCLUDE(FindPackageHandleStandardArgs) FIND_PACKAGE_HANDLE_STANDARD_ARGS(FLEX FLEX_EXECUTABLE FLEX_VERSION) # FindFLEX.cmake ends here broctl-1.4-minimal/cmake/OSSpecific.cmake0000664002342100234210000000344112535575001020163 0ustar johannajohannaif (${CMAKE_SYSTEM_NAME} MATCHES "FreeBSD") set(bro_LINKER_FLAGS "${bro_LINKER_FLAGS} -rdynamic") elseif (${CMAKE_SYSTEM_NAME} MATCHES "OpenBSD") elseif (${CMAKE_SYSTEM_NAME} MATCHES "Darwin") elseif (${CMAKE_SYSTEM_NAME} MATCHES "Linux") set(HAVE_LINUX true) elseif (${CMAKE_SYSTEM_NAME} MATCHES "Solaris") set(SOCKET_LIBS nsl socket) elseif (${CMAKE_SYSTEM_NAME} MATCHES "osf") # Workaround ip_hl vs. ip_vhl problem in netinet/ip.h add_definitions(-D__STDC__=2) elseif (${CMAKE_SYSTEM_NAME} MATCHES "irix") list(APPEND CMAKE_C_FLAGS -xansi -signed -g3) list(APPEND CMAKE_CXX_FLAGS -xansi -signed -g3) elseif (${CMAKE_SYSTEM_NAME} MATCHES "ultrix") list(APPEND CMAKE_C_FLAGS -std1 -g3) list(APPEND CMAKE_CXX_FLAGS -std1 -g3) include(CheckCSourceCompiles) check_c_source_compiles(" #include int main() { void c(const struct a *); return 0; } " have_ultrix_const) if (NOT have_ultrix_const) set(NEED_ULTRIX_CONST_HACK true) endif () elseif (${CMAKE_SYSTEM_NAME} MATCHES "hpux" OR ${CMAKE_SYSTEM_NAME} MATCHES "HP-UX") include(CheckCSourceCompiles) set(CMAKE_REQUIRED_FLAGS -Aa) set(CMAKE_REQUIRED_DEFINITIONS -D_HPUX_SOURCE) check_c_source_compiles(" #include int main() { int frob(int, char *); return 0; } " have_ansi_prototypes) set(CMAKE_REQUIRED_FLAGS) set(CMAKE_REQUIRED_DEFINITIONS) if (have_ansi_prototypes) add_definitions(-D_HPUX_SOURCE) list(APPEND CMAKE_C_FLAGS -Aa) list(APPEND CMAKE_CXX_FLAGS -Aa) endif () if (NOT have_ansi_prototypes) message(FATAL_ERROR "Can't get HPUX compiler to handle ANSI prototypes") endif () endif () broctl-1.4-minimal/cmake/FindBinPAC.cmake0000664002342100234210000000244012535575001020027 0ustar johannajohanna# - Try to find BinPAC binary and library # # Usage of this module as follows: # # find_package(BinPAC) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # BinPAC_ROOT_DIR Set this variable to the root installation of # BinPAC if the module has problems finding the # proper installation path. # # Variables defined by this module: # # BINPAC_FOUND System has BinPAC binary and library # BinPAC_EXE The binpac executable # BinPAC_LIBRARY The libbinpac.a library # BinPAC_INCLUDE_DIR The binpac headers # look for BinPAC in standard locations or user-provided root find_path(BinPAC_ROOT_DIR NAMES include/binpac.h ) find_file(BinPAC_EXE NAMES binpac HINTS ${BinPAC_ROOT_DIR}/bin ) find_library(BinPAC_LIBRARY NAMES libbinpac.a HINTS ${BinPAC_ROOT_DIR}/lib ) find_path(BinPAC_INCLUDE_DIR NAMES binpac.h HINTS ${BinPAC_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(BinPAC DEFAULT_MSG BinPAC_EXE BinPAC_LIBRARY BinPAC_INCLUDE_DIR ) mark_as_advanced( BinPAC_ROOT_DIR BinPAC_EXE BinPAC_LIBRARY BinPAC_INCLUDE_DIR ) broctl-1.4-minimal/cmake/BroPluginDynamic.cmake0000664002342100234210000002317112535575001021404 0ustar johannajohanna## A set of functions for defining Bro plugins. ## ## This set is for plugins compiled dynamically for loading at run-time. ## See BroPluginsStatic.cmake for the static version. ## ## Note: This is meant to run as a standalone CMakeLists.txt. It sets ## up all the basic infrastructure to compile a dynamic Bro plugin when ## included from its top-level CMake file. if ( NOT BRO_PLUGIN_INTERNAL_BUILD ) include(${BRO_DIST}/cmake/CommonCMakeConfig.cmake) if ( NOT BRO_DIST ) message(FATAL_ERROR "BRO_DIST not set") endif () if ( NOT EXISTS "${BRO_DIST}/build/CMakeCache.txt" ) message(FATAL_ERROR "${BRO_DIST}/build/CMakeCache.txt; has Bro been built?") endif () load_cache("${BRO_DIST}/build" READ_WITH_PREFIX bro_cache_ CMAKE_INSTALL_PREFIX Bro_BINARY_DIR Bro_SOURCE_DIR ENABLE_DEBUG BRO_PLUGIN_INSTALL_PATH BRO_EXE_PATH CMAKE_CXX_FLAGS CMAKE_C_FLAGS) if ( NOT BRO_PLUGIN_BASE ) set(BRO_PLUGIN_BASE "${CMAKE_CURRENT_SOURCE_DIR}" CACHE INTERNAL "" FORCE) endif () set(BRO_PLUGIN_SCRIPTS "${CMAKE_CURRENT_BINARY_DIR}/scripts" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_SCRIPTS_SRC "${BRO_PLUGIN_BASE}/scripts" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BUILD "${CMAKE_CURRENT_BINARY_DIR}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_LIB "${BRO_PLUGIN_BUILD}/lib" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BIF "${BRO_PLUGIN_LIB}/bif" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_MAGIC "${BRO_PLUGIN_BUILD}/__bro_plugin__" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_README "${BRO_PLUGIN_BASE}/README" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH "${BRO_PLUGIN_INSTALL_ROOT}" CACHE INTERNAL "" FORCE) if ( NOT BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH ) set(BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH "${bro_cache_BRO_PLUGIN_INSTALL_PATH}" CACHE INTERNAL "" FORCE) endif () set(BRO_PLUGIN_BRO_INSTALL_PREFIX "${bro_cache_CMAKE_INSTALL_PREFIX}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_SRC "${bro_cache_Bro_SOURCE_DIR}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_BUILD "${bro_cache_Bro_BINARY_DIR}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_EXE_PATH "${bro_cache_BRO_EXE_PATH}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_CXX_FLAGS "${bro_cache_CMAKE_CXX_FLAGS}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BRO_C_FLAGS "${bro_cache_CMAKE_C_FLAGS}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_ENABLE_DEBUG "${bro_cache_ENABLE_DEBUG}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_INTERNAL_BUILD false CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BUILD_DYNAMIC true CACHE INTERNAL "" FORCE) message(STATUS "Bro executable : ${BRO_PLUGIN_BRO_EXE_PATH}") message(STATUS "Bro source : ${BRO_PLUGIN_BRO_SRC}") message(STATUS "Bro build : ${BRO_PLUGIN_BRO_BUILD}") message(STATUS "Bro install prefix : ${BRO_PLUGIN_BRO_INSTALL_PREFIX}") message(STATUS "Bro plugin directory: ${BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH}") message(STATUS "Bro debug mode : ${BRO_PLUGIN_ENABLE_DEBUG}") set(CMAKE_MODULE_PATH ${BRO_PLUGIN_BASE}/cmake ${CMAKE_MODULE_PATH}) set(CMAKE_MODULE_PATH ${BRO_PLUGIN_BRO_SRC}/cmake ${CMAKE_MODULE_PATH}) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${BRO_PLUGIN_BRO_C_FLAGS}") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${BRO_PLUGIN_BRO_CXX_FLAGS}") if (${CMAKE_SYSTEM_NAME} MATCHES "Darwin") # By default Darwin's linker requires all symbols to be present at link time. set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -undefined dynamic_lookup -Wl,-bind_at_load") endif () include_directories(BEFORE ${BRO_PLUGIN_BRO_SRC}/src ${BRO_PLUGIN_BRO_SRC}/aux/binpac/lib ${BRO_PLUGIN_BRO_BUILD} ${BRO_PLUGIN_BRO_BUILD}/src ${BRO_PLUGIN_BRO_BUILD}/aux/binpac/lib ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_BINARY_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_SOURCE_DIR}/src ) set(ENV{PATH} "${BRO_PLUGIN_BRO_BUILD}/build/src:$ENV{PATH}") set(bro_PLUGIN_LIBS CACHE INTERNAL "plugin libraries" FORCE) set(bro_PLUGIN_BIF_SCRIPTS CACHE INTERNAL "Bro script stubs for BIFs in Bro plugins" FORCE) add_definitions(-DBRO_PLUGIN_INTERNAL_BUILD=false) add_custom_target(generate_outputs) if ( BRO_PLUGIN_ENABLE_DEBUG ) set(ENABLE_DEBUG true) set(CMAKE_BUILD_TYPE Debug) endif () include(SetDefaultCompileFlags) else () set(BRO_PLUGIN_BASE "${CMAKE_CURRENT_BINARY_DIR}" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_LIB "${CMAKE_CURRENT_BINARY_DIR}/lib" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_BIF "${BRO_PLUGIN_LIB}/bif" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_MAGIC "${BRO_PLUGIN_BASE}/__bro_plugin__" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_README "${BRO_PLUGIN_BASE}/README" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_SCRIPTS "${BRO_PLUGIN_BASE}/scripts" CACHE INTERNAL "" FORCE) set(BRO_PLUGIN_SCRIPTS_SRC "${CMAKE_CURRENT_SOURCE_DIR}/scripts" CACHE INTERNAL "" FORCE) endif () include(GetArchitecture) function(bro_plugin_bif_dynamic) foreach ( bif ${ARGV} ) bif_target(${bif} "plugin" ${_plugin_name} ${_plugin_name_canon} FALSE) list(APPEND _plugin_objs ${BIF_OUTPUT_CC}) list(APPEND _plugin_deps ${BIF_BUILD_TARGET}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) set(_plugin_deps "${_plugin_deps}" PARENT_SCOPE) endforeach () endfunction() function(bro_plugin_link_library_dynamic) foreach ( lib ${ARGV} ) set(_plugin_libs ${_plugin_libs} ${lib} CACHE INTERNAL "dynamic plugin libraries") endforeach () endfunction() function(bro_plugin_end_dynamic) # Create the dynamic library/bundle. add_library(${_plugin_lib} MODULE ${_plugin_objs}) set_target_properties(${_plugin_lib} PROPERTIES LIBRARY_OUTPUT_DIRECTORY "${BRO_PLUGIN_LIB}") set_target_properties(${_plugin_lib} PROPERTIES PREFIX "") # set_target_properties(${_plugin_lib} PROPERTIES ENABLE_EXPORTS TRUE) add_dependencies(${_plugin_lib} generate_outputs) if ( _plugin_deps ) add_dependencies(${_plugin_lib} ${_plugin_deps}) endif() target_link_libraries(${_plugin_lib} ${_plugin_libs}) # Copy bif/*.bro. string(REPLACE "${BRO_PLUGIN_BASE}/" "" msg "Creating ${BRO_PLUGIN_BIF} for ${_plugin_name}") add_custom_target(copy-bif-${_plugin_name_canon} COMMAND "${CMAKE_COMMAND}" -E copy_directory ${CMAKE_CURRENT_BINARY_DIR}/bif ${BRO_PLUGIN_BIF} COMMENT "${msg}") # Create bif/__init__.bro. bro_bif_create_loader(bif-init-${_plugin_name_canon} "${bro_PLUGIN_BIF_SCRIPTS}") # Copy scripts/ if it's not already at the right place inside the # plugin directory. (Actually, we create a symbolic link rather # than copy so that edits to the scripts show up immediately.) if ( NOT "${BRO_PLUGIN_SCRIPTS_SRC}" STREQUAL "${BRO_PLUGIN_SCRIPTS}" ) add_custom_target(copy-scripts-${_plugin_name_canon} # COMMAND "${CMAKE_COMMAND}" -E remove_directory ${BRO_PLUGIN_SCRIPTS} # COMMAND "${CMAKE_COMMAND}" -E copy_directory ${BRO_PLUGIN_SCRIPTS_SRC} ${BRO_PLUGIN_SCRIPTS}) COMMAND test -d ${BRO_PLUGIN_SCRIPTS_SRC} && rm -f ${BRO_PLUGIN_SCRIPTS} && ln -s ${BRO_PLUGIN_SCRIPTS_SRC} ${BRO_PLUGIN_SCRIPTS} || true) add_dependencies(${_plugin_lib} copy-scripts-${_plugin_name_canon}) endif() if ( _plugin_deps ) add_dependencies(bif-init-${_plugin_name_canon} ${_plugin_deps}) add_dependencies(copy-bif-${_plugin_name_canon} ${_plugin_deps}) add_dependencies(bif-init-${_plugin_name_canon} copy-bif-${_plugin_name_canon}) add_dependencies(${_plugin_lib} bif-init-${_plugin_name_canon} copy-bif-${_plugin_name_canon}) endif() # Create __bro_plugin__ # string(REPLACE "${BRO_PLUGIN_BASE}/" "" msg "Creating ${BRO_PLUGIN_MAGIC} for ${_plugin_name}") add_custom_target(bro-plugin-${_plugin_name_canon} COMMAND echo "${_plugin_name}" ">${BRO_PLUGIN_MAGIC}" COMMENT "${msg}") if ( _plugin_deps ) add_dependencies(bro-plugin-${_plugin_name_canon} ${_plugin_deps}) endif() add_dependencies(${_plugin_lib} bro-plugin-${_plugin_name_canon}) # Create binary install package. add_custom_command(TARGET ${_plugin_lib} POST_BUILD COMMAND ${BRO_PLUGIN_BRO_SRC}/cmake/bro-plugin-create-package.sh ${_plugin_name_canon} ${_plugin_dist} WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR} DEPENDS ${_plugin_lib} COMMENT "Building binary plugin package") set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${BRO_PLUGIN_BIF}) set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${BRO_PLUGIN_LIB}) set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${BRO_PLUGIN_MAGIC}) ### Plugin installation. set(plugin_install "${BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH}/${_plugin_name_canon}") INSTALL(CODE "execute_process( COMMAND ${BRO_PLUGIN_BRO_SRC}/cmake/bro-plugin-install-package.sh ${_plugin_name_canon} ${BRO_PLUGIN_BRO_PLUGIN_INSTALL_PATH} WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR} )") endfunction() macro(_plugin_target_name_dynamic target ns name) set(${target} "${ns}-${name}.${HOST_ARCHITECTURE}") endmacro() broctl-1.4-minimal/cmake/cmake_uninstall.cmake.in0000664002342100234210000000221112535575001021744 0ustar johannajohannafunction(uninstall_manifest manifestPath) file(READ "${manifestPath}" files) string(REGEX REPLACE "\n" ";" files "${files}") foreach (file ${files}) set(fileName $ENV{DESTDIR}${file}) if (EXISTS "${fileName}" OR IS_SYMLINK "${fileName}") message(STATUS "Uninstalling: ${fileName}") execute_process( COMMAND "@CMAKE_COMMAND@" -E remove "${fileName}" OUTPUT_VARIABLE rm_out RESULT_VARIABLE rm_retval ) if (NOT ${rm_retval} EQUAL 0) message(FATAL_ERROR "Problem when removing: ${fileName}") endif () else () message(STATUS "Does not exist: ${fileName}") endif () endforeach () endfunction(uninstall_manifest) file(GLOB install_manifests @CMAKE_CURRENT_BINARY_DIR@/install_manifest*.txt) if (install_manifests) foreach (manifest ${install_manifests}) uninstall_manifest(${manifest}) endforeach () else () message(FATAL_ERROR "Cannot find any install manifests in: " "\"@CMAKE_CURRENT_BINARY_DIR@/install_manifest*.txt\"") endif () broctl-1.4-minimal/cmake/BroPluginCommon.cmake0000664002342100234210000000555412535575001021255 0ustar johannajohanna## A set of functions for defining Bro plugins. ## ## This set is used by both static and dynamic plugins via ## BroPluginsStatic and BroPluginsDynamic, respectively. include(BifCl) include(BinPAC) # Begins a plugin definition, giving its namespace and name as the arguments. function(bro_plugin_begin ns name) _plugin_target_name(target "${ns}" "${name}") set(_plugin_lib "${target}" PARENT_SCOPE) set(_plugin_name "${ns}::${name}" PARENT_SCOPE) set(_plugin_name_canon "${ns}_${name}" PARENT_SCOPE) set(_plugin_ns "${ns}" PARENT_SCOPE) set(_plugin_objs "" PARENT_SCOPE) set(_plugin_deps "" PARENT_SCOPE) set(_plugin_dist "" PARENT_SCOPE) endfunction() # Adds *.cc files to a plugin. function(bro_plugin_cc) list(APPEND _plugin_objs ${ARGV}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) endfunction() # Adds a *.pac file to a plugin. Further *.pac files may given that # it depends on. function(bro_plugin_pac) binpac_target(${ARGV}) list(APPEND _plugin_objs ${BINPAC_OUTPUT_CC}) list(APPEND _plugin_deps ${BINPAC_BUILD_TARGET}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) set(_plugin_deps "${_plugin_deps}" PARENT_SCOPE) endfunction() # Add an additional object file to the plugin's library. function(bro_plugin_obj) foreach ( bif ${ARGV} ) list(APPEND _plugin_objs ${bif}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) endforeach () endfunction() # Add additional files that should be included into the binary plugin distribution. # Ignored for static plugins. macro(bro_plugin_dist_files) foreach ( file ${ARGV} ) list(APPEND _plugin_dist ${file}) # Don't need this here, and generates an error that # there is not parent scope. Not sure why it does that # here but not for other macros doing something similar. # set(_plugin_dist "${_plugin_dist}" PARENT_SCOPE) endforeach () endmacro() # Link an additional library to the plugin's library. function(bro_plugin_link_library) if ( BRO_PLUGIN_BUILD_DYNAMIC ) bro_plugin_link_library_dynamic(${ARGV}) else () bro_plugin_link_library_static(${ARGV}) endif () endfunction() # Adds *.bif files to a plugin. macro(bro_plugin_bif) if ( BRO_PLUGIN_BUILD_DYNAMIC ) bro_plugin_bif_dynamic(${ARGV}) else () bro_plugin_bif_static(${ARGV}) endif () endmacro() # Ends a plugin definition. macro(bro_plugin_end) if ( BRO_PLUGIN_BUILD_DYNAMIC ) bro_plugin_end_dynamic(${ARGV}) else () bro_plugin_end_static(${ARGV}) endif () endmacro() # Internal macro to create a unique target name for a plugin. macro(_plugin_target_name target ns name) if ( BRO_PLUGIN_BUILD_DYNAMIC ) _plugin_target_name_dynamic(${ARGV}) else () _plugin_target_name_static(${ARGV}) endif () endmacro() broctl-1.4-minimal/cmake/OpenSSLTests.cmake0000664002342100234210000000401112535575001020474 0ustar johannajohannainclude(CheckCSourceCompiles) include(CheckCXXSourceCompiles) set(CMAKE_REQUIRED_LIBRARIES ${OpenSSL_LIBRARIES}) set(CMAKE_REQUIRED_INCLUDES ${OpenSSL_INCLUDE_DIR}) check_c_source_compiles(" #include int main() { return 0; } " including_ssl_h_works) if (NOT including_ssl_h_works) # On Red Hat we may need to include Kerberos header. set(CMAKE_REQUIRED_INCLUDES ${OpenSSL_INCLUDE_DIR} /usr/kerberos/include) check_c_source_compiles(" #include #include int main() { return 0; } " NEED_KRB5_H) set(CMAKE_REQUIRED_INCLUDES ${OpenSSL_INCLUDE_DIR}) if (NOT NEED_KRB5_H) message(FATAL_ERROR "OpenSSL test failure. See CmakeError.log for details.") else () message(STATUS "OpenSSL requires Kerberos header") include_directories("/usr/kerberos/include") endif () endif () # check for OPENSSL_add_all_algorithms_conf function # and thus OpenSSL >= v0.9.7 check_c_source_compiles(" #include int main() { OPENSSL_add_all_algorithms_conf(); return 0; } " openssl_greater_than_0_9_7) if (NOT openssl_greater_than_0_9_7) message(FATAL_ERROR "OpenSSL >= v0.9.7 required") endif () check_cxx_source_compiles(" #include int main() { const unsigned char** cpp = 0; X509** x =0; d2i_X509(x, cpp, 0); return 0; } " OPENSSL_D2I_X509_USES_CONST_CHAR) if (NOT OPENSSL_D2I_X509_USES_CONST_CHAR) # double check that it compiles without const check_cxx_source_compiles(" #include int main() { unsigned char** cpp = 0; X509** x =0; d2i_X509(x, cpp, 0); return 0; } " OPENSSL_D2I_X509_USES_CHAR) if (NOT OPENSSL_D2I_X509_USES_CHAR) message(FATAL_ERROR "Can't determine if openssl_d2i_x509() takes const char parameter") endif () endif () set(CMAKE_REQUIRED_INCLUDES) set(CMAKE_REQUIRED_LIBRARIES) broctl-1.4-minimal/cmake/MAC_PACKAGE_INTRO0000664002342100234210000000124712535575001017605 0ustar johannajohannaThis package will install @CMAKE_PROJECT_NAME@ into the following location: @CMAKE_INSTALL_PREFIX@ You may choose to update your PATH environment variable: # For Bash export PATH=@CMAKE_INSTALL_PREFIX@/bin:$PATH # For CSH setenv PATH @CMAKE_INSTALL_PREFIX@/bin:$PATH If you have more than one volume, please choose the install destination as the one that contains the root filesystem. If you have existing configuration files that are modified or otherwise different from the version included in the package, this installer will attempt to prevent overwirting them, but its also advisable to make your own backups of important files before proceeding. broctl-1.4-minimal/cmake/README0000664002342100234210000000021112535575001016042 0ustar johannajohannaThis is a collection of CMake scripts intended to be included as a git submodule in other repositories related to Bro (www.bro-ids.org). broctl-1.4-minimal/cmake/FindCapstats.cmake0000664002342100234210000000062512535575001020560 0ustar johannajohanna# - Try to find capstats program # # Usage of this module as follows: # # find_package(Capstats) # # Variables defined by this module: # # CAPSTATS_FOUND capstats binary found # Capstats_EXE path to the capstats executable binary find_program(CAPSTATS_EXE capstats) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Capstats DEFAULT_MSG CAPSTATS_EXE) broctl-1.4-minimal/cmake/FindJeMalloc.cmake0000664002342100234210000000217412535575001020465 0ustar johannajohanna# - Try to find jemalloc headers and libraries. # # Usage of this module as follows: # # find_package(JeMalloc) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # JEMALLOC_ROOT_DIR Set this variable to the root installation of # jemalloc if the module has problems finding # the proper installation path. # # Variables defined by this module: # # JEMALLOC_FOUND System has jemalloc libs/headers # JEMALLOC_LIBRARIES The jemalloc library/libraries # JEMALLOC_INCLUDE_DIR The location of jemalloc headers find_path(JEMALLOC_ROOT_DIR NAMES include/jemalloc/jemalloc.h ) find_library(JEMALLOC_LIBRARIES NAMES jemalloc HINTS ${JEMALLOC_ROOT_DIR}/lib ) find_path(JEMALLOC_INCLUDE_DIR NAMES jemalloc/jemalloc.h HINTS ${JEMALLOC_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(JeMalloc DEFAULT_MSG JEMALLOC_LIBRARIES JEMALLOC_INCLUDE_DIR ) mark_as_advanced( JEMALLOC_ROOT_DIR JEMALLOC_LIBRARIES JEMALLOC_INCLUDE_DIR ) broctl-1.4-minimal/cmake/bro-plugin-install-package.sh0000775002342100234210000000075512535575001022651 0ustar johannajohanna#! /bin/sh # # Helper script to install the tarball with a plugin's binary distribution. # # Called from BroPluginDynamic.cmake. Current directory is the plugin # build directory. if [ $# != 2 ]; then echo "usage: `basename $0` " exit 1 fi dst=$2 if [ ! -d "${dst}" ]; then echo "Error: ${dst} does not exist; has Bro been installed?" exit 1 fi name=$1 tgz=`pwd`/$name.tgz ( cd ${dst} && rm -rf "${name}" && tar xzf ${tgz} ) broctl-1.4-minimal/cmake/CheckFunctions.cmake0000664002342100234210000000067512535575001021110 0ustar johannajohannainclude(CheckFunctionExists) check_function_exists(getopt_long HAVE_GETOPT_LONG) check_function_exists(mallinfo HAVE_MALLINFO) check_function_exists(strcasestr HAVE_STRCASESTR) check_function_exists(strerror HAVE_STRERROR) check_function_exists(strsep HAVE_STRSEP) check_function_exists(sigset HAVE_SIGSET) if (HAVE_SIGSET) set(SIG_FUNC sigset) else () set(SIG_FUNC signal) check_function_exists(sigaction HAVE_SIGACTION) endif () broctl-1.4-minimal/cmake/FindPCAP.cmake0000664002342100234210000000443612535575001017525 0ustar johannajohanna# - Try to find libpcap include dirs and libraries # # Usage of this module as follows: # # find_package(PCAP) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # PCAP_ROOT_DIR Set this variable to the root installation of # libpcap if the module has problems finding the # proper installation path. # # Variables defined by this module: # # PCAP_FOUND System has libpcap, include and library dirs found # PCAP_INCLUDE_DIR The libpcap include directories. # PCAP_LIBRARY The libpcap library (possibly includes a thread # library e.g. required by pf_ring's libpcap) # HAVE_PF_RING If a found version of libpcap supports PF_RING find_path(PCAP_ROOT_DIR NAMES include/pcap.h ) find_path(PCAP_INCLUDE_DIR NAMES pcap.h HINTS ${PCAP_ROOT_DIR}/include ) find_library(PCAP_LIBRARY NAMES pcap HINTS ${PCAP_ROOT_DIR}/lib ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(PCAP DEFAULT_MSG PCAP_LIBRARY PCAP_INCLUDE_DIR ) include(CheckCSourceCompiles) set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY}) check_c_source_compiles("int main() { return 0; }" PCAP_LINKS_SOLO) set(CMAKE_REQUIRED_LIBRARIES) # check if linking against libpcap also needs to link against a thread library if (NOT PCAP_LINKS_SOLO) find_package(Threads) if (THREADS_FOUND) set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY} ${CMAKE_THREAD_LIBS_INIT}) check_c_source_compiles("int main() { return 0; }" PCAP_NEEDS_THREADS) set(CMAKE_REQUIRED_LIBRARIES) endif () if (THREADS_FOUND AND PCAP_NEEDS_THREADS) set(_tmp ${PCAP_LIBRARY} ${CMAKE_THREAD_LIBS_INIT}) list(REMOVE_DUPLICATES _tmp) set(PCAP_LIBRARY ${_tmp} CACHE STRING "Libraries needed to link against libpcap" FORCE) else () message(FATAL_ERROR "Couldn't determine how to link against libpcap") endif () endif () include(CheckFunctionExists) set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY}) check_function_exists(pcap_get_pfring_id HAVE_PF_RING) set(CMAKE_REQUIRED_LIBRARIES) mark_as_advanced( PCAP_ROOT_DIR PCAP_INCLUDE_DIR PCAP_LIBRARY ) broctl-1.4-minimal/cmake/FindBISON.cmake0000664002342100234210000002221512535575001017647 0ustar johannajohanna# - Find bison executable and provides macros to generate custom build rules # The module defines the following variables: # # BISON_EXECUTABLE - path to the bison program # BISON_VERSION - version of bison # BISON_FOUND - true if the program was found # # If bison is found, the module defines the macros: # BISON_TARGET( [VERBOSE ] # [COMPILE_FLAGS ] [HEADER ]) # which will create a custom rule to generate a parser. is # the path to a yacc file. is the name of the source file # generated by bison. A header file containing the token list is also # generated according to bison's -d option by default or if the HEADER # option is used, the argument is passed to bison's --defines option to # specify output file. If COMPILE_FLAGS option is specified, the next # parameter is added in the bison command line. if VERBOSE option is # specified, is created and contains verbose descriptions of the # grammar and parser. The macro defines a set of variables: # BISON_${Name}_DEFINED - true is the macro ran successfully # BISON_${Name}_INPUT - The input source file, an alias for # BISON_${Name}_OUTPUT_SOURCE - The source file generated by bison # BISON_${Name}_OUTPUT_HEADER - The header file generated by bison # BISON_${Name}_OUTPUTS - The sources files generated by bison # BISON_${Name}_COMPILE_FLAGS - Options used in the bison command line # # ==================================================================== # Example: # # find_package(BISON) # BISON_TARGET(MyParser parser.y ${CMAKE_CURRENT_BINARY_DIR}/parser.cpp) # add_executable(Foo main.cpp ${BISON_MyParser_OUTPUTS}) # ==================================================================== #============================================================================= # Copyright 2009 Kitware, Inc. # Copyright 2006 Tristan Carel # Modified 2010 by Jon Siwek, adding HEADER option # # Distributed under the OSI-approved BSD License (the "License"): # CMake - Cross Platform Makefile Generator # Copyright 2000-2009 Kitware, Inc., Insight Software Consortium # All rights reserved. # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # * Neither the names of Kitware, Inc., the Insight Software Consortium, # nor the names of their contributors may be used to endorse or promote # products derived from this software without specific prior written # permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # # This software is distributed WITHOUT ANY WARRANTY; without even the # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # See the License for more information. #============================================================================= FIND_PROGRAM(BISON_EXECUTABLE bison DOC "path to the bison executable") MARK_AS_ADVANCED(BISON_EXECUTABLE) IF(BISON_EXECUTABLE) EXECUTE_PROCESS(COMMAND ${BISON_EXECUTABLE} --version OUTPUT_VARIABLE BISON_version_output ERROR_VARIABLE BISON_version_error RESULT_VARIABLE BISON_version_result OUTPUT_STRIP_TRAILING_WHITESPACE) IF(NOT ${BISON_version_result} EQUAL 0) MESSAGE(SEND_ERROR "Command \"${BISON_EXECUTABLE} --version\" failed with output:\n${BISON_version_error}") ELSE() STRING(REGEX REPLACE "^bison \\(GNU Bison\\) ([^\n]+)\n.*" "\\1" BISON_VERSION "${BISON_version_output}") ENDIF() # internal macro MACRO(BISON_TARGET_option_verbose Name BisonOutput filename) LIST(APPEND BISON_TARGET_cmdopt "--verbose") GET_FILENAME_COMPONENT(BISON_TARGET_output_path "${BisonOutput}" PATH) GET_FILENAME_COMPONENT(BISON_TARGET_output_name "${BisonOutput}" NAME_WE) ADD_CUSTOM_COMMAND(OUTPUT ${filename} COMMAND ${CMAKE_COMMAND} ARGS -E copy "${BISON_TARGET_output_path}/${BISON_TARGET_output_name}.output" "${filename}" DEPENDS "${BISON_TARGET_output_path}/${BISON_TARGET_output_name}.output" COMMENT "[BISON][${Name}] Copying bison verbose table to ${filename}" WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}) SET(BISON_${Name}_VERBOSE_FILE ${filename}) LIST(APPEND BISON_TARGET_extraoutputs "${BISON_TARGET_output_path}/${BISON_TARGET_output_name}.output") ENDMACRO(BISON_TARGET_option_verbose) # internal macro MACRO(BISON_TARGET_option_extraopts Options) SET(BISON_TARGET_extraopts "${Options}") SEPARATE_ARGUMENTS(BISON_TARGET_extraopts) LIST(APPEND BISON_TARGET_cmdopt ${BISON_TARGET_extraopts}) ENDMACRO(BISON_TARGET_option_extraopts) #============================================================ # BISON_TARGET (public macro) #============================================================ # MACRO(BISON_TARGET Name BisonInput BisonOutput) SET(BISON_TARGET_output_header "") #SET(BISON_TARGET_command_opt "") SET(BISON_TARGET_cmdopt "") SET(BISON_TARGET_outputs "${BisonOutput}") IF(NOT ${ARGC} EQUAL 3 AND NOT ${ARGC} EQUAL 5 AND NOT ${ARGC} EQUAL 7 AND NOT ${ARGC} EQUAL 9) MESSAGE(SEND_ERROR "Usage") ELSE() # Parsing parameters IF(${ARGC} GREATER 5 OR ${ARGC} EQUAL 5) IF("${ARGV3}" STREQUAL "VERBOSE") BISON_TARGET_option_verbose(${Name} ${BisonOutput} "${ARGV4}") ENDIF() IF("${ARGV3}" STREQUAL "COMPILE_FLAGS") BISON_TARGET_option_extraopts("${ARGV4}") ENDIF() IF("${ARGV3}" STREQUAL "HEADER") set(BISON_TARGET_output_header "${ARGV4}") ENDIF() ENDIF() IF(${ARGC} GREATER 7 OR ${ARGC} EQUAL 7) IF("${ARGV5}" STREQUAL "VERBOSE") BISON_TARGET_option_verbose(${Name} ${BisonOutput} "${ARGV6}") ENDIF() IF("${ARGV5}" STREQUAL "COMPILE_FLAGS") BISON_TARGET_option_extraopts("${ARGV6}") ENDIF() IF("${ARGV5}" STREQUAL "HEADER") set(BISON_TARGET_output_header "${ARGV6}") ENDIF() ENDIF() IF(${ARGC} EQUAL 9) IF("${ARGV7}" STREQUAL "VERBOSE") BISON_TARGET_option_verbose(${Name} ${BisonOutput} "${ARGV8}") ENDIF() IF("${ARGV7}" STREQUAL "COMPILE_FLAGS") BISON_TARGET_option_extraopts("${ARGV8}") ENDIF() IF("${ARGV7}" STREQUAL "HEADER") set(BISON_TARGET_output_header "${ARGV8}") ENDIF() ENDIF() IF(BISON_TARGET_output_header) # Header's name passed in as argument to be used in --defines option LIST(APPEND BISON_TARGET_cmdopt "--defines=${BISON_TARGET_output_header}") set(BISON_${Name}_OUTPUT_HEADER ${BISON_TARGET_output_header}) ELSE() # Header's name generated by bison (see option -d) LIST(APPEND BISON_TARGET_cmdopt "-d") STRING(REGEX REPLACE "^(.*)(\\.[^.]*)$" "\\2" _fileext "${ARGV2}") STRING(REPLACE "c" "h" _fileext ${_fileext}) STRING(REGEX REPLACE "^(.*)(\\.[^.]*)$" "\\1${_fileext}" BISON_${Name}_OUTPUT_HEADER "${ARGV2}") ENDIF() LIST(APPEND BISON_TARGET_outputs "${BISON_${Name}_OUTPUT_HEADER}") ADD_CUSTOM_COMMAND(OUTPUT ${BISON_TARGET_outputs} ${BISON_TARGET_extraoutputs} COMMAND ${BISON_EXECUTABLE} ARGS ${BISON_TARGET_cmdopt} -o ${ARGV2} ${ARGV1} DEPENDS ${ARGV1} COMMENT "[BISON][${Name}] Building parser with bison ${BISON_VERSION}" WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) # define target variables SET(BISON_${Name}_DEFINED TRUE) SET(BISON_${Name}_INPUT ${ARGV1}) SET(BISON_${Name}_OUTPUTS ${BISON_TARGET_outputs}) SET(BISON_${Name}_COMPILE_FLAGS ${BISON_TARGET_cmdopt}) SET(BISON_${Name}_OUTPUT_SOURCE "${BisonOutput}") ENDIF(NOT ${ARGC} EQUAL 3 AND NOT ${ARGC} EQUAL 5 AND NOT ${ARGC} EQUAL 7 AND NOT ${ARGC} EQUAL 9) ENDMACRO(BISON_TARGET) # #============================================================ ENDIF(BISON_EXECUTABLE) INCLUDE(FindPackageHandleStandardArgs) FIND_PACKAGE_HANDLE_STANDARD_ARGS(BISON DEFAULT_MSG BISON_EXECUTABLE) # FindBISON.cmake ends here broctl-1.4-minimal/cmake/FindPyBroccoli.cmake0000664002342100234210000000137512535575001021046 0ustar johannajohanna# - Determine if the Broccoli Python bindings are available # # Usage of this module as follows: # # find_package(PythonInterp REQUIRED) # find_package(PyBroccoli) # # Variables defined by this module: # # PYBROCCOLI_FOUND Python successfully imports broccoli bindings if (NOT PYBROCCOLI_FOUND) execute_process(COMMAND "${PYTHON_EXECUTABLE}" -c "import broccoli" RESULT_VARIABLE PYBROCCOLI_IMPORT_RESULT) if (PYBROCCOLI_IMPORT_RESULT) # python returned non-zero exit status set(BROCCOLI_PYTHON_MODULE false) else () set(BROCCOLI_PYTHON_MODULE true) endif () endif () include(FindPackageHandleStandardArgs) find_package_handle_standard_args(PyBroccoli DEFAULT_MSG BROCCOLI_PYTHON_MODULE) broctl-1.4-minimal/cmake/BroPlugin.cmake0000664002342100234210000000073312535575001020076 0ustar johannajohanna # Wrapper include file that loads the macros for building a Bro # plugin either statically or dynamically, depending on whether # we're building as part of the main Bro source tree, or externally. if ( BRO_PLUGIN_INTERNAL_BUILD ) if ( "${BRO_PLUGIN_BUILD_DYNAMIC}" STREQUAL "" ) set(BRO_PLUGIN_BUILD_DYNAMIC FALSE) endif() else () set(BRO_PLUGIN_BUILD_DYNAMIC TRUE) endif () include(BroPluginCommon) include(BroPluginStatic) include(BroPluginDynamic) broctl-1.4-minimal/cmake/FindLibGeoIP.cmake0000664002342100234210000000400412535575001020363 0ustar johannajohanna# - Try to find GeoIP headers and libraries # # Usage of this module as follows: # # find_package(LibGeoIP) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # LibGeoIP_ROOT_DIR Set this variable to the root installation of # libGeoIP if the module has problems finding the # proper installation path. # # Variables defined by this module: # # LIBGEOIP_FOUND System has GeoIP libraries and headers # LibGeoIP_LIBRARY The GeoIP library # LibGeoIP_INCLUDE_DIR The location of GeoIP headers # HAVE_GEOIP_COUNTRY_EDITION_V6 Whether the API support IPv6 country edition # HAVE_GEOIP_CITY_EDITION_REV0_V6 Whether the API supports IPv6 city edition find_path(LibGeoIP_ROOT_DIR NAMES include/GeoIPCity.h ) if (${CMAKE_SYSTEM_NAME} MATCHES "Darwin") # the static version of the library is preferred on OS X for the # purposes of making packages (libGeoIP doesn't ship w/ OS X) set(libgeoip_names libGeoIp.a GeoIP) else () set(libgeoip_names GeoIP) endif () find_library(LibGeoIP_LIBRARY NAMES ${libgeoip_names} HINTS ${LibGeoIP_ROOT_DIR}/lib ) find_path(LibGeoIP_INCLUDE_DIR NAMES GeoIPCity.h HINTS ${LibGeoIP_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(LibGeoIP DEFAULT_MSG LibGeoIP_LIBRARY LibGeoIP_INCLUDE_DIR ) if (LIBGEOIP_FOUND) include(CheckCXXSourceCompiles) set(CMAKE_REQUIRED_INCLUDES ${LibGeoIP_INCLUDE_DIR}) check_cxx_source_compiles(" #include int main() { GEOIP_COUNTRY_EDITION_V6; return 0; } " HAVE_GEOIP_COUNTRY_EDITION_V6) check_cxx_source_compiles(" #include int main() { GEOIP_CITY_EDITION_REV0_V6; return 0; } " HAVE_GEOIP_CITY_EDITION_REV0_V6) set(CMAKE_REQUIRED_INCLUDES) endif () mark_as_advanced( LibGeoIP_ROOT_DIR LibGeoIP_LIBRARY LibGeoIP_INCLUDE_DIR ) broctl-1.4-minimal/cmake/FindOpenSSL.cmake0000664002342100234210000000302712535575001020260 0ustar johannajohanna# - Try to find openssl include dirs and libraries # # Usage of this module as follows: # # find_package(OpenSSL) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # OpenSSL_ROOT_DIR Set this variable to the root installation of # openssl if the module has problems finding the # proper installation path. # # Variables defined by this module: # # OPENSSL_FOUND System has openssl, include and library dirs found # OpenSSL_INCLUDE_DIR The openssl include directories. # OpenSSL_LIBRARIES The openssl libraries. # OpenSSL_CYRPTO_LIBRARY The openssl crypto library. # OpenSSL_SSL_LIBRARY The openssl ssl library. find_path(OpenSSL_ROOT_DIR NAMES include/openssl/ssl.h ) find_path(OpenSSL_INCLUDE_DIR NAMES openssl/ssl.h HINTS ${OpenSSL_ROOT_DIR}/include ) find_library(OpenSSL_SSL_LIBRARY NAMES ssl ssleay32 ssleay32MD HINTS ${OpenSSL_ROOT_DIR}/lib ) find_library(OpenSSL_CRYPTO_LIBRARY NAMES crypto HINTS ${OpenSSL_ROOT_DIR}/lib ) set(OpenSSL_LIBRARIES ${OpenSSL_SSL_LIBRARY} ${OpenSSL_CRYPTO_LIBRARY} CACHE STRING "OpenSSL SSL and crypto libraries" FORCE) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(OpenSSL DEFAULT_MSG OpenSSL_LIBRARIES OpenSSL_INCLUDE_DIR ) mark_as_advanced( OpenSSL_ROOT_DIR OpenSSL_INCLUDE_DIR OpenSSL_LIBRARIES OpenSSL_CRYPTO_LIBRARY OpenSSL_SSL_LIBRARY ) broctl-1.4-minimal/cmake/BinPAC.cmake0000664002342100234210000000414612535575001017233 0ustar johannajohanna # A macro to define a command that uses the BinPac compiler to # produce C++ code that implements a protocol parser/analyzer. # The outputs are returned in BINPAC_OUTPUT_{CC,H}. # Additional dependencies are pulled from BINPAC_AUXSRC. # # The macro also creates a target that can be used to define depencencies on # the generated files. The name of the target includes a normalized path to # the input pac to make it unique. The target is added automatically to # bro_ALL_GENERATED_OUTPUTS. macro(BINPAC_TARGET pacFile) if ( BRO_PLUGIN_INTERNAL_BUILD ) set(binpacDep "${BinPAC_EXE}") else () set(BinPAC_EXE "${BRO_PLUGIN_BRO_BUILD}/aux/binpac/src/binpac") set(BinPAC_addl_args "-I;${BRO_PLUGIN_BRO_SRC}/src") endif () get_filename_component(basename ${pacFile} NAME_WE) add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${basename}_pac.h ${CMAKE_CURRENT_BINARY_DIR}/${basename}_pac.cc COMMAND ${BinPAC_EXE} ARGS -q -d ${CMAKE_CURRENT_BINARY_DIR} -I ${CMAKE_CURRENT_SOURCE_DIR} -I ${CMAKE_SOURCE_DIR}/src ${BinPAC_addl_args} ${CMAKE_CURRENT_SOURCE_DIR}/${pacFile} DEPENDS ${binpacDep} ${pacFile} ${BINPAC_AUXSRC} ${ARGN} COMMENT "[BINPAC] Processing ${pacFile}" ) set(BINPAC_OUTPUT_H ${CMAKE_CURRENT_BINARY_DIR}/${basename}_pac.h) set(BINPAC_OUTPUT_CC ${CMAKE_CURRENT_BINARY_DIR}/${basename}_pac.cc) set(pacOutputs ${BINPAC_OUTPUT_H} ${BINPAC_OUTPUT_CC}) set(target "pac-${CMAKE_CURRENT_BINARY_DIR}/${pacFile}") string(REGEX REPLACE "${CMAKE_BINARY_DIR}/src/" "" target "${target}") string(REGEX REPLACE "/" "-" target "${target}") add_custom_target(${target} DEPENDS ${pacOutputs}) set(BINPAC_BUILD_TARGET ${target}) set(bro_ALL_GENERATED_OUTPUTS ${bro_ALL_GENERATED_OUTPUTS} ${target} CACHE INTERNAL "automatically generated files" FORCE) # Propagate to top-level. endmacro(BINPAC_TARGET) broctl-1.4-minimal/cmake/AddUninstallTarget.cmake0000664002342100234210000000067412535575001021732 0ustar johannajohannaif (NOT TARGET uninstall) if ( EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/cmake/cmake_uninstall.cmake.in" ) configure_file("${CMAKE_CURRENT_SOURCE_DIR}/cmake/cmake_uninstall.cmake.in" "${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake" @ONLY) add_custom_target(uninstall COMMAND ${CMAKE_COMMAND} -P ${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake) endif () endif () broctl-1.4-minimal/cmake/FindBroccoli.cmake0000664002342100234210000000222512535575001020530 0ustar johannajohanna# - Try to find libbroccoli include dirs and libraries # # Usage of this module as follows: # # find_package(Broccoli) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # Broccoli_ROOT_DIR Set this variable to the root installation of # libbroccoli if the module has problems finding the # proper installation path. # # Variables defined by this module: # # BROCCOLI_FOUND System has libbroccoli, include and lib dirs found # Broccoli_INCLUDE_DIR The libbroccoli include directories. # Broccoli_LIBRARY The libbroccoli library. find_path(Broccoli_ROOT_DIR NAMES include/broccoli.h ) find_path(Broccoli_INCLUDE_DIR NAMES broccoli.h HINTS ${Broccoli_ROOT_DIR}/include ) find_library(Broccoli_LIBRARY NAMES broccoli HINTS ${Broccoli_ROOT_DIR}/lib ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Broccoli DEFAULT_MSG Broccoli_LIBRARY Broccoli_INCLUDE_DIR ) mark_as_advanced( Broccoli_ROOT_DIR Broccoli_INCLUDE_DIR Broccoli_LIBRARY ) broctl-1.4-minimal/cmake/CheckCompilers.cmake0000664002342100234210000000067012535575001021070 0ustar johannajohanna# Aborts the configuration if no C or C++ compiler is found, depending # on whether a previous call to the project() macro was supplied either # language as a requirement. if (NOT CMAKE_C_COMPILER AND DEFINED CMAKE_C_COMPILER) message(FATAL_ERROR "Could not find prerequisite C compiler") endif () if (NOT CMAKE_CXX_COMPILER AND DEFINED CMAKE_CXX_COMPILER) message(FATAL_ERROR "Could not find prerequisite C++ compiler") endif () broctl-1.4-minimal/cmake/InstallPackageConfigFile.cmake0000664002342100234210000000527312535575001023011 0ustar johannajohannainclude(InstallClobberImmune) # This macro can be used to install configuration files which # users are expected to modify after installation. It will: # # - If binary packaging is enabled: # Install the file in the typical CMake fashion, but append to the # INSTALLED_CONFIG_FILES cache variable for use with the Mac package's # pre/post install scripts # # - If binary packaging is not enabled: # Install the script in a way such that it will check at `make install` # time whether the file does not exist. See InstallClobberImmune.cmake # # - Always create a target "install-example-configs" which installs an # example version of the config file. # # _srcfile: the absolute path to the file to install # _dstdir: absolute path to the directory in which to install the file # _dstfilename: how to (re)name the file inside _dstdir macro(InstallPackageConfigFile _srcfile _dstdir _dstfilename) set(_dstfile ${_dstdir}/${_dstfilename}) if (BINARY_PACKAGING_MODE) # If packaging mode is enabled, always install the distribution's # version of the file. The Mac package's pre/post install scripts # or native functionality of RPMs will take care of not clobbering it. install(FILES ${_srcfile} DESTINATION ${_dstdir} RENAME ${_dstfilename}) # This cache variable is what the Mac package pre/post install scripts # use to avoid clobbering user-modified config files set(INSTALLED_CONFIG_FILES "${INSTALLED_CONFIG_FILES} ${_dstfile}" CACHE STRING "" FORCE) # Additionally, the Mac PackageMaker packages don't have any automatic # handling of configuration file conflicts so install an example file # that the post install script will cleanup in the case it's extraneous if (APPLE) install(FILES ${_srcfile} DESTINATION ${_dstdir} RENAME ${_dstfilename}.example) endif () else () # Have `make install` check at run time whether the file does not exist InstallClobberImmune(${_srcfile} ${_dstfile}) endif () if (NOT TARGET install-example-configs) add_custom_target(install-example-configs COMMENT "Installed example configuration files") endif () # '/' is invalid in target names, so replace w/ '.' string(REGEX REPLACE "/" "." _flatsrc ${_srcfile}) set(_example ${_dstfile}.example) add_custom_target(install-example-config-${_flatsrc} COMMAND "${CMAKE_COMMAND}" -E copy ${_srcfile} \${DESTDIR}${_example} COMMENT "Installing ${_example}") add_dependencies(install-example-configs install-example-config-${_flatsrc}) endmacro(InstallPackageConfigFile) broctl-1.4-minimal/cmake/BifCl.cmake0000664002342100234210000002221012535575001017146 0ustar johannajohanna # A macro to define a command that uses the BIF compiler to produce C++ # segments and Bro language declarations from a .bif file. The outputs # are returned in BIF_OUTPUT_{CC,H,BRO}. By default, it runs bifcl in # alternative mode (-a; suitable for standalone compilation). If # an additional parameter "standard" is given, it runs it in standard mode # for inclusion in NetVar.*. If an additional parameter "plugin" is given, # it runs it in plugin mode (-p). In the latter case, one more argument # is required with the plugin's name. # # The macro also creates a target that can be used to define depencencies on # the generated files. The name of the target depends on the mode and includes # a normalized path to the input bif to make it unique. The target is added # automatically to bro_ALL_GENERATED_OUTPUTS. macro(bif_target bifInput) set(target "") get_filename_component(bifInputBasename "${bifInput}" NAME) if ( "${ARGV1}" STREQUAL "standard" ) set(bifcl_args "") set(target "bif-std-${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}") set(bifOutputs ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.func_def ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.func_h ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.func_init ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.netvar_def ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.netvar_h ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}.netvar_init) set(BIF_OUTPUT_CC ${bifInputBasename}.func_def ${bifInputBasename}.func_init ${bifInputBasename}.netvar_def ${bifInputBasename}.netvar_init) set(BIF_OUTPUT_H ${bifInputBasename}.func_h ${bifInputBasename}.netvar_h) set(BIF_OUTPUT_BRO ${CMAKE_BINARY_DIR}/scripts/base/bif/${bifInputBasename}.bro) set(bro_BASE_BIF_SCRIPTS ${bro_BASE_BIF_SCRIPTS} ${BIF_OUTPUT_BRO} CACHE INTERNAL "Bro script stubs for BIFs in base distribution of Bro" FORCE) # Propogate to top-level elseif ( "${ARGV1}" STREQUAL "plugin" ) set(plugin_name ${ARGV2}) set(plugin_name_canon ${ARGV3}) set(plugin_is_static ${ARGV4}) set(target "bif-plugin-${plugin_name_canon}-${bifInputBasename}") set(bifcl_args "-p;${plugin_name}") set(bifOutputs ${bifInputBasename}.h ${bifInputBasename}.cc ${bifInputBasename}.init.cc ${bifInputBasename}.register.cc) if ( plugin_is_static ) set(BIF_OUTPUT_CC ${bifInputBasename}.cc ${bifInputBasename}.init.cc) set(bro_REGISTER_BIFS ${bro_REGISTER_BIFS} ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename} CACHE INTERNAL "BIFs for automatic registering" FORCE) # Propagate to top-level. else () set(BIF_OUTPUT_CC ${bifInputBasename}.cc ${bifInputBasename}.init.cc ${bifInputBasename}.register.cc) endif() set(BIF_OUTPUT_H ${bifInputBasename}.h) if ( NOT BRO_PLUGIN_BUILD_DYNAMIC ) set(BIF_OUTPUT_BRO ${CMAKE_BINARY_DIR}/scripts/base/bif/plugins/${plugin_name_canon}.${bifInputBasename}.bro) else () set(BIF_OUTPUT_BRO ${BRO_PLUGIN_BIF}/${bifInputBasename}.bro) endif() set(bro_PLUGIN_BIF_SCRIPTS ${bro_PLUGIN_BIF_SCRIPTS} ${BIF_OUTPUT_BRO} CACHE INTERNAL "Bro script stubs for BIFs in Bro plugins" FORCE) # Propogate to top-level else () # Alternative mode. These will get compiled in automatically. set(bifcl_args "-s") set(target "bif-alt-${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename}") set(bifOutputs ${bifInputBasename}.h ${bifInputBasename}.cc ${bifInputBasename}.init.cc) set(BIF_OUTPUT_CC ${bifInputBasename}.cc) set(BIF_OUTPUT_H ${bifInputBasename}.h) # In order be able to run bro from the build directory, the # generated bro script needs to be inside a directory tree # named the same way it will be referenced from an @load. set(BIF_OUTPUT_BRO ${CMAKE_BINARY_DIR}/scripts/base/bif/${bifInputBasename}.bro) set(bro_AUTO_BIFS ${bro_AUTO_BIFS} ${CMAKE_CURRENT_BINARY_DIR}/${bifInputBasename} CACHE INTERNAL "BIFs for automatic inclusion" FORCE) # Propagate to top-level. set(bro_BASE_BIF_SCRIPTS ${bro_BASE_BIF_SCRIPTS} ${BIF_OUTPUT_BRO} CACHE INTERNAL "Bro script stubs for BIFs in base distribution of Bro" FORCE) # Propogate to top-level endif () if ( BRO_PLUGIN_INTERNAL_BUILD ) set(bifclDep "bifcl") endif () if ( BRO_PLUGIN_INTERNAL_BUILD ) set(BifCl_EXE "bifcl") else () set(BifCl_EXE "${BRO_PLUGIN_BRO_BUILD}/src/bifcl") endif () add_custom_command(OUTPUT ${bifOutputs} ${BIF_OUTPUT_BRO} COMMAND ${BifCl_EXE} ARGS ${bifcl_args} ${CMAKE_CURRENT_SOURCE_DIR}/${bifInput} || (rm -f ${bifOutputs} && exit 1) COMMAND "${CMAKE_COMMAND}" ARGS -E copy ${bifInputBasename}.bro ${BIF_OUTPUT_BRO} COMMAND "${CMAKE_COMMAND}" ARGS -E remove -f ${bifInputBasename}.bro DEPENDS ${bifInput} DEPENDS ${bifclDep} COMMENT "[BIFCL] Processing ${bifInput}" ) string(REGEX REPLACE "${CMAKE_BINARY_DIR}/src/" "" target "${target}") string(REGEX REPLACE "/" "-" target "${target}") add_custom_target(${target} DEPENDS ${BIF_OUTPUT_H} ${BIF_OUTPUT_CC}) set_source_files_properties(${bifOutputs} PROPERTIES GENERATED 1) set(BIF_BUILD_TARGET ${target}) set(bro_ALL_GENERATED_OUTPUTS ${bro_ALL_GENERATED_OUTPUTS} ${target} CACHE INTERNAL "automatically generated files" FORCE) # Propagate to top-level. endmacro(bif_target) # A macro to create a __load__.bro file for all *.bif.bro files in # a given collection (which should all be in the same directory). # It creates a corresponding target to trigger the generation. function(bro_bif_create_loader target bifinputs) set(_bif_loader_dir "") foreach ( _bro_file ${bifinputs} ) get_filename_component(_bif_loader_dir_tmp ${_bro_file} PATH) get_filename_component(_bro_file_name ${_bro_file} NAME) if ( _bif_loader_dir ) if ( NOT _bif_loader_dir_tmp STREQUAL _bif_loader_dir ) message(FATAL_ERROR "Directory of Bro script BIF stub ${_bro_file} differs from expected: ${_bif_loader_dir}") endif () else () set(_bif_loader_dir ${_bif_loader_dir_tmp}) endif () set(_bif_loader_content "${_bif_loader_content} ${_bro_file_name}") endforeach () if ( NOT _bif_loader_dir ) return () endif () file(MAKE_DIRECTORY ${_bif_loader_dir}) set(_bif_loader_file ${_bif_loader_dir}/__load__.bro) add_custom_target(${target} COMMAND "sh" "-c" "rm -f ${_bif_loader_file}" COMMAND "sh" "-c" "for i in ${_bif_loader_content}; do echo @load ./$i >> ${_bif_loader_file}; done" WORKING_DIRECTORY ${_bif_loader_dir} VERBATIM ) add_dependencies(${target} generate_outputs) endfunction() # A macro to create joint include files for compiling in all the # autogenerated bif code. function(bro_bif_create_includes target dstdir bifinputs) file(MAKE_DIRECTORY ${dstdir}) add_custom_target(${target} COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.cc.tmp" COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.init.cc.tmp" COMMAND for i in ${bifinputs}\; do echo \\\#include \\"\$\$i.cc\\"\; done >> ${dstdir}/__all__.bif.cc.tmp COMMAND for i in ${bifinputs}\; do echo \\\#include \\"\$\$i.init.cc\\"\; done >> ${dstdir}/__all__.bif.init.cc.tmp COMMAND ${CMAKE_COMMAND} -E copy_if_different "${dstdir}/__all__.bif.cc.tmp" "${dstdir}/__all__.bif.cc" COMMAND ${CMAKE_COMMAND} -E copy_if_different "${dstdir}/__all__.bif.init.cc.tmp" "${dstdir}/__all__.bif.init.cc" COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.cc.tmp" COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.init.cc.tmp" WORKING_DIRECTORY ${dstdir} ) set(clean_files ${dstdir}/__all__.bif.cc ${dstdir}/__all__.bif.init.cc) set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES "${clean_files}") endfunction() function(bro_bif_create_register target dstdir bifinputs) file(MAKE_DIRECTORY ${dstdir}) add_custom_target(${target} COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.register.cc.tmp" COMMAND for i in ${bifinputs}\; do echo \\\#include \\"\$\$i.register.cc\\"\; done >> ${dstdir}/__all__.bif.register.cc.tmp COMMAND ${CMAKE_COMMAND} -E copy_if_different "${dstdir}/__all__.bif.register.cc.tmp" "${dstdir}/__all__.bif.register.cc" COMMAND "sh" "-c" "rm -f ${dstdir}/__all__.bif.register.cc.tmp" WORKING_DIRECTORY ${dstdir} ) set(clean_files ${dstdir}/__all__.bif.cc ${dstdir}/__all__.bif.register.cc) set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES "${clean_files}") endfunction() broctl-1.4-minimal/cmake/SetupRPATH.cmake0000664002342100234210000000053012535575001020067 0ustar johannajohanna# Keep RPATH upon installing so that user doesn't have to ensure the linker # can find internal/private libraries or libraries external to the build # directory that were explicitly linked against if (NOT BINARY_PACKAGING_MODE) SET(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE) SET(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib") endif () broctl-1.4-minimal/cmake/CommonCMakeConfig.cmake0000664002342100234210000000036212535575001021452 0ustar johannajohannaset(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake ${CMAKE_MODULE_PATH}) include(CheckCompilers) include(ProhibitInSourceBuild) include(AddUninstallTarget) include(SetupRPATH) include(SetDefaultCompileFlags) include(MacDependencyPaths) broctl-1.4-minimal/cmake/FindRequiredPackage.cmake0000664002342100234210000000303712535575001022032 0ustar johannajohanna# A wrapper macro around the standard CMake find_package macro that # facilitates displaying better error messages by default, or even # accepting custom error messages on a per package basis. # # If a package is not found, then the MISSING_PREREQS variable gets # set to true and either a default or custom error message appended # to MISSING_PREREQ_DESCS. # # The caller can use these variables to display a list of any missing # packages and abort the build/configuration if there were any. # # Use as follows: # # include(FindRequiredPackage) # FindRequiredPackage(Perl) # FindRequiredPackage(FLEX "You need to install flex (Fast Lexical Analyzer)") # # if (MISSING_PREREQS) # foreach (prereq ${MISSING_PREREQ_DESCS}) # message(SEND_ERROR ${prereq}) # endforeach () # message(FATAL_ERROR "Configuration aborted due to missing prerequisites") # endif () macro(FindRequiredPackage packageName) find_package(${packageName}) string(TOUPPER ${packageName} canonPackageName) if (NOT ${canonPackageName}_FOUND) set(MISSING_PREREQS true) set(customDesc) foreach (descArg ${ARGN}) set(customDesc "${customDesc} ${descArg}") endforeach () if (customDesc) # append the custom error message that was provided as an argument list(APPEND MISSING_PREREQ_DESCS ${customDesc}) else () list(APPEND MISSING_PREREQ_DESCS " Could not find prerequisite package '${packageName}'") endif () endif () endmacro(FindRequiredPackage) broctl-1.4-minimal/cmake/CheckOptionalBuildSources.cmake0000664002342100234210000000165012535575001023243 0ustar johannajohanna# A macro that checks whether optional sources exist and if they do, they # are added to the build/install process, else a warning is issued # # _dir: the subdir of the current source dir in which the optional # sources are located # _packageName: a string that identifies the package # _varName: name of the variable indicating whether package is scheduled # to be installed macro(CheckOptionalBuildSources _dir _packageName _varName) if (${_varName}) if (EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/${_dir}/CMakeLists.txt) add_subdirectory(${_dir}) else () message(WARNING "${_packageName} source code does not exist in " "${CMAKE_CURRENT_SOURCE_DIR}/${_dir} " "so it will not be built or installed") set(${_varName} false) endif () endif () endmacro(CheckOptionalBuildSources) broctl-1.4-minimal/cmake/GetArchitecture.cmake0000664002342100234210000000052712535575001021260 0ustar johannajohanna # Determine a tag for the host architecture (e.g., "linux-x86_64"). # We run uname ourselves here as CMAKE by default uses -p rather than # -m. execute_process(COMMAND uname -m OUTPUT_VARIABLE arch OUTPUT_STRIP_TRAILING_WHITESPACE) set(HOST_ARCHITECTURE "${CMAKE_SYSTEM_NAME}-${arch}") string(TOLOWER ${HOST_ARCHITECTURE} HOST_ARCHITECTURE) broctl-1.4-minimal/cmake/FindLibcaf.cmake0000664002342100234210000000701212535575001020153 0ustar johannajohanna# Try to find libcaf headers and library. # # Use this module as follows: # # find_package(Libcaf) # # Variables used by this module (they can change the default behaviour and need # to be set before calling find_package): # # LIBCAF_ROOT_DIR Set this variable to the root installation of # libcaf if the module has problems finding # the proper installation path. # # Variables defined by this module: # # LIBCAF_FOUND System has libcaf headers and library # LIBCAF_LIBRARIES List of library files for all components # LIBCAF_INCLUDE_DIRS List of include paths for all components # LIBCAF_LIBRARY_$C Library file for component $C # LIBCAF_INCLUDE_DIR_$C Include path for component $C # iterate over user-defined components foreach (comp ${Libcaf_FIND_COMPONENTS}) # we use uppercase letters only for variable names string(TOUPPER "${comp}" UPPERCOMP) if ("${comp}" STREQUAL "core") set(HDRNAME "caf/all.hpp") else () set(HDRNAME "caf/${comp}/all.hpp") endif () # look for headers: give CMake hints where to find non-installed CAF versions # note that we look for the headers of each component individually: this is # necessary to support non-installed versions of CAF, i.e., accessing the # checked out "actor-framework" directory structure directly set(HDRHINT "actor-framework/libcaf_${comp}") find_path(LIBCAF_INCLUDE_DIR_${UPPERCOMP} NAMES ${HDRNAME} HINTS ${LIBCAF_ROOT_DIR}/include /usr/include /usr/local/include /opt/local/include /sw/include ${CMAKE_INSTALL_PREFIX}/include ../${HDRHINT} ../../${HDRHINT} ../../../${HDRHINT}) mark_as_advanced(LIBCAF_INCLUDE_DIR_${UPPERCOMP}) if ("${LIBCAF_INCLUDE_DIR_${UPPERCOMP}}" STREQUAL "LIBCAF_INCLUDE_DIR_${UPPERCOMP}-NOTFOUND") # exit on first error break () else () # add to LIBCAF_INCLUDE_DIRS only if path isn't already set set(duplicate false) foreach (p ${LIBCAF_INCLUDE_DIRS}) if (${p} STREQUAL ${LIBCAF_INCLUDE_DIR_${UPPERCOMP}}) set(duplicate true) endif () endforeach () if (NOT duplicate) set(LIBCAF_INCLUDE_DIRS ${LIBCAF_INCLUDE_DIRS} ${LIBCAF_INCLUDE_DIR_${UPPERCOMP}}) endif() endif () # look for (.dll|.so|.dylib) file, again giving hints for non-installed CAFs find_library(LIBCAF_LIBRARY_${UPPERCOMP} NAMES "caf_${comp}" HINTS ${LIBCAF_ROOT_DIR}/lib /usr/lib /usr/local/lib /opt/local/lib /sw/lib ${CMAKE_INSTALL_PREFIX}/lib ../actor-framework/build/lib ../../actor-framework/build/lib ../../../actor-framework/build/lib) mark_as_advanced(LIBCAF_LIBRARY_${UPPERCOMP}) if ("${LIBCAF_LIBRARY_${UPPERCOMP}}" STREQUAL "LIBCAF_LIBRARY-NOTFOUND") # exit on first error break () else () set(LIBCAF_LIBRARIES ${LIBCAF_LIBRARIES} ${LIBCAF_LIBRARY_${UPPERCOMP}}) endif () endforeach () # final steps to tell CMake we're done include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Libcaf DEFAULT_MSG LIBCAF_LIBRARIES LIBCAF_INCLUDE_DIRS) mark_as_advanced(LIBCAF_ROOT_DIR LIBCAF_LIBRARIES LIBCAF_INCLUDE_DIRS) broctl-1.4-minimal/cmake/CheckNameserCompat.cmake0000664002342100234210000000136012535575001021666 0ustar johannajohannainclude(CheckCSourceCompiles) # Check whether the namser compatibility header is required # This can be the case on the Darwin platform set(CMAKE_REQUIRED_INCLUDES ${BIND_INCLUDE_DIR}) check_c_source_compiles(" #include int main() { HEADER *hdr; int d = NS_IN6ADDRSZ; return 0; }" have_nameser_header) if (NOT have_nameser_header) check_c_source_compiles(" #include #include int main() { HEADER *hdr; int d = NS_IN6ADDRSZ; return 0; }" NEED_NAMESER_COMPAT_H) if (NOT NEED_NAMESER_COMPAT_H) message(FATAL_ERROR "Asynchronous DNS support compatibility check failed.") endif () endif () set(CMAKE_REQUIRED_INCLUDES) broctl-1.4-minimal/cmake/RequireCXX11.cmake0000664002342100234210000000412612535575001020336 0ustar johannajohanna# Detect if compiler version is sufficient for supporting C++11. # If it is, CMAKE_CXX_FLAGS are modified appropriately and HAVE_CXX11 # is set to a true value. Else, CMake exits with a fatal error message. # This currently only works for GCC and Clang compilers. # In Cmake 3.1+, CMAKE_CXX_STANDARD_REQUIRED should be able to replace # all the logic below. if ( DEFINED HAVE_CXX11 ) return() endif () set(required_gcc_version 4.8) set(required_clang_version 3.3) # CMAKE_CXX_COMPILER_VERSION may not always be available (e.g. particularly # for CMakes older than 2.8.10, but use it if it exists. if ( DEFINED CMAKE_CXX_COMPILER_VERSION ) if ( CMAKE_CXX_COMPILER_ID STREQUAL "GNU" ) if ( CMAKE_CXX_COMPILER_VERSION VERSION_LESS ${required_gcc_version} ) message(FATAL_ERROR "GCC version must be at least " "${required_gcc_version} for C++11 support, detected: " "${CMAKE_CXX_COMPILER_VERSION}") endif () elseif ( CMAKE_CXX_COMPILER_ID STREQUAL "Clang" ) if ( CMAKE_CXX_COMPILER_VERSION VERSION_LESS ${required_clang_version} ) message(FATAL_ERROR "Clang version must be at least " "${required_clang_version} for C++11 support, detected: " "${CMAKE_CXX_COMPILER_VERSION}") endif () endif () set(HAVE_CXX11 true) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11") return() endif () # Need to manually retrieve compiler version. if ( CMAKE_CXX_COMPILER_ID STREQUAL "GNU" ) execute_process(COMMAND ${CMAKE_CXX_COMPILER} -dumpversion OUTPUT_VARIABLE gcc_version) if ( ${gcc_version} VERSION_LESS ${required_gcc_version} ) message(FATAL_ERROR "GCC version must be at least " "${required_gcc_version} for C++11 support, manually detected: " "${CMAKE_CXX_COMPILER_VERSION}") endif () elseif ( CMAKE_CXX_COMPILER_ID STREQUAL "Clang" ) # TODO: don't seem to be any great/easy ways to get a clang version string. endif () set(HAVE_CXX11 true) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11") broctl-1.4-minimal/cmake/bro-plugin-create-package.sh0000775002342100234210000000172012535575001022437 0ustar johannajohanna#! /bin/sh # # Helper script creating a tarball with a plugin's binary distribution. We'll # also leave a MANIFEST in place with all files part of the tar ball. # # Called from BroPluginDynamic.cmake. Current directory is the plugin # build directory. if [ $# = 0 ]; then echo "usage: `basename $0` []" exit 1 fi name=$1 shift addl=$@ # Copy additional distribution files into build directory. for i in ${addl}; do if [ -e ../$i ]; then dir=`dirname $i` mkdir -p ${dir} cp -p ../$i ${dir} fi done tgz=${name}-`(test -e ../VERSION && cat ../VERSION | head -1) || echo 0.0`.tar.gz rm -f MANIFEST ${name} ${name}.tgz ${tgz} for i in __bro_plugin__ lib scripts ${addl}; do test -e $i && find -L $i -type f | sed "s%^%${name}/%g" >>MANIFEST done ln -s . ${name} mkdir -p dist tar czf dist/${tgz} -T MANIFEST ln -s dist/${tgz} ${name}.tgz rm -f ${name} broctl-1.4-minimal/cmake/InstallSymlink.cmake0000664002342100234210000000347512535575001021160 0ustar johannajohanna# This macro can be used to install symlinks, which turns out to be # non-trivial due to CMake version differences and limitations on how # files can be installed when building binary packages. # # The rule for binary packaging is that files (including symlinks) must # be installed with the standard CMake install() macro. # # The rule for non-binary packaging is that CMake 2.6 cannot install() # symlinks, but can create the symlink at install-time via scripting. # Though, we assume that CMake 2.6 isn't going to be used to generate # packages because versions later than 2.8.3 are superior for that purpose. # # _filepath: the absolute path to the file to symlink # _sympath: absolute path of the installed symlink macro(InstallSymlink _filepath _sympath) get_filename_component(_symname ${_sympath} NAME) get_filename_component(_installdir ${_sympath} PATH) if (BINARY_PACKAGING_MODE) execute_process(COMMAND "${CMAKE_COMMAND}" -E create_symlink ${_filepath} ${CMAKE_CURRENT_BINARY_DIR}/${_symname}) install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${_symname} DESTINATION ${_installdir}) else () # scripting the symlink installation at install time should work # for CMake 2.6.x and 2.8.x install(CODE " if (\"\$ENV{DESTDIR}\" STREQUAL \"\") execute_process(COMMAND \"${CMAKE_COMMAND}\" -E create_symlink ${_filepath} ${_installdir}/${_symname}) else () execute_process(COMMAND \"${CMAKE_COMMAND}\" -E create_symlink ${_filepath} \$ENV{DESTDIR}/${_installdir}/${_symname}) endif () ") endif () endmacro(InstallSymlink) broctl-1.4-minimal/cmake/FindRocksDB.cmake0000664002342100234210000000216212535575001020263 0ustar johannajohanna# Try to find RocksDB headers and library. # # Usage of this module as follows: # # find_package(RocksDB) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # ROCKSDB_ROOT_DIR Set this variable to the root installation of # RocksDB if the module has problems finding the # proper installation path. # # Variables defined by this module: # # ROCKSDB_FOUND System has RocksDB library/headers. # ROCKSDB_LIBRARIES The RocksDB library. # ROCKSDB_INCLUDE_DIRS The location of RocksDB headers. find_path(ROCKSDB_ROOT_DIR NAMES include/rocksdb/db.h ) find_library(ROCKSDB_LIBRARIES NAMES rocksdb HINTS ${ROCKSDB_ROOT_DIR}/lib ) find_path(ROCKSDB_INCLUDE_DIRS NAMES rocksdb/db.h HINTS ${ROCKSDB_ROOT_DIR}/include ) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(RocksDB DEFAULT_MSG ROCKSDB_LIBRARIES ROCKSDB_INCLUDE_DIRS ) mark_as_advanced( ROCKSDB_ROOT_DIR ROCKSDB_LIBRARIES ROCKSDB_INCLUDE_DIRS ) broctl-1.4-minimal/cmake/FindBIND.cmake0000664002342100234210000000550012535575001017507 0ustar johannajohanna# - Try to find libpcap include dirs and libraries # # Usage of this module as follows: # # find_package(BIND) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # BIND_ROOT_DIR Set this variable to the root installation of BIND # if the module has problems finding the proper # installation path. # # Variables defined by this module: # # BIND_FOUND System has BIND, include and library dirs found # BIND_INCLUDE_DIR The BIND include directories. # BIND_LIBRARY The BIND library (if any) required for # ns_inittab and res_mkquery symbols find_path(BIND_ROOT_DIR NAMES include/bind/resolv.h include/resolv.h ) find_path(BIND_INCLUDE_DIR NAMES resolv.h HINTS ${BIND_ROOT_DIR}/include/bind ${BIND_ROOT_DIR}/include ) if (${CMAKE_SYSTEM_NAME} MATCHES "Linux") # the static resolv library is preferred because # on some systems, the ns_initparse symbol is not # exported in the shared library (strangely) # see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=291609 set(bind_libs none libresolv.a resolv bind) else () set(bind_libs none resolv bind) endif () include(CheckCSourceCompiles) # Find which library has the res_mkquery and ns_initparse symbols set(CMAKE_REQUIRED_INCLUDES ${BIND_INCLUDE_DIR}) foreach (bindlib ${bind_libs}) if (NOT ${bindlib} MATCHES "none") find_library(BIND_LIBRARY NAMES ${bindlib} HINTS ${BIND_ROOT_DIR}/lib ) endif () set(CMAKE_REQUIRED_LIBRARIES ${BIND_LIBRARY}) check_c_source_compiles(" #include int main() { ns_initparse(0, 0, 0); return 0; } " ns_initparse_works_${bindlib}) check_c_source_compiles(" #include #include #include #include #include int main() { int (*p)() = res_mkquery; return 0; } " res_mkquery_works_${bindlib}) set(CMAKE_REQUIRED_LIBRARIES) if (ns_initparse_works_${bindlib} AND res_mkquery_works_${bindlib}) break () else () set(BIND_LIBRARY BIND_LIBRARY-NOTFOUND) endif () endforeach () set(CMAKE_REQUIRED_INCLUDES) include(FindPackageHandleStandardArgs) if (ns_initparse_works_none AND res_mkquery_works_none) # system does not require linking to a BIND library find_package_handle_standard_args(BIND DEFAULT_MSG BIND_INCLUDE_DIR ) else () find_package_handle_standard_args(BIND DEFAULT_MSG BIND_LIBRARY BIND_INCLUDE_DIR ) endif () mark_as_advanced( BIND_ROOT_DIR BIND_LIBRARY BIND_INCLUDE_DIR ) broctl-1.4-minimal/cmake/MacDependencyPaths.cmake0000664002342100234210000000062212535575001021671 0ustar johannajohanna# As of CMake 2.8.3, Fink and MacPorts search paths are appended to the # default search prefix paths, but the nicer thing would be if they are # prepended to the default, so that is fixed here. if (APPLE AND "${PROJECT_SOURCE_DIR}" STREQUAL "${CMAKE_SOURCE_DIR}") list(INSERT CMAKE_SYSTEM_PREFIX_PATH 0 /opt/local) # MacPorts list(INSERT CMAKE_SYSTEM_PREFIX_PATH 0 /sw) # Fink endif () broctl-1.4-minimal/cmake/FindBro.cmake0000664002342100234210000000206012535575001017513 0ustar johannajohanna# - Try to find Bro installation # # Usage of this module as follows: # # find_package(Bro) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # BRO_ROOT_DIR Set this variable to the root installation of # Bro if the module has problems finding the # proper installation path. # # Variables defined by this module: # # BRO_FOUND Bro NIDS is installed # BRO_EXE path to the 'bro' binary if (BRO_EXE AND BRO_ROOT_DIR) # this implies that we're building from the Bro source tree set(BRO_FOUND true) return() endif () find_program(BRO_EXE bro HINTS ${BRO_ROOT_DIR}/bin /usr/local/bro/bin) if (BRO_EXE) get_filename_component(BRO_ROOT_DIR ${BRO_EXE} PATH) get_filename_component(BRO_ROOT_DIR ${BRO_ROOT_DIR} PATH) endif () include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Bro DEFAULT_MSG BRO_EXE) mark_as_advanced(BRO_ROOT_DIR) broctl-1.4-minimal/cmake/FindLibMagic.cmake0000664002342100234210000000404712535575001020447 0ustar johannajohanna# - Try to find libmagic header and library # # Usage of this module as follows: # # find_package(LibMagic) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # LibMagic_ROOT_DIR Set this variable to the root installation of # libmagic if the module has problems finding the # proper installation path. # # Variables defined by this module: # # LIBMAGIC_FOUND System has libmagic, magic.h, and file # LibMagic_FILE_EXE Path to the 'file' command # LibMagic_VERSION Version of libmagic # LibMagic_LIBRARY The libmagic library # LibMagic_INCLUDE_DIR The location of magic.h find_path(LibMagic_ROOT_DIR NAMES include/magic.h ) if (${CMAKE_SYSTEM_NAME} MATCHES "Darwin") # the static version of the library is preferred on OS X for the # purposes of making packages (libmagic doesn't ship w/ OS X) set(libmagic_names libmagic.a magic) else () set(libmagic_names magic) endif () find_file(LibMagic_FILE_EXE NAMES file HINTS ${LibMagic_ROOT_DIR}/bin ) find_library(LibMagic_LIBRARY NAMES ${libmagic_names} HINTS ${LibMagic_ROOT_DIR}/lib ) find_path(LibMagic_INCLUDE_DIR NAMES magic.h HINTS ${LibMagic_ROOT_DIR}/include ) if (LibMagic_FILE_EXE) execute_process(COMMAND "${LibMagic_FILE_EXE}" --version ERROR_VARIABLE LibMagic_VERSION OUTPUT_VARIABLE LibMagic_VERSION) string(REGEX REPLACE "^file-([0-9.]+).*$" "\\1" LibMagic_VERSION "${LibMagic_VERSION}") message(STATUS "libmagic version: ${LibMagic_VERSION}") else () set(LibMagic_VERSION NOTFOUND) endif () include(FindPackageHandleStandardArgs) find_package_handle_standard_args(LibMagic DEFAULT_MSG LibMagic_LIBRARY LibMagic_INCLUDE_DIR LibMagic_FILE_EXE LibMagic_VERSION ) mark_as_advanced( LibMagic_ROOT_DIR LibMagic_FILE_EXE LibMagic_VERSION LibMagic_LIBRARY LibMagic_INCLUDE_DIR ) broctl-1.4-minimal/cmake/UserChangedWarning.cmake0000664002342100234210000000137012535575001021711 0ustar johannajohanna# Show warning when installing user is different from the one that configured, # except when the install is root. if ("${PROJECT_SOURCE_DIR}" STREQUAL "${CMAKE_SOURCE_DIR}") install(CODE " if (NOT \"$ENV{USER}\" STREQUAL \"\$ENV{USER}\" AND NOT \"\$ENV{USER}\" STREQUAL root) message(STATUS \"WARNING: Install is being performed by user \" \"'\$ENV{USER}', but the build directory was configured by \" \"user '$ENV{USER}'. This may result in a permissions error \" \"when writing the install manifest, but you can ignore it \" \"and consider the installation as successful if you don't \" \"care about the install manifest.\") endif () ") endif () broctl-1.4-minimal/cmake/BroPluginStatic.cmake0000664002342100234210000000262612535575001021251 0ustar johannajohanna## A set of functions for defining Bro plugins. ## ## This set is for plugins compiled in statically. ## See BroPluginsDynamic.cmake for the dynamic version. function(bro_plugin_bif_static) foreach ( bif ${ARGV} ) bif_target(${bif} "plugin" ${_plugin_name} ${_plugin_name_canon} TRUE) list(APPEND _plugin_objs ${BIF_OUTPUT_CC}) list(APPEND _plugin_deps ${BIF_BUILD_TARGET}) set(_plugin_objs "${_plugin_objs}" PARENT_SCOPE) set(_plugin_deps "${_plugin_deps}" PARENT_SCOPE) endforeach () endfunction() function(bro_plugin_link_library_static) foreach ( lib ${ARGV} ) set(bro_SUBDIR_LIBS ${bro_SUBDIR_LIBS} "${lib}" CACHE INTERNAL "plugin libraries") endforeach () endfunction() function(bro_plugin_end_static) if ( bro_HAVE_OBJECT_LIBRARIES ) add_library(${_plugin_lib} OBJECT ${_plugin_objs}) set(_target "$") else () add_library(${_plugin_lib} STATIC ${_plugin_objs}) set(_target "${_plugin_lib}") endif () if ( NOT "${_plugin_deps}" STREQUAL "" ) add_dependencies(${_plugin_lib} ${_plugin_deps}) endif () add_dependencies(${_plugin_lib} generate_outputs) set(bro_PLUGIN_LIBS ${bro_PLUGIN_LIBS} "${_target}" CACHE INTERNAL "plugin libraries") endfunction() macro(_plugin_target_name_static target ns name) set(${target} "plugin-${ns}-${name}") endmacro() broctl-1.4-minimal/cmake/FindPythonDev.cmake0000664002342100234210000000462112535575001020716 0ustar johannajohanna# - Try to find Python include dirs and libraries # # Usage of this module as follows: # # find_package(PythonDev) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # PYTHON_EXECUTABLE If this is set to a path to a Python interpreter # then this module attempts to infer the path to # python-config from it # PYTHON_CONFIG Set this variable to the location of python-config # if the module has problems finding the proper # installation path. # # Variables defined by this module: # # PYTHONDEV_FOUND System has Python dev headers/libraries # PYTHON_INCLUDE_DIR The Python include directories. # PYTHON_LIBRARIES The Python libraries and linker flags. include(FindPackageHandleStandardArgs) if (PYTHON_EXECUTABLE AND EXISTS ${PYTHON_EXECUTABLE}-config) set(PYTHON_CONFIG ${PYTHON_EXECUTABLE}-config CACHE PATH "" FORCE) else () find_program(PYTHON_CONFIG NAMES python-config python-config2.7 python-config2.6 python-config2.6 python-config2.4 python-config2.3) endif () # The OpenBSD python packages have python-config's that don't reliably # report linking flags that will work. if (PYTHON_CONFIG AND NOT ${CMAKE_SYSTEM_NAME} STREQUAL "OpenBSD") execute_process(COMMAND "${PYTHON_CONFIG}" --ldflags OUTPUT_VARIABLE PYTHON_LIBRARIES OUTPUT_STRIP_TRAILING_WHITESPACE ERROR_QUIET) execute_process(COMMAND "${PYTHON_CONFIG}" --includes OUTPUT_VARIABLE PYTHON_INCLUDE_DIR OUTPUT_STRIP_TRAILING_WHITESPACE ERROR_QUIET) string(REGEX REPLACE "^[-I]" "" PYTHON_INCLUDE_DIR "${PYTHON_INCLUDE_DIR}") string(REGEX REPLACE "[ ]-I" " " PYTHON_INCLUDE_DIR "${PYTHON_INCLUDE_DIR}") separate_arguments(PYTHON_INCLUDE_DIR) find_package_handle_standard_args(PythonDev DEFAULT_MSG PYTHON_CONFIG PYTHON_INCLUDE_DIR PYTHON_LIBRARIES ) else () find_package(PythonLibs) if (PYTHON_INCLUDE_PATH AND NOT PYTHON_INCLUDE_DIR) set(PYTHON_INCLUDE_DIR "${PYTHON_INCLUDE_PATH}") endif () find_package_handle_standard_args(PythonDev DEFAULT_MSG PYTHON_INCLUDE_DIR PYTHON_LIBRARIES ) endif () broctl-1.4-minimal/cmake/InstallClobberImmune.cmake0000664002342100234210000000255612535575001022254 0ustar johannajohanna# Determines at `make install` time if a file, typically a configuration # file placed in $PREFIX/etc, shouldn't be installed to prevent overwrite # of an existing file. # # _srcfile: the file to install # _dstfile: the absolute file name after installation macro(InstallClobberImmune _srcfile _dstfile) install(CODE " set(_destfile \"${_dstfile}\") if (NOT \"\$ENV{DESTDIR}\" STREQUAL \"\") # prepend install root prefix with install-time DESTDIR set(_destfile \"\$ENV{DESTDIR}/${_dstfile}\") endif () if (EXISTS \${_destfile}) message(STATUS \"Skipping: \${_destfile} (already exists)\") execute_process(COMMAND \"${CMAKE_COMMAND}\" -E compare_files ${_srcfile} \${_destfile} RESULT_VARIABLE _diff) if (NOT \"\${_diff}\" STREQUAL \"0\") message(STATUS \"Installing: \${_destfile}.example\") configure_file(${_srcfile} \${_destfile}.example COPYONLY) endif () else () message(STATUS \"Installing: \${_destfile}\") # install() is not scriptable within install(), and # configure_file() is the next best thing configure_file(${_srcfile} \${_destfile} COPYONLY) # TODO: create additional install_manifest files? endif () ") endmacro(InstallClobberImmune) broctl-1.4-minimal/cmake/ProhibitInSourceBuild.cmake0000664002342100234210000000045612535575001022407 0ustar johannajohanna# Prohibit in-source builds. if ("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}") message(FATAL_ERROR "In-source builds are not allowed. Please use " "./configure to choose a build directory and " "initialize the build configuration.") endif () broctl-1.4-minimal/cmake/FindTraceSummary.cmake0000664002342100234210000000070412535575001021410 0ustar johannajohanna# - Try to find the trace-summary Python program # # Usage of this module as follows: # # find_package(TraceSummary) # # Variables defined by this module: # # TRACESUMMARY_FOUND capstats binary found # TraceSummary_EXE path to the capstats executable binary find_program(TRACE_SUMMARY_EXE trace-summary) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(TraceSummary DEFAULT_MSG TRACE_SUMMARY_EXE) broctl-1.4-minimal/cmake/BroSubdir.cmake0000664002342100234210000000077112535575001020072 0ustar johannajohanna # Creates a target for a library of objects file in a subdirectory, # and adds to the global bro_SUBDIR_LIBS. function(bro_add_subdir_library name) if ( bro_HAVE_OBJECT_LIBRARIES ) add_library("bro_${name}" OBJECT ${ARGN}) set(_target "$") else () add_library("bro_${name}" STATIC ${ARGN}) set(_target "bro_${name}") endif () set(bro_SUBDIR_LIBS "${_target}" ${bro_SUBDIR_LIBS} CACHE INTERNAL "subdir libraries") endfunction() broctl-1.4-minimal/cmake/package_postupgrade.sh.in0000775002342100234210000000435712535575001022155 0ustar johannajohanna#!/bin/sh # This script is meant to be used by binary packages post-installation. # Variables between @ symbols are replaced by CMake at configure time. backupNamesFile=/tmp/bro_install_backups version=@VERSION@ sampleFiles="" # check whether it's safe to remove backup configuration files that # the most recent package install created if [ -e ${backupNamesFile} ]; then backupFileList=`cat ${backupNamesFile}` for backupFile in ${backupFileList}; do origFileName=`echo ${backupFile} | sed 's/\(.*\)\..*/\1/'` diff ${origFileName} ${backupFile} > /dev/null 2>&1 if [ $? -eq 0 ]; then # if the installed version and the backup version don't differ # then we can remove the backup version and the example file rm ${backupFile} rm ${origFileName}.example else # The backup file differs from the newly installed version, # since we can't tell if the backup version has been modified # by the user, we should restore it to its original location # and rename the new version appropriately. sampleFiles="${sampleFiles}\n${origFileName}.example" mv ${backupFile} ${origFileName} fi done rm ${backupNamesFile} fi if [ -n "${sampleFiles}" ]; then # Use some apple script to display a message to user /usr/bin/osascript << EOF tell application "System Events" activate display alert "Existing configuration files differ from the ones that would be installed by this package. To avoid overwriting configuration which you may have modified, the following new config files have been installed:\n${sampleFiles}\n\nIf you have previously modified configuration files, please make sure that they are still compatible, else you should update your config files to the new versions." end tell EOF fi # Set up world writeable spool and logs directory for broctl, making sure # to set the sticky bit so that unprivileged users can't rename/remove files. # (CMake/CPack is supposed to install them, but has problems with empty dirs) if [ -n "@EMPTY_WORLD_DIRS@" ]; then for dir in "@EMPTY_WORLD_DIRS@"; do mkdir -p ${dir} chmod 777 ${dir} chmod +t ${dir} done fi broctl-1.4-minimal/cmake/CheckHeaders.cmake0000664002342100234210000000306712535575001020511 0ustar johannajohannainclude(CheckIncludeFiles) include(CheckStructHasMember) include(CheckSymbolExists) check_include_files(getopt.h HAVE_GETOPT_H) check_include_files(memory.h HAVE_MEMORY_H) check_include_files("sys/socket.h;netinet/in.h;net/if.h;netinet/if_ether.h" HAVE_NETINET_IF_ETHER_H) check_include_files("sys/socket.h;netinet/in.h;net/if.h;netinet/ip6.h" HAVE_NETINET_IP6_H) check_include_files("sys/socket.h;net/if.h;net/ethernet.h" HAVE_NET_ETHERNET_H) check_include_files(sys/ethernet.h HAVE_SYS_ETHERNET_H) check_include_files(net/ethertypes.h HAVE_NET_ETHERTYPES_H) check_include_files(sys/time.h HAVE_SYS_TIME_H) check_include_files("time.h;sys/time.h" TIME_WITH_SYS_TIME) check_include_files(os-proto.h HAVE_OS_PROTO_H) check_struct_has_member(HISTORY_STATE entries "stdio.h;readline/readline.h" HAVE_READLINE_HISTORY_ENTRIES) check_include_files("stdio.h;readline/readline.h" HAVE_READLINE_READLINE_H) check_include_files("stdio.h;readline/history.h" HAVE_READLINE_HISTORY_H) if (HAVE_READLINE_READLINE_H AND HAVE_READLINE_HISTORY_H AND HAVE_READLINE_HISTORY_ENTRIES) set(HAVE_READLINE true) endif () check_struct_has_member("struct sockaddr_in" sin_len "netinet/in.h" SIN_LEN) macro(CheckIPProto _proto) check_symbol_exists(IPPROTO_${_proto} netinet/in.h HAVE_IPPROTO_${_proto}) endmacro(CheckIPProto _proto) CheckIPProto(HOPOPTS) CheckIPProto(IPV6) CheckIPProto(IPV4) CheckIPProto(ROUTING) CheckIPProto(FRAGMENT) CheckIPProto(ESP) CheckIPProto(AH) CheckIPProto(ICMPV6) CheckIPProto(NONE) CheckIPProto(DSTOPTS) broctl-1.4-minimal/cmake/ConfigurePackaging.cmake0000664002342100234210000002311312535575001021720 0ustar johannajohanna# A collection of macros to assist in configuring CMake/Cpack # source and binary packaging # Sets CPack version variables by splitting the first macro argument # using "." or "-" as a delimiter. If the length of the split list is # greater than 2, all remaining elements are tacked on to the patch # level version. Not that the version set by the macro is internal # to binary packaging, the file name of our package will reflect the # exact version number. macro(SetPackageVersion _version) string(REGEX REPLACE "[.-]" " " version_numbers ${_version}) separate_arguments(version_numbers) list(GET version_numbers 0 CPACK_PACKAGE_VERSION_MAJOR) list(REMOVE_AT version_numbers 0) list(GET version_numbers 0 CPACK_PACKAGE_VERSION_MINOR) list(REMOVE_AT version_numbers 0) list(LENGTH version_numbers version_length) while (version_length GREATER 0) list(GET version_numbers 0 patch_level) if (CPACK_PACKAGE_VERSION_PATCH) set(CPACK_PACKAGE_VERSION_PATCH "${CPACK_PACKAGE_VERSION_PATCH}.${patch_level}") else () set(CPACK_PACKAGE_VERSION_PATCH ${patch_level}) endif () list(REMOVE_AT version_numbers 0) list(LENGTH version_numbers version_length) endwhile () if (APPLE) # Mac PackageMaker package requires only numbers in the versioning string(REGEX REPLACE "[_a-zA-Z-]" "" CPACK_PACKAGE_VERSION_MAJOR ${CPACK_PACKAGE_VERSION_MAJOR}) string(REGEX REPLACE "[_a-zA-Z-]" "" CPACK_PACKAGE_VERSION_MINOR ${CPACK_PACKAGE_VERSION_MINOR}) if (CPACK_PACKAGE_VERSION_PATCH) string(REGEX REPLACE "[_a-zA-Z-]" "" CPACK_PACKAGE_VERSION_PATCH ${CPACK_PACKAGE_VERSION_PATCH}) endif () endif () if (${CMAKE_SYSTEM_NAME} MATCHES "Linux") # RPM version accepts letters, but not dashes. string(REGEX REPLACE "[-]" "." CPACK_PACKAGE_VERSION_MAJOR ${CPACK_PACKAGE_VERSION_MAJOR}) string(REGEX REPLACE "[-]" "." CPACK_PACKAGE_VERSION_MINOR ${CPACK_PACKAGE_VERSION_MINOR}) if (CPACK_PACKAGE_VERSION_PATCH) string(REGEX REPLACE "[-]" "." CPACK_PACKAGE_VERSION_PATCH ${CPACK_PACKAGE_VERSION_PATCH}) endif () endif () # Minimum supported OS X version set(CPACK_OSX_PACKAGE_VERSION 10.5) endmacro(SetPackageVersion) # Sets the list of desired package types to be created by the make # package target. A .tar.gz is only made for source packages, and # binary pacakage format depends on the operating system: # # Darwin - PackageMaker # Linux - RPM if the platform has rpmbuild installed # DEB if the platform has dpkg-shlibdeps installed # # CPACK_GENERATOR is set by this macro # CPACK_SOURCE_GENERATOR is set by this macro macro(SetPackageGenerators) set(CPACK_SOURCE_GENERATOR TGZ) #set(CPACK_GENERATOR TGZ) if (APPLE) list(APPEND CPACK_GENERATOR PackageMaker) elseif (${CMAKE_SYSTEM_NAME} MATCHES "Linux") find_program(RPMBUILD_EXE rpmbuild) find_program(DPKGSHLIB_EXE dpkg-shlibdeps) if (RPMBUILD_EXE) set(CPACK_GENERATOR ${CPACK_GENERATOR} RPM) endif () if (DPKGSHLIB_EXE) set(CPACK_GENERATOR ${CPACK_GENERATOR} DEB) set(CPACK_DEBIAN_PACKAGE_SHLIBDEPS true) endif () endif () endmacro(SetPackageGenerators) # Sets CPACK_PACKAGE_FILE_NAME in the following format: # # --- # # and CPACK_SOURCE_PACKAGE_FILE_NAME as: # # - macro(SetPackageFileName _version) if (PACKAGE_NAME_PREFIX) set(CPACK_PACKAGE_FILE_NAME "${PACKAGE_NAME_PREFIX}-${_version}") set(CPACK_SOURCE_PACKAGE_FILE_NAME "${PACKAGE_NAME_PREFIX}-${_version}") else () set(CPACK_PACKAGE_FILE_NAME "${CMAKE_PROJECT_NAME}-${_version}") set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CMAKE_PROJECT_NAME}-${_version}") endif () set(CPACK_PACKAGE_FILE_NAME "${CPACK_PACKAGE_FILE_NAME}-${CMAKE_SYSTEM_NAME}") if (APPLE) # Only Intel-based Macs are supported. CMAKE_SYSTEM_PROCESSOR may # return the confusing 'i386' if running a 32-bit kernel, but chances # are the binary is x86_64 (or more generally 'Intel') compatible. set(arch "Intel") else () set (arch ${CMAKE_SYSTEM_PROCESSOR}) endif () set(CPACK_PACKAGE_FILE_NAME "${CPACK_PACKAGE_FILE_NAME}-${arch}") endmacro(SetPackageFileName) # Sets up binary package metadata macro(SetPackageMetadata) set(CPACK_PACKAGE_VENDOR "International Computer Science Institute") set(CPACK_PACKAGE_CONTACT "info@bro.org") set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "The Bro Network Intrusion Detection System") # CPack may enforce file name extensions for certain package generators configure_file(${CMAKE_CURRENT_SOURCE_DIR}/README ${CMAKE_CURRENT_BINARY_DIR}/README.txt COPYONLY) configure_file(${CMAKE_CURRENT_SOURCE_DIR}/COPYING ${CMAKE_CURRENT_BINARY_DIR}/COPYING.txt COPYONLY) configure_file(${CMAKE_CURRENT_SOURCE_DIR}/cmake/MAC_PACKAGE_INTRO ${CMAKE_CURRENT_BINARY_DIR}/MAC_PACKAGE_INTRO.txt) set(CPACK_PACKAGE_DESCRIPTION_FILE ${CMAKE_CURRENT_BINARY_DIR}/README.txt) set(CPACK_RESOURCE_FILE_LICENSE ${CMAKE_CURRENT_BINARY_DIR}/COPYING.txt) set(CPACK_RESOURCE_FILE_README ${CMAKE_CURRENT_BINARY_DIR}/README.txt) set(CPACK_RESOURCE_FILE_WELCOME ${CMAKE_CURRENT_BINARY_DIR}/MAC_PACKAGE_INTRO.txt) set(CPACK_RPM_PACKAGE_LICENSE "BSD") set(CPACK_RPM_PACKAGE_GROUP "Applications/System") set(CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION /opt /var /var/opt) endmacro(SetPackageMetadata) # Sets pre and post install scripts for PackageMaker packages. # The main functionality that such scripts offer is a way to make backups # of "configuration" files that a user may have modified. # Note that RPMs already have a robust mechanism for dealing with # user-modified files, so we do not need this additional functionality macro(SetPackageInstallScripts VERSION) if (INSTALLED_CONFIG_FILES) # Remove duplicates from the list of installed config files separate_arguments(INSTALLED_CONFIG_FILES) list(REMOVE_DUPLICATES INSTALLED_CONFIG_FILES) # Space delimit the list again foreach (_file ${INSTALLED_CONFIG_FILES}) set(_tmp "${_tmp} ${_file}") endforeach () set(INSTALLED_CONFIG_FILES "${_tmp}" CACHE STRING "" FORCE) endif () if (${CMAKE_SYSTEM_NAME} MATCHES "Linux") # DEB packages can automatically handle configuration files # if provided in a "conffiles" file in the packaging set(conffiles_file ${CMAKE_CURRENT_BINARY_DIR}/conffiles) if (INSTALLED_CONFIG_FILES) string(REPLACE " " ";" conffiles ${INSTALLED_CONFIG_FILES}) endif () file(WRITE ${conffiles_file} "") foreach (_file ${conffiles}) file(APPEND ${conffiles_file} "${_file}\n") endforeach () list(APPEND CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA ${CMAKE_CURRENT_BINARY_DIR}/conffiles) # RPMs don't need any explicit direction regarding config files. # Leaving the set of installed config files empty will just # bypass the logic in the default pre/post install scripts and let # the RPMs/DEBs do their own thing (regarding backups, etc.) # when upgrading packages. set(INSTALLED_CONFIG_FILES "") endif () if (EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_preinstall.sh.in) configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_preinstall.sh.in ${CMAKE_CURRENT_BINARY_DIR}/package_preinstall.sh @ONLY) configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_preinstall.sh.in ${CMAKE_CURRENT_BINARY_DIR}/preinst @ONLY) set(CPACK_PREFLIGHT_SCRIPT ${CMAKE_CURRENT_BINARY_DIR}/package_preinstall.sh) set(CPACK_RPM_PRE_INSTALL_SCRIPT_FILE ${CMAKE_CURRENT_BINARY_DIR}/package_preinstall.sh) list(APPEND CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA ${CMAKE_CURRENT_BINARY_DIR}/preinst) endif () if (EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_postupgrade.sh.in) configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_postupgrade.sh.in ${CMAKE_CURRENT_BINARY_DIR}/package_postupgrade.sh @ONLY) configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/cmake/package_postupgrade.sh.in ${CMAKE_CURRENT_BINARY_DIR}/postinst @ONLY) set(CPACK_POSTUPGRADE_SCRIPT ${CMAKE_CURRENT_BINARY_DIR}/package_postupgrade.sh) set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE ${CMAKE_CURRENT_BINARY_DIR}/package_postupgrade.sh) list(APPEND CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA ${CMAKE_CURRENT_BINARY_DIR}/postinst) endif () endmacro(SetPackageInstallScripts) # Main macro to configure all the packaging options macro(ConfigurePackaging _version) SetPackageVersion(${_version}) SetPackageGenerators() SetPackageFileName(${_version}) SetPackageMetadata() SetPackageInstallScripts(${_version}) set(CPACK_SET_DESTDIR true) set(CPACK_PACKAGING_INSTALL_PREFIX ${CMAKE_INSTALL_PREFIX}) # add default files/directories to ignore for source package # user may specify others via configure script list(APPEND CPACK_SOURCE_IGNORE_FILES ${CMAKE_BINARY_DIR} ".git") include(CPack) endmacro(ConfigurePackaging) broctl-1.4-minimal/cmake/SetDefaultCompileFlags.cmake0000664002342100234210000000174612535575001022530 0ustar johannajohanna# Set up the default flags and CMake build type once during the configuration # of the top-level CMake project. if ("${PROJECT_SOURCE_DIR}" STREQUAL "${CMAKE_SOURCE_DIR}") set(EXTRA_COMPILE_FLAGS "-Wall -Wno-unused") if ( NOT CMAKE_BUILD_TYPE ) if ( ENABLE_DEBUG ) set(CMAKE_BUILD_TYPE Debug) else () set(CMAKE_BUILD_TYPE RelWithDebInfo) endif () endif () string(TOUPPER ${CMAKE_BUILD_TYPE} _build_type_upper) if ( "${_build_type_upper}" STREQUAL "DEBUG" ) # manual add of -g works around its omission in FreeBSD's CMake port set(EXTRA_COMPILE_FLAGS "${EXTRA_COMPILE_FLAGS} -g -DDEBUG -DBRO_DEBUG") endif () # Compiler flags may already exist in CMake cache (e.g. when specifying # CFLAGS environment variable before running cmake for the the first time) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_COMPILE_FLAGS}") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${EXTRA_COMPILE_FLAGS}") endif () broctl-1.4-minimal/cmake/FindReadline.cmake0000664002342100234210000000274412535575001020525 0ustar johannajohanna# - Try to find readline include dirs and libraries # # Usage of this module as follows: # # find_package(Readline) # # Variables used by this module, they can change the default behaviour and need # to be set before calling find_package: # # Readline_ROOT_DIR Set this variable to the root installation of # readline if the module has problems finding the # proper installation path. # # Variables defined by this module: # # READLINE_FOUND System has readline, include and lib dirs found # Readline_INCLUDE_DIR The readline include directories. # Readline_LIBRARY The readline library. find_path(Readline_ROOT_DIR NAMES include/readline/readline.h ) find_path(Readline_INCLUDE_DIR NAMES readline/readline.h HINTS ${Readline_ROOT_DIR}/include ) find_library(Readline_LIBRARY NAMES readline HINTS ${Readline_ROOT_DIR}/lib ) if(Readline_INCLUDE_DIR AND Readline_LIBRARY AND Ncurses_LIBRARY) set(READLINE_FOUND TRUE) else(Readline_INCLUDE_DIR AND Readline_LIBRARY AND Ncurses_LIBRARY) FIND_LIBRARY(Readline_LIBRARY NAMES readline) include(FindPackageHandleStandardArgs) FIND_PACKAGE_HANDLE_STANDARD_ARGS(Readline DEFAULT_MSG Readline_INCLUDE_DIR Readline_LIBRARY ) MARK_AS_ADVANCED(Readline_INCLUDE_DIR Readline_LIBRARY) endif(Readline_INCLUDE_DIR AND Readline_LIBRARY AND Ncurses_LIBRARY) mark_as_advanced( Readline_ROOT_DIR Readline_INCLUDE_DIR Readline_LIBRARY ) broctl-1.4-minimal/cmake/FindSubnetTree.cmake0000664002342100234210000000144612535575001021060 0ustar johannajohanna# - Determine if the SubnetTree Python module is available # # Usage of this module as follows: # # find_package(PythonInterp REQUIRED) # find_package(SubnetTree) # # Variables defined by this module: # # SUBNETTREE_FOUND Python successfully imports SubnetTree module if (NOT SUBNETTREE_FOUND) execute_process(COMMAND "${PYTHON_EXECUTABLE}" -c "import SubnetTree" RESULT_VARIABLE SUBNETTREE_IMPORT_RESULT) if (SUBNETTREE_IMPORT_RESULT) # python returned non-zero exit status set(SUBNETTREE_PYTHON_MODULE false) else () set(SUBNETTREE_PYTHON_MODULE true) endif () endif () include(FindPackageHandleStandardArgs) find_package_handle_standard_args(SubnetTree DEFAULT_MSG SUBNETTREE_PYTHON_MODULE) broctl-1.4-minimal/doc/0000775002342100234210000000000012535575000014654 5ustar johannajohannabroctl-1.4-minimal/doc/broctl.rst0000664002342100234210000021761712535575000016711 0ustar johannajohanna.. Autogenerated. Do not edit. .. -*- mode: rst-mode -*- .. .. Note: This file includes further autogenerated ones. .. .. Version number is filled in automatically. .. |version| replace:: 1.4 ========== BroControl ========== .. rst-class:: opening This document summarizes installation and use of *BroControl*, Bro's interactive shell for operating Bro installations. *BroControl* has two modes of operation: a *stand-alone* mode for managing a traditional, single-system Bro setup; and a *cluster* mode for maintaining a multi-system setup of coordinated Bro instances load-balancing the work across a set of independent machines. Once installed, the operation is pretty similar for both types; just keep in mind that if this document refers to "nodes" and you're in a stand-alone setup, there is only a single one and no worker/proxies. .. contents:: Download -------- You can find the latest BroControl release for download at http://www.bro.org/download. BroControl's git repository is located at `git://git.bro.org/broctl `_. You can browse the repository `here `_. This document describes BroControl |version|. See the ``CHANGES`` file for version history. Prerequisites ------------- Running BroControl requires the following prerequisites: - A Unix system. FreeBSD, Linux, and Mac OS X are supported and should work out of the box. Other Unix systems will quite likely require some tweaking. Note that in a cluster setup, all systems must be running exactly the *same* operating system. - A version of *Python* >= 2.6 (on FreeBSD, the package "py27-sqlite3" must also be installed). - A *bash* (note in particular, that on FreeBSD, *bash* is not installed by default). - In a cluster setup, *rsync* must be installed on every host in the cluster. - In a cluster setup, *sshd* must be installed and running on every host except the manager, and *ssh* must be installed on the manager. - If *sendmail* is installed (for a cluster setup, it is needed on the manager only), then BroControl can send mail. Otherwise, BroControl will not attempt to send mail. If you're using a load-balancing method such as PF_RING, then there is additional software to install (for details, see the :doc:`Cluster Configuration <../../configuration/index>` documentation). Additionally, in a cluster setup you must have the same user account set up on all hosts, and ``ssh`` access from the manager node to this user account must be setup on all machines, and must work without asking for a password/passphrase (for example, using ssh public key authentication). Finally, on the worker nodes, this user must have access to the target network interface in promiscuous mode. Installation ------------ Follow the directions to install Bro and BroControl according to the instructions in the :doc:`Installing Bro <../../install/install>` documentation. Depending on how you install Bro and BroControl, the files and directories that get installed might be owned by the "root" user. If you want to run BroControl as an ordinary user, then you will need to make sure that the user has write permissions to the "logs" and "spool" directories (and all subdirectories of these directories). Note that if you are planning to run Bro in a cluster configuration, then you need to install Bro and BroControl only on the manager host (the BroControl install_ or deploy_ commands will install Bro and all required scripts to the other hosts in your cluster). For more details on how to configure BroControl in a cluster configuration, see the examples in the :doc:`Cluster Configuration <../../configuration/index>` documentation. Getting Started --------------- BroControl is an interactive interface for managing a Bro installation which allows you to, e.g., start/stop the monitoring or update its configuration. Before actually running BroControl, you first need to edit the ``broctl.cfg``, ``node.cfg``, and ``networks.cfg`` files. In the ``broctl.cfg`` file, you should review the BroControl options and make sure the options are set correctly for your environment (for a description of every BroControl option, see the `Option Reference`_ section below). Next, edit the ``node.cfg`` file and specify the nodes that you will be running. For a description of every option available for nodes, see the `Node`_ section below. Finally, edit the ``networks.cfg`` file and list each network (see the examples in the file for the format to use) that is considered local to the monitored environment. BroControl is started with the ``broctl`` script and then expects commands on its command-line (alternatively, ``broctl`` can also be started with a single command directly on the shell's command line, such as ``broctl help``):: > broctl Welcome to BroControl x.y Type "help" for help. [BroControl] > As the message says, type help_ to see a list of all commands. We will now briefly summarize the most important commands. A full reference follows `Command Reference`_. The config_ command gives a list of all BroControl options with their current values. This can be useful when troubleshooting a problem to check if an option has the expected value. If this is the first time you are running BroControl, then the first command you must run is the BroControl deploy_ command. The "deploy" command will make sure all of the files needed by BroControl and Bro are brought up-to-date based on the configuration specified in the ``broctl.cfg``, ``node.cfg``, and ``networks.cfg`` files. It will also check if there are any syntax errors in your Bro policy scripts. For a cluster setup it will copy all of the required scripts and executables to all the other hosts in your cluster. Then it will successively start manager, proxies, and workers (for a standalone configuration, only one Bro instance will be started). The status_ command can be used to check that all nodes are "running". If any nodes have a status of "crashed", then use the diag_ command to see diagnostic information (you can specify the name of a crashed node as an argument to the diag command to show diagnostics for only that one node). To stop the monitoring, issue the stop_ command. After all nodes have stopped, the status_ command should show all nodes as "stopped". exit_ leaves the shell (you can also exit BroControl while Bro nodes are running). Whenever the BroControl or Bro configuration is modified in any way, including changes to configuration files and site-specific policy scripts or upgrading to a new version of Bro, deploy_ must be run (deploy will check all policy scripts, install all needed files, and restart Bro). No changes will take effect until deploy_ is run. Log Files --------- On the manager system (and on the stand-alone system), you find the current set of (aggregated) logs in ``logs/current`` (which is a symlink to the corresponding spool directory). The logs are archived in ``logs/``, by default once per hour. Log files of workers and proxies are discarded at the same rotation interval. If, for some reason, log files are not able to be archived (you would notice this by seeing a gap in the set of logs in the ``logs/`` directory), you can search for unarchived logs with a command like this:: find spool -name "*.log" If you see any logs in a subdirectory of ``spool/tmp/``, then those were moved there when Bro previously stopped or crashed. If Bro is still running, then there might be rotated logs (i.e., logs with filenames containing a timestamp) in Bro's working directory. Additionally, when broctl starts Bro, it creates two files "stdout.log" and "stderr.log". These files are sometimes useful to debug problems, because they might contain error messages from Bro or from the script which archives log files. Site-specific Customization --------------------------- You'll most likely want to adapt the Bro policy to the local environment and generally site-specific tuning requires writing local policy scripts. Sample local policy scripts (which you can edit) are located in ``share/bro/site``. In the stand-alone setup, a single file called ``local.bro`` gets loaded automatically. In the cluster setup, the same ``local.bro`` gets loaded, followed by one of three other files: ``local-manager.bro``, ``local-worker.bro``, and ``local-proxy.bro`` are loaded by the manager, workers, and proxy, respectively. The recommended way to modify the policy is to use only "@load" directives in the ``local.bro`` scripts. For example, you can add a "@load" directive to load a Bro policy script that is included with Bro but is not loaded by default. You can also create custom site-specific policy scripts in the same directory as the ``local.bro`` scripts, and "@load" them from one of the ``local.bro`` scripts. For example, you could create your own Bro script ``mypolicy.bro`` in the ``share/bro/site`` directory, and then add a line "@load mypolicy" (without the quotes) to the ``local.bro`` script. Note that in a cluster setup, notice filtering should be done only on the manager. After creating or modifying your local policy scripts, you must install them by using the broctl "install" or "deploy" command. Next, you can use the broctl "scripts" command to verify that your new scripts will be loaded when you start Bro. If you want to change which local policy scripts are loaded by the nodes, you can set SitePolicyStandalone_ for all Bro instances, SitePolicyManager_ for the manager, and SitePolicyWorker_ for the workers. To change the directory where local policy scripts are located, set the option SitePolicyPath_ to a different path. These options can be changed in the ``broctl.cfg`` file. Load Order of Scripts ~~~~~~~~~~~~~~~~~~~~~ When writing custom site-specific policy scripts, it can sometimes be useful to know in which order the scripts are loaded (the broctl "scripts" command shows the load order of every script loaded by Bro). For example, if more than one script sets a value for the same global variable, then the value that takes effect is the one set by the last such script loaded. When broctl starts Bro, the first script loaded is init-bare.bro, followed by init-default.bro (keep in mind that each of these scripts loads many other scripts). Next, the local.bro script is loaded. This provides for a common set of loaded scripts for all nodes. Next, the "broctl" script package is loaded. This consists of some standard settings that broctl needs. In a cluster setup, one of the following scripts are loaded: local-manager.bro, local-proxy.bro, or local-worker.bro. The next scripts loaded are ``local-networks.bro`` and ``broctl-config.bro``. These scripts are automatically generated by BroControl based on the contents of the ``networks.cfg`` and ``broctl.cfg`` files. The last scripts loaded are any node-specific scripts specified with the option ``aux_scripts`` in ``node.cfg``. This option can be used to load additional scripts to individual nodes only. For example, one could add a script ``experimental.bro`` to a single worker for trying out new experimental code. Miscellaneous ------------- Mails ~~~~~ BroControl sends three types of mails to the address given in ``MailTo``: 1. When the ``cron`` command runs it performs various tasks (such as checking available disk space, expiring old log files, etc.). If any problems occur, a list of those issues will be sent. 2. When the ``cron`` command notices that a node has crashed, it restarts it and sends a notification. It may also send a more detailed crash report containing information about the crash. 3. If `trace-summary `_ is installed, a traffic summary is sent each rotation interval. This can be disabled by setting ``MailConnectionSummary=0``. Command Reference ----------------- The following summary lists all commands supported by BroControl. All commands may be either entered interactively or specified on the shell's command line. If not specified otherwise, commands taking *[]* as arguments apply their action either to the given set of nodes, to the manager node if "manager" is given, to all proxy nodes if "proxies" is given, to all worker nodes if "workers" is given, or to all nodes if none are given. .. _capstats: *capstats* *[] []* Determines the current load on the network interfaces monitored by each of the given worker nodes. The load is measured over the specified interval (in seconds), or by default over 10 seconds. This command uses the :doc:`capstats<../../components/capstats/README>` tool, which is installed along with ``broctl``. .. _check: *check* *[]* Verifies a modified configuration in terms of syntactical correctness (most importantly correct syntax in policy scripts). This command should be executed for each configuration change *before* install_ is used to put the change into place. The ``check`` command uses the policy files as found in SitePolicyPath_ to make sure they compile correctly. If they do, install_ will then copy them over to an internal place from where the nodes will read them at the next start_. This approach ensures that new errors in a policy script will not affect currently running nodes, even when one or more of them needs to be restarted. .. _cleanup: *cleanup* *[--all] []* Clears the nodes' spool directories (if they are not running currently). This implies that their persistent state is flushed. Nodes that were crashed are reset into *stopped* state. If ``--all`` is specified, this command also removes the content of the node's TmpDir_, in particular deleteing any data potentially saved there for reference from previous crashes. Generally, if you want to reset the installation back into a clean state, you can first stop_ all nodes, then execute ``cleanup --all``, and finally start_ all nodes again. .. _config: *config* Prints all configuration options with their current values. .. _cron: *cron* *[enable|disable|?] | [--no-watch]* This command has two modes of operation. Without arguments (or just ``--no-watch``), it performs a set of maintenance tasks, including the logging of various statistical information, expiring old log files, checking for dead hosts, and restarting nodes which terminated unexpectedly (the latter can be suppressed with the ``--no-watch`` option if no auto-restart is desired). This mode is intended to be executed regularly via *cron*, as described in the installation instructions. While not intended for interactive use, no harm will be caused by executing the command manually: all the maintenance tasks will then just be performed one more time. The second mode is for interactive usage and determines if the regular tasks are indeed performed when ``broctl cron`` is executed. In other words, even with ``broctl cron`` in your crontab, you can still temporarily disable it by running ``cron disable``, and then later reenable with ``cron enable``. This can be helpful while working, e.g., on the BroControl configuration and ``cron`` would interfere with that. ``cron ?`` can be used to query the current state. .. _deploy: *deploy* Checks for errors in Bro policy scripts, then does an install followed by a restart on all nodes. This command should be run after any changes to Bro policy scripts or the broctl configuration, and after Bro is upgraded or even just recompiled. This command is equivalent to running the check_, install_, and restart_ commands, in that order. .. _df: *df* *[]* Reports the amount of disk space available on the nodes. Shows only paths relevant to the broctl installation. .. _diag: *diag* *[]* If a node has terminated unexpectedly, this command prints a (somewhat cryptic) summary of its final state including excerpts of any stdout/stderr output, resource usage, and also a stack backtrace if a core dump is found. The same information is sent out via mail when a node is found to have crashed (the "crash report"). While the information is mainly intended for debugging, it can also help to find misconfigurations (which are usually, but not always, caught by the check_ command). .. _exec: *exec* ** Executes the given Unix shell command line on all hosts configured to run at least one Bro instance. This is handy to quickly perform an action across all systems. .. _exit: *exit* Terminates the shell. .. _help: *help* Prints a brief summary of all commands understood by the shell. .. _install: *install* *[--local]* Reinstalls on all nodes (unless the ``--local`` option is given, in which case nothing will be propagated to other nodes), including all configuration files and local policy scripts. Usually all nodes should be reinstalled at the same time, as any inconsistencies between them will lead to strange effects. This command must be executed after *all* changes to any part of the broctl configuration (and after upgrading to a new version of Bro or BroControl), otherwise the modifications will not take effect. Before executing ``install``, it is recommended to verify the configuration with check_. .. _netstats: *netstats* *[]* Queries each of the nodes for their current counts of captured and dropped packets. .. _nodes: *nodes* Prints a list of all configured nodes. .. _peerstatus: *peerstatus* *[]* Primarily for debugging, ``peerstatus`` reports statistics about the network connections cluster nodes are using to communicate with other nodes. .. _print: *print* * []* Reports the *current* live value of the given Bro script ID on all of the specified nodes (which obviously must be running). This can for example be useful to (1) check that policy scripts are working as expected, or (2) confirm that configuration changes have in fact been applied. Note that IDs defined inside a Bro namespace must be prefixed with ``::`` (e.g., ``print HTTP::mime_types_extensions`` to print the corresponding table from ``file-ident.bro``). .. _process: *process* * [options] [-- ]* Runs Bro offline on a given trace file using the same configuration as when running live. It does, however, use the potentially not-yet-installed policy files in SitePolicyPath_ and disables log rotation. Additional Bro command line flags and scripts can be given (each argument after a ``--`` argument is interpreted as a script). Upon completion, the command prints a path where the log files can be found. Subsequent runs of this command may delete these logs. In cluster mode, Bro is run with *both* manager and worker scripts loaded into a single instance. While that doesn't fully reproduce the live setup, it is often sufficient for debugging analysis scripts. .. _quit: *quit* Terminates the shell. .. _restart: *restart* *[--clean] []* Restarts the given nodes, or all nodes if none are specified. The effect is the same as first executing stop_ followed by a start_, giving the same nodes in both cases. If ``--clean`` is given, the installation is reset into a clean state before restarting. More precisely, a ``restart --clean`` turns into the command sequence stop_, cleanup_, check_, install_, and start_. .. _scripts: *scripts* *[-c] []* Primarily for debugging Bro configurations, the ``scripts`` command lists all the Bro scripts loaded by each of the nodes in the order they will be parsed by the node at startup. If ``-c`` is given, the command operates as check_ does: it reads the policy files from their *original* location, not the copies installed by install_. The latter option is useful to check a not yet installed configuration. .. _start: *start* *[]* Starts the given nodes, or all nodes if none are specified. Nodes already running are left untouched. .. _status: *status* *[]* Prints the current status of the given nodes. .. _stop: *stop* *[]* Stops the given nodes, or all nodes if none are specified. Nodes not running are left untouched. .. _top: *top* *[]* For each of the nodes, prints the status of the two Bro processes (parent process and child process) in a *top*-like format, including CPU usage and memory consumption. If executed interactively, the display is updated frequently until key ``q`` is pressed. If invoked non-interactively, the status is printed only once. .. _update: *update* *[]* After a change to Bro policy scripts, this command updates the Bro processes on the given nodes *while they are running* (i.e., without requiring a restart_). However, such dynamic updates work only for a *subset* of Bro's full configuration. The following changes can be applied on the fly: The value of all const variables defined with the ``&redef`` attribute can be changed. More extensive script changes are not possible during runtime and always require a restart; if you change more than just the values of ``&redef``-able consts and still issue ``update``, the results are undefined and can lead to crashes. Also note that before running ``update``, you still need to do an install_ (preferably after check_), as otherwise ``update`` will not see the changes and it will resend the old configuration. Option Reference ---------------- This section summarizes the options that can be set in ``broctl.cfg`` for customizing the behavior of BroControl (the option names are case-insensitive). Usually, one only needs to change the "user options", which are listed first. The "internal options" are, as the name suggests, primarily used internally and set automatically. They are documented here only for reference. User Options ~~~~~~~~~~~~ .. _BroArgs: *BroArgs* (string, default _empty_) Additional arguments to pass to Bro on the command-line. .. _BroPort: *BroPort* (int, default 47760) The TCP port number that Bro will listen on. For a cluster configuration, each node in the cluster will automatically be assigned a subsequent port to listen on. .. _CFlowAddress: *CFlowAddress* (string, default _empty_) If a cFlow load-balancer is used, the address of the device (format: :). .. _CFlowPassword: *CFlowPassword* (string, default _empty_) If a cFlow load-balancer is used, the password for accessing its configuration interface. .. _CFlowUser: *CFlowUser* (string, default _empty_) If a cFlow load-balancer is used, the user name for accessing its configuration interface. .. _CommTimeout: *CommTimeout* (int, default 10) The number of seconds to wait before assuming Broccoli communication events have timed out. .. _CommandTimeout: *CommandTimeout* (int, default 60) The number of seconds to wait for a command to return results. .. _CompressCmd: *CompressCmd* (string, default "gzip -9") If archived logs will be compressed, the command to use for that. The specified command must compress its standard input to standard output. .. _CompressExtension: *CompressExtension* (string, default "gz") If archived logs will be compressed, the file extension to use on compressed log files. When specifying a file extension, don't include the period character (e.g., specify 'gz' instead of '.gz'). .. _CompressLogs: *CompressLogs* (bool, default 1) True to compress archived log files. .. _CronCmd: *CronCmd* (string, default _empty_) A custom command to run everytime the cron command has finished. .. _Debug: *Debug* (bool, default 0) Enable extensive debugging output in spool/debug.log. .. _Env_Vars: *Env_Vars* (string, default _empty_) A comma-separated list of environment variables (e.g. env_vars=VAR1=123, VAR2=456) to set on all nodes immediately before starting Bro. Node-specific values (specified in the node configuration file) override these global values. .. _HaveNFS: *HaveNFS* (bool, default 0) True if shared files are mounted across all nodes via NFS (see the FAQ_). .. _IPv6Comm: *IPv6Comm* (bool, default 1) Enable IPv6 communication between cluster nodes (and also between them and BroControl). This overrides the Bro script variable Communication::listen_ipv6. .. _KeepLogs: *KeepLogs* (string, default _empty_) A space-separated list of filename shell patterns of expired log files to keep (empty string means don't keep any expired log files). The filename shell patterns are not regular expressions and do not include any directories. For example, specifying 'conn.* dns*' will prevent any expired log files with filenames starting with 'conn.' or 'dns' from being removed. Finally, note that this option is ignored if log files never expire. .. _LogDir: *LogDir* (string, default "$\{BroBase}/logs") Directory for archived log files. .. _LogExpireInterval: *LogExpireInterval* (int, default 0) Number of days log files are kept (zero means log files never expire). .. _LogRotationInterval: *LogRotationInterval* (int, default 3600) The frequency of log rotation in seconds for the manager/standalone node (zero to disable rotation). This overrides the Bro script variable Log::default_rotation_interval. .. _MailAlarmsInterval: *MailAlarmsInterval* (int, default 86400) The frequency (in seconds) of sending alarm summary mails (zero to disable). This overrides the Bro script variable Log::default_mail_alarms_interval. .. _MailAlarmsTo: *MailAlarmsTo* (string, default "$\{MailTo}") Destination address for alarm summary mails. Default is to use the same address as MailTo. This overrides the Bro script variable Notice::mail_dest_pretty_printed. .. _MailConnectionSummary: *MailConnectionSummary* (bool, default 1) True to mail connection summary reports each log rotation interval (if false, then connection summary reports will still be generated and archived, but they will not be mailed). However, this option has no effect if the trace-summary script is not available. .. _MailFrom: *MailFrom* (string, default "Big Brother ") Originator address for mails. This overrides the Bro script variable Notice::mail_from. .. _MailHostUpDown: *MailHostUpDown* (bool, default 1) True to enable sending mail when broctl cron notices the availability of a host in the cluster to have changed. .. _MailReplyTo: *MailReplyTo* (string, default _empty_) Reply-to address for broctl-generated mails. .. _MailSubjectPrefix: *MailSubjectPrefix* (string, default "[Bro]") General Subject prefix for mails. This overrides the Bro script variable Notice::mail_subject_prefix. .. _MailTo: *MailTo* (string, default "") Destination address for non-alarm mails. This overrides the Bro script variable Notice::mail_dest. .. _MakeArchiveName: *MakeArchiveName* (string, default "$\{BroBase}/share/broctl/scripts/make-archive-name") Script to generate filenames for archived log files. .. _MemLimit: *MemLimit* (string, default "unlimited") Maximum amount of memory for Bro processes to use (in KB, or the string 'unlimited'). .. _MinDiskSpace: *MinDiskSpace* (int, default 5) Percentage of minimum disk space available before warning is mailed. .. _PFRINGClusterID: *PFRINGClusterID* (int, default @PF_RING_CLUSTER_ID@) If PF_RING flow-based load balancing is desired, this is where the PF_RING cluster id is defined. The default value is configuration-dependent and determined automatically by CMake at configure-time based upon whether PF_RING's enhanced libpcap is available. Bro must be linked with PF_RING's libpcap wrapper for this option to work. .. _PFRINGClusterType: *PFRINGClusterType* (string, default "4-tuple") If PF_RING flow-based load balancing is desired, this is where the PF_RING cluster type is defined. Allowed values are: 2-tuple, 4-tuple, 5-tuple, tcp-5-tuple, 6-tuple, or round-robin. Bro must be linked with PF_RING's libpcap wrapper and PFRINGClusterID must be non-zero for this option to work. .. _PFRINGFirstAppInstance: *PFRINGFirstAppInstance* (int, default 0) The first application instance for a PF_RING dnacluster interface to use. Broctl will start at this application instance number and increment for each new process running on that DNA cluster. Bro must be linked with PF_RING's libpcap wrapper, PFRINGClusterID must be non-zero, and you must be using PF_RING+DNA and libzero for this option to work. .. _Prefixes: *Prefixes* (string, default "local") Additional script prefixes for Bro, separated by colons. Use this instead of @prefix. .. _SaveTraces: *SaveTraces* (bool, default 0) True to let backends capture short-term traces via '-w'. These are not archived but might be helpful for debugging. .. _SendMail: *SendMail* (string, default "@SENDMAIL@") Location of the sendmail binary. Make this string blank to prevent email from being sent. The default value is configuration-dependent and determined automatically by CMake at configure-time. This overrides the Bro script variable Notice::sendmail. .. _SitePluginPath: *SitePluginPath* (string, default _empty_) Directories to search for custom plugins (i.e., plugins that are not included with broctl), separated by colons. .. _SitePolicyManager: *SitePolicyManager* (string, default "local-manager.bro") Space-separated list of local policy files for manager. .. _SitePolicyPath: *SitePolicyPath* (string, default "$\{PolicyDir}/site") Directories to search for local (i.e., site-specific) policy files, separated by colons. For each such directory, all files and subdirectories are copied to PolicyDirSiteInstall during broctl 'install' or 'deploy' (however, if the same file or subdirectory is found in more than one such directory, then only the first one encountered will be used). .. _SitePolicyStandalone: *SitePolicyStandalone* (string, default "local.bro") Space-separated list of local policy files for all Bro instances. .. _SitePolicyWorker: *SitePolicyWorker* (string, default "local-worker.bro") Space-separated list of local policy files for workers. .. _StatsLogEnable: *StatsLogEnable* (bool, default 1) True to enable BroControl to write statistics to the stats.log file. .. _StatsLogExpireInterval: *StatsLogExpireInterval* (int, default 0) Number of days entries in the stats.log file are kept (zero means never expire). .. _StatusCmdShowAll: *StatusCmdShowAll* (bool, default 1) True to have the status command show all output, or False to show only some of the output (peer information will not be collected or shown, so the command will run faster). .. _StopTimeout: *StopTimeout* (int, default 60) The number of seconds to wait before sending a SIGKILL to a node which was previously issued the 'stop' command but did not terminate gracefully. .. _TimeFmt: *TimeFmt* (string, default "%d %b %H:%M:%S") Format string to print date/time specifications (see 'man strftime'). .. _TimeMachineHost: *TimeMachineHost* (string, default _empty_) If the manager should connect to a Time Machine, the address of the host it is running on. .. _TimeMachinePort: *TimeMachinePort* (string, default "47757/tcp") If the manager should connect to a Time Machine, the port it is running on (in Bro syntax, e.g., 47757/tcp). .. _ZoneID: *ZoneID* (string, default _empty_) If the host running BroControl is managing a cluster comprised of nodes with non-global IPv6 addresses, this option indicates what :rfc:`4007` zone_id to append to node addresses when communicating with them. Internal Options ~~~~~~~~~~~~~~~~ .. _BinDir: *BinDir* (string, default "$\{BroBase}/bin") Directory for executable files. .. _BroBase: *BroBase* (string, default _empty_) Base path of broctl installation on all nodes. .. _CapstatsPath: *CapstatsPath* (string, default "$\{bindir}/capstats") Path to capstats binary; empty if not available. .. _CfgDir: *CfgDir* (string, default "$\{BroBase}/etc") Directory for configuration files. .. _DebugLog: *DebugLog* (string, default "$\{SpoolDir}/debug.log") Log file for debugging information. .. _HelperDir: *HelperDir* (string, default "$\{BroBase}/share/broctl/scripts/helpers") Directory for broctl helper scripts. .. _LibDir: *LibDir* (string, default "$\{BroBase}/lib") Directory for library files. .. _LibDirInternal: *LibDirInternal* (string, default "$\{BroBase}/lib/broctl") Directory for broctl-specific library files. .. _LocalNetsCfg: *LocalNetsCfg* (string, default "$\{CfgDir}/networks.cfg") File defining the local networks. .. _LockFile: *LockFile* (string, default "$\{SpoolDir}/lock") Lock file preventing concurrent shell operations. .. _NodeCfg: *NodeCfg* (string, default "$\{CfgDir}/node.cfg") Node configuration file. .. _OS: *OS* (string, default _empty_) Name of operating system as reported by uname. .. _PluginDir: *PluginDir* (string, default "$\{LibDirInternal}/plugins") Directory where standard plugins are located. .. _PolicyDir: *PolicyDir* (string, default "$\{BroScriptDir}") Directory for standard policy files. .. _PolicyDirSiteInstall: *PolicyDirSiteInstall* (string, default "$\{SpoolDir}/installed-scripts-do-not-touch/site") Directory where the shell copies local (i.e., site-specific) policy scripts when installing. .. _PolicyDirSiteInstallAuto: *PolicyDirSiteInstallAuto* (string, default "$\{SpoolDir}/installed-scripts-do-not-touch/auto") Directory where the shell copies auto-generated local policy scripts when installing. .. _PostProcDir: *PostProcDir* (string, default "$\{BroBase}/share/broctl/scripts/postprocessors") Directory for log postprocessors. .. _ScriptsDir: *ScriptsDir* (string, default "$\{BroBase}/share/broctl/scripts") Directory for executable scripts shipping as part of broctl. .. _SpoolDir: *SpoolDir* (string, default "$\{BroBase}/spool") Directory for run-time data. .. _StandAlone: *StandAlone* (bool, default 0) True if running in stand-alone mode (see elsewhere). .. _StateFile: *StateFile* (string, default "$\{SpoolDir}/state.db") File storing the current broctl state. .. _StaticDir: *StaticDir* (string, default "$\{BroBase}/share/broctl") Directory for static, arch-independent files. .. _StatsDir: *StatsDir* (string, default "$\{LogDir}/stats") Directory where statistics are kept. .. _StatsLog: *StatsLog* (string, default "$\{SpoolDir}/stats.log") Log file for statistics. .. _Time: *Time* (string, default _empty_) Path to time binary. .. _TmpDir: *TmpDir* (string, default "$\{SpoolDir}/tmp") Directory for temporary data. .. _TmpExecDir: *TmpExecDir* (string, default "$\{SpoolDir}/tmp") Directory where binaries are copied before execution. This option is ignored if HaveNFS is 0. .. _TraceSummary: *TraceSummary* (string, default "$\{bindir}/trace-summary") Path to trace-summary script (empty if not available). Make this string blank to disable the connection summary reports. .. _Version: *Version* (string, default _empty_) Version of the broctl. Plugins ------- BroControl provides a plugin interface to extend its functionality. A plugin is written in Python and can do any, or all, of the following: * Perform actions before or after any of the standard BroControl commands is executed. When running before the actual command, it can filter which nodes to operate or stop the execution altogether. When running after the command, it gets access to the commands success status on a per-node basis (where applicable). * Add custom commands to BroControl. * Add custom options to BroControl defined in ``broctl.cfg``. * Add custom keys to nodes defined in ``node.cfg``. A plugin is written by deriving a new class from BroControl class `Plugin`_. The Python script with the new plugin is then copied into a plugin directory searched by BroControl at startup. By default, BroControl searches ``/lib/broctl/plugins``; additional directories may be configured by setting the SitePluginPath_ option. Note that any plugin script must end in ``*.py`` to be found. BroControl comes with some example plugins that can be used as a starting point; see the ``/lib/broctl/plugins`` directory. In the following, we document the API that is available to plugins. A plugin must be derived from the `Plugin`_ class, and can use its methods as well as those of the `Node`_ class. .. _Plugin: Class ``Plugin`` ~~~~~~~~~~~~~~~~ class **Plugin** The class ``Plugin`` is the base class for all BroControl plugins. The class has a number of methods for plugins to override, and every plugin must at least override ``name()`` and ``pluginVersion()``. For each BroControl command ``foo``, there are two methods, ``cmd_foo_pre`` and ``cmd_foo_post``, that are called just before the command is executed and just after it has finished, respectively. The arguments these methods receive correspond to their command-line parameters, and are further documented below. The ``cmd__pre`` methods have the ability to prevent the command's execution, either completely or partially for those commands that take nodes as parameters. In the latter case, the method receives a list of nodes that the command is to be run on, and it can filter that list and returns modified version of nodes to actually use. The standard case would be returning simply the unmodified ``nodes`` parameter. To completely block the command's execution, return an empty list. To just not execute the command for a subset, remove the affected ones. For commands that do not receive nodes as arguments, the return value is interpreted as boolean indicating whether command execution should proceed (True) or not (False). The ``cmd__post`` methods likewise receive the commands arguments as their parameter, as documented below. For commands taking nodes, the list corresponds to those nodes for which the command was actually executed (i.e., after any ``cmd__pre`` filtering). Note that if a plugin prevents a command from executing either completely or partially, it should report its reason via the ``message()`` or ``error()`` methods. If multiple plugins hook into the same command, all their ``cmd__{pre,post}`` are executed in undefined order. The command is executed on the intersection of all ``cmd__pre`` results. Finally, note that the ``restart`` command is just a combination of other commands and thus their callbacks are run in addition to the callbacks for ``restart``. .. _Plugin.debug: **debug** (self, msg) Logs a debug message in BroControl's debug log if enabled. .. _Plugin.error: **error** (self, msg) Reports an error to the user. .. _Plugin.execute: **execute** (self, node, cmd) Executes a command on the host for the given *node* of type `Node`_. Returns a tuple ``(success, output)`` in which ``success`` is True if the command ran successfully and ``output`` is the combined stdout/stderr output. .. _Plugin.executeParallel: **executeParallel** (self, cmds) Executes a set of commands in parallel on multiple hosts. ``cmds`` is a list of tuples ``(node, cmd)``, in which the *node* is a `Node`_ instance and *cmd* is a string with the command to execute for it. The method returns a list of tuples ``(node, success, output)``, in which ``success`` is True if the command ran successfully and ``output`` is the combined stdout/stderr output for the corresponding ``node``. .. _Plugin.getGlobalOption: **getGlobalOption** (self, name) Returns the value of the global BroControl option or state attribute *name*. If the user has not set the options, its default value is returned. See the output of ``broctl config`` for a complete list. .. _Plugin.getOption: **getOption** (self, name) Returns the value of one of the plugin's options, *name*. The returned value will always be a string. An option has a default value (see *options()*), which can be overridden by a user in ``broctl.cfg``. An option's value cannot be changed by the plugin. .. _Plugin.getState: **getState** (self, name) Returns the current value of one of the plugin's state variables, *name*. The returned value will always be a string. If it has not yet been set, an empty string will be returned. Different from options, state variables can be set by the plugin. They are persistent across restarts. Note that a plugin cannot query any global BroControl state variables. .. _Plugin.hosts: **hosts** (self, nodes) Returns a list of Node_ objects which is a subset of the list in *nodes*, such that only one node per host will be chosen. If *nodes* is empty, then the returned list will be a subset of the entire list of configured nodes. .. _Plugin.message: **message** (self, msg) Reports a message to the user. .. _Plugin.nodes: **nodes** (self) Returns a list of all configured `Node`_ objects. .. _Plugin.parseNodes: **parseNodes** (self, names) Returns a tuple which contains two lists. The first list is a list of `Node`_ objects for a string of space-separated node names. If a name does not correspond to a known node, then the name is added to the second list in the returned tuple. .. _Plugin.setState: **setState** (self, name, value) Sets one of the plugin's state variables, *name*, to *value*. *value* must be a string. The change is permanent and will be recorded to disk. Note that a plugin cannot change any global BroControl state variables. .. _Plugin.broProcessDied: **broProcessDied** (self, node) Called when BroControl finds the Bro process for Node_ *node* to have terminated unexpectedly. This method will be called just before BroControl prepares the node's "crash report" and before it cleans up the node's spool directory. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_capstats_post: **cmd_capstats_post** (self, nodes, interval) Called just after the ``capstats`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_capstats_pre: **cmd_capstats_pre** (self, nodes, interval) Called just before the ``capstats`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. *interval* is an integer with the measurement interval in seconds. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_check_post: **cmd_check_post** (self, results) Called just after the ``check`` command has finished. It receives the list of 2-tuples ``(node, bool)`` indicating the nodes the command was executed for, along with their success status. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_check_pre: **cmd_check_pre** (self, nodes) Called just before the ``check`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_cleanup_post: **cmd_cleanup_post** (self, nodes, all) Called just after the ``cleanup`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_cleanup_pre: **cmd_cleanup_pre** (self, nodes, all) Called just before the ``cleanup`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. *all* is boolean indicating whether the ``--all`` argument has been given. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_config_post: **cmd_config_post** (self) Called just after the ``config`` command has finished. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_config_pre: **cmd_config_pre** (self) Called just before the ``config`` command is run. Returns a boolean indicating whether or not the command should run. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_cron_post: **cmd_cron_post** (self, arg, watch) Called just after the ``cron`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_cron_pre: **cmd_cron_pre** (self, arg, watch) Called just before the ``cron`` command is run. *arg* is an empty string if the command is executed without arguments. Otherwise, it is one of the strings: ``enable``, ``disable``, ``?``. *watch* is a boolean indicating whether the ``cron`` command should restart abnormally terminated Bro processes; it's only valid if *arg* is empty. Returns a boolean indicating whether or not the ``cron`` command should run. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_custom: **cmd_custom** (self, cmd, args, cmdout) Called when a command defined by the ``commands`` method is executed. *cmd* is the command (without the plugin's prefix), and *args* is a single string with all arguments. If the arguments are actually node names, ``parseNodes`` can be used to get the `Node`_ objects. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_deploy_post: **cmd_deploy_post** (self) Called just after the ``deploy`` command has finished. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_deploy_pre: **cmd_deploy_pre** (self) Called just before the ``deploy`` command is run. Returns a boolean indicating whether or not the command should run. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_df_post: **cmd_df_post** (self, nodes) Called just after the ``df`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_df_pre: **cmd_df_pre** (self, nodes) Called just before the ``df`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_diag_post: **cmd_diag_post** (self, nodes) Called just after the ``diag`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_diag_pre: **cmd_diag_pre** (self, nodes) Called just before the ``diag`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_exec_post: **cmd_exec_post** (self, cmdline) Called just after the ``exec`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_exec_pre: **cmd_exec_pre** (self, cmdline) Called just before the ``exec`` command is run. *cmdline* is a string with the command line to execute. Returns a boolean indicating whether or not the ``exec`` command should run. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_install_post: **cmd_install_post** (self) Called just after the ``install`` command has finished. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_install_pre: **cmd_install_pre** (self) Called just before the ``install`` command is run. Returns a boolean indicating whether or not the command should run. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_netstats_post: **cmd_netstats_post** (self, nodes) Called just after the ``netstats`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_netstats_pre: **cmd_netstats_pre** (self, nodes) Called just before the ``netstats`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_nodes_post: **cmd_nodes_post** (self) Called just after the ``nodes`` command has finished. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_nodes_pre: **cmd_nodes_pre** (self) Called just before the ``nodes`` command is run. Returns a boolean indicating whether or not the command should run. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_peerstatus_post: **cmd_peerstatus_post** (self, nodes) Called just after the ``peerstatus`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_peerstatus_pre: **cmd_peerstatus_pre** (self, nodes) Called just before the ``peerstatus`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_print_post: **cmd_print_post** (self, nodes, id) Called just after the ``print`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_print_pre: **cmd_print_pre** (self, nodes, id) Called just before the ``print`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. *id* is a string with the name of the ID to be printed. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_process_post: **cmd_process_post** (self, trace, options, scripts, success) Called just after the ``process`` command has finished. Arguments are as with the ``pre`` method, plus an additional boolean *success* indicating whether Bro terminated normally. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_process_pre: **cmd_process_pre** (self, trace, options, scripts) Called just before the ``process`` command is run. It receives the *trace* to read from as a string, a list of additional Bro *options*, and a list of additional Bro *scripts*. Returns a boolean indicating whether or not the ``process`` command should run. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_restart_post: **cmd_restart_post** (self, nodes) Called just after the ``restart`` command has finished. It receives a list of *nodes* indicating the nodes on which the command was executed. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_restart_pre: **cmd_restart_pre** (self, nodes, clean) Called just before the ``restart`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. *clean* is boolean indicating whether the ``--clean`` argument has been given. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_scripts_post: **cmd_scripts_post** (self, nodes, check) Called just after the ``scripts`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_scripts_pre: **cmd_scripts_pre** (self, nodes, check) Called just before the ``scripts`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. *check* is boolean indicating whether the ``-c`` option was given. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_start_post: **cmd_start_post** (self, results) Called just after the ``start`` command has finished. It receives the list of 2-tuples ``(node, bool)`` indicating the nodes the command was executed for, along with their success status. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_start_pre: **cmd_start_pre** (self, nodes) Called just before the ``start`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_status_post: **cmd_status_post** (self, nodes) Called just after the ``status`` command has finished. Arguments are as with the ``pre`` method. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_status_pre: **cmd_status_pre** (self, nodes) Called just before the ``status`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_stop_post: **cmd_stop_post** (self, results) Called just after the ``stop`` command has finished. It receives the list of 2-tuples ``(node, bool)`` indicating the nodes the command was executed for, along with their success status. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_stop_pre: **cmd_stop_pre** (self, nodes) Called just before the ``stop`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_top_post: **cmd_top_post** (self, nodes) Called just after the ``top`` command has finished. Arguments are as with the ``pre`` method. Note that when ``top`` is run interactively to auto-refresh continuously, this method will be called once after each update. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_top_pre: **cmd_top_pre** (self, nodes) Called just before the ``top`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. Note that when ``top`` is run interactively to auto-refresh continuously, this method will be called once before each update. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_update_post: **cmd_update_post** (self, results) Called just after the ``update`` command has finished. It receives the list of 2-tuples ``(node, bool)`` indicating the nodes the command was executed for, along with their success status. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.cmd_update_pre: **cmd_update_pre** (self, nodes) Called just before the ``update`` command is run. It receives the list of nodes, and returns the list of nodes that should proceed with the command. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.commands: **commands** (self) Returns a set of custom commands provided by the plugin. The return value is a list of 3-tuples each having the following elements: ``command`` A string with the command's name. Note that the command name exposed to the user will be prefixed with the plugin's prefix as returned by *prefix()* (e.g., ``myplugin.mycommand``). ``arguments`` A string describing the command's arguments in a textual form suitable for use in the ``help`` command summary (e.g., ``[]`` for a command taking an optional list of nodes). Empty if no arguments are expected. ``description`` A string with a description of the command's semantics suitable for use in the ``help`` command summary. This method can be overridden by derived classes. The implementation must not call the parent class' implementation. The default implementation returns an empty list. .. _Plugin.done: **done** (self) Called once just before BroControl terminates. This method can do any cleanup the plugin may require. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.hostStatusChanged: **hostStatusChanged** (self, host, status) Called when BroControl's ``cron`` command finds the availability of a cluster system to have changed. Initially, all systems are assumed to be up and running. Once BroControl notices that a system isn't responding (defined as not accepting SSH sessions), it calls this method, passing in a string with the name of the *host* and a boolean *status* set to False. Once the host becomes available again, the method will be called again for the same host with *status* now set to True. Note that BroControl's ``cron`` tracks a host's availability across execution, so if the next time it's run the host is still down, this method will not be called again. This method can be overridden by derived classes. The default implementation does nothing. .. _Plugin.init: **init** (self) Called once just before BroControl starts executing any commands. This method can do any initialization that the plugin may require. Note that when this method executes, BroControl guarantees that all internals are fully set up (e.g., user-defined options are available). This may not be the case when the class ``__init__`` method runs. Returns a boolean, indicating whether the plugin should be used. If it returns ``False``, the plugin will be removed and no other methods called. This method can be overridden by derived classes. The default implementation always returns True. .. _Plugin.name: **name** (self) Returns a string with a descriptive name for the plugin (e.g., ``"TestPlugin"``). The name must not contain any whitespace. This method must be overridden by derived classes. The implementation must not call the parent class' implementation. .. _Plugin.nodeKeys: **nodeKeys** (self) Returns a list of names of custom keys (the value of a key can be specified in ``node.cfg`` for any node defined there). The value for a key will be available from the `Node`_ object as attribute ``_`` (e.g., ``node.myplugin_mykey``). If not set, the attribute will be set to an empty string. This method can be overridden by derived classes. The implementation must not call the parent class' implementation. The default implementation returns an empty list. .. _Plugin.options: **options** (self) Returns a set of local configuration options provided by the plugin. The return value is a list of 4-tuples each having the following elements: ``name`` A string with name of the option (e.g., ``Path``). Option names are case-insensitive. Note that the option name exposed to the user will be prefixed with your plugin's prefix as returned by *prefix()* (e.g., ``myplugin.Path``). ``type`` A string with type of the option, which must be one of ``"bool"``, ``"string"``, or ``"int"``. ``default`` A string with the option's default value. Note that this must always be a string, even for non-string types. For booleans, use ``"0"`` for False and ``"1"`` for True. For integers, give the value as a string ``"42"``. ``description`` A string with a description of the option semantics. This method can be overridden by derived classes. The implementation must not call the parent class' implementation. The default implementation returns an empty list. .. _Plugin.pluginVersion: **pluginVersion** (self) Returns an integer with a version number for the plugin. Plugins should increase their version number with any significant change. This method must be overridden by derived classes. The implementation must not call the parent class' implementation. .. _Plugin.prefix: **prefix** (self) Returns a string with a prefix for the plugin's options and commands names (e.g., "myplugin"). This method can be overridden by derived classes. The implementation must not call the parent class' implementation. The default implementation returns a lower-cased version of *name()*. .. _Node: Class ``Node`` ~~~~~~~~~~~~~~ class **Node** Class representing one node of the BroControl maintained setup. In standalone mode, there's always exactly one node of type ``standalone``. In a cluster setup, there is exactly one of type ``manager``, one or more of type ``proxy``, and zero or more of type ``worker``. A ``Node`` object has a number of keys with values that are set via the ``node.cfg`` file and can be accessed directly (from a plugin) via corresponding Python attributes (e.g., ``node.name``): ``name`` (string) The name of the node, which corresponds to the ``[]`` section in ``node.cfg``. ``type`` (string) The type of the node, which will be one of ``standalone``, ``manager``, ``proxy``, and ``worker``. ``env_vars`` (string) A comma-separated list of environment variables to set when running Bro (e.g., ``env_vars=VAR1=1,VAR2=2``). These node-specific values override any global values specified in the ``broctl.cfg`` file. ``host`` (string) The hostname of the system the node is running on. ``interface`` (string) The network interface for Bro to use; empty if not set. ``lb_procs`` (integer) The number of clustered Bro workers you'd like to start up. ``lb_method`` (string) The load balancing method to distribute packets to all of the processes (must be one of: ``pf_ring``, ``myricom``, or ``interfaces``). ``lb_interfaces`` (string) If the load balancing method is ``interfaces``, then this is a comma-separated list of network interface names to use. ``pin_cpus`` (string) A comma-separated list of CPU numbers to which the node's Bro processes will be pinned (if not specified, then CPU pinning will not be used for this node). This option is only supported on Linux and FreeBSD (it is ignored on all other platforms). CPU numbering starts at zero (e.g., the only valid CPU numbers for a machine with one dual-core processor would be 0 and 1). If the length of this list does not match the number of Bro processes for this node, then some CPUs could have zero (if too many CPU numbers are specified) or more than one (if not enough CPU numbers are specified) Bro processes pinned to them. Only the specified CPU numbers will be used, regardless of whether additional CPU cores exist. ``aux_scripts`` (string) Any node-specific Bro script configured for this node. ``zone_id`` (string) If BroControl is managing a cluster comprised of nodes using non-global IPv6 addresses, then this configures the :rfc:`4007` ``zone_id`` string that the node associates with the common zone that all cluster nodes are a part of. This identifier may differ between nodes. Any attribute that is not defined in ``node.cfg`` will be empty. In addition, plugins can override `Plugin.nodeKeys`_ to define their own node keys, which can then be likewise set in ``node.cfg``. The key names will be prepended with the plugin's `Plugin.prefix`_ (e.g., for the plugin ``test``, the node key ``foo`` is set by adding ``test.foo=value`` to ``node.cfg``). Finally, a Node object has the following methods that can be called from a plugin: .. _Node.cwd: **cwd** (self) Returns a string with the node's working directory. .. _Node.describe: **describe** (self) Returns an extended string representation of the node including all its keys with values (sorted by key). .. _Node.getPID: **getPID** (self) Returns the process ID of the node's Bro process if running, and None otherwise. .. _Node.getPort: **getPort** (self) Returns an integer with the port that this node's communication system is listening on for incoming connections, or -1 if no such port has been set yet. .. _Node.hasCrashed: **hasCrashed** (self) Returns True if the node's Bro process has exited abnormally. .. _FAQ: Questions and Answers --------------------- *Can I use an NFS-mounted partition as the cluster's base directory to avoid the ``rsync``'ing?* Yes. BroBase_ can be on an NFS partition. Configure and install the shell as usual with ``--prefix=``. Then add ``HaveNFS=1`` and ``SpoolDir=`` to ``broctl.cfg``, where ```` is a path on the local disks of the nodes; ```` will be used for all non-shared data (make sure that the parent directory exists and is writable on all nodes!). Then run ``make install`` again. Finally, you can remove ``/spool`` (or link it to ). In addition, you might want to keep the log files locally on the nodes as well by setting LogDir_ to a non-NFS directory. (Only the manager's logs will be kept permanently, the logs of workers/proxies are discarded upon rotation.) *When I'm using the stand-alone mode, do I still need to have ``ssh`` and ``rsync`` installed and configured?* No. In stand-alone mode all operations are performed directly on the local file system. *What do I need to do when something in the Bro distribution changes?* After pulling from the main Bro git repository, just re-run ``make install`` inside your build directory. It will reinstall all the files from the distribution that are not up-to-date. Then do ``broctl deploy`` to make sure everything gets pushed out. *Can I change the naming scheme that BroControl uses for archived log files?* Yes, set MakeArchiveName_ to a script that outputs the desired destination file name for an archived log file. The default script for that task is ``/share/broctl/scripts/make-archive-name``, which you can use as a template for creating your own version. See the beginning of that script for instructions. *Can BroControl manage a cluster of nodes over non-global IPv6 scope (e.g. link-local)?* Yes, set ``ZoneID`` in ``broctl.cfg`` to the zone identifier that the BroControl node uses to identify the scope zone (the ``ifconfig`` command output is usually helpful, if it doesn't show the zone identifier appended to the address with a '%' character, then it may just be the interface name). Then in ``node.cfg``, add a ``zone_id`` key to each node section representing that particular node's zone identifier and set the ``host`` key to the IPv6 address assigned to the node within the scope zone. Most nodes probably have the same ``zone_id``, but may not if their interface configuration differs. See :rfc:`4007` for more information on IPv6 scoped addresses and zones. broctl-1.4-minimal/doc/main.rst0000664002342100234210000004112212535575000016332 0ustar johannajohanna.. -*- mode: rst-mode -*- .. .. Note: This file includes further autogenerated ones. .. .. Version number is filled in automatically. .. |version| replace:: 1.4 ========== BroControl ========== .. rst-class:: opening This document summarizes installation and use of *BroControl*, Bro's interactive shell for operating Bro installations. *BroControl* has two modes of operation: a *stand-alone* mode for managing a traditional, single-system Bro setup; and a *cluster* mode for maintaining a multi-system setup of coordinated Bro instances load-balancing the work across a set of independent machines. Once installed, the operation is pretty similar for both types; just keep in mind that if this document refers to "nodes" and you're in a stand-alone setup, there is only a single one and no worker/proxies. .. contents:: Download -------- You can find the latest BroControl release for download at http://www.bro.org/download. BroControl's git repository is located at `git://git.bro.org/broctl `_. You can browse the repository `here `_. This document describes BroControl |version|. See the ``CHANGES`` file for version history. Prerequisites ------------- Running BroControl requires the following prerequisites: - A Unix system. FreeBSD, Linux, and Mac OS X are supported and should work out of the box. Other Unix systems will quite likely require some tweaking. Note that in a cluster setup, all systems must be running exactly the *same* operating system. - A version of *Python* >= 2.6 (on FreeBSD, the package "py27-sqlite3" must also be installed). - A *bash* (note in particular, that on FreeBSD, *bash* is not installed by default). - In a cluster setup, *rsync* must be installed on every host in the cluster. - In a cluster setup, *sshd* must be installed and running on every host except the manager, and *ssh* must be installed on the manager. - If *sendmail* is installed (for a cluster setup, it is needed on the manager only), then BroControl can send mail. Otherwise, BroControl will not attempt to send mail. If you're using a load-balancing method such as PF_RING, then there is additional software to install (for details, see the :doc:`Cluster Configuration <../../configuration/index>` documentation). Additionally, in a cluster setup you must have the same user account set up on all hosts, and ``ssh`` access from the manager node to this user account must be setup on all machines, and must work without asking for a password/passphrase (for example, using ssh public key authentication). Finally, on the worker nodes, this user must have access to the target network interface in promiscuous mode. Installation ------------ Follow the directions to install Bro and BroControl according to the instructions in the :doc:`Installing Bro <../../install/install>` documentation. Depending on how you install Bro and BroControl, the files and directories that get installed might be owned by the "root" user. If you want to run BroControl as an ordinary user, then you will need to make sure that the user has write permissions to the "logs" and "spool" directories (and all subdirectories of these directories). Note that if you are planning to run Bro in a cluster configuration, then you need to install Bro and BroControl only on the manager host (the BroControl install_ or deploy_ commands will install Bro and all required scripts to the other hosts in your cluster). For more details on how to configure BroControl in a cluster configuration, see the examples in the :doc:`Cluster Configuration <../../configuration/index>` documentation. Getting Started --------------- BroControl is an interactive interface for managing a Bro installation which allows you to, e.g., start/stop the monitoring or update its configuration. Before actually running BroControl, you first need to edit the ``broctl.cfg``, ``node.cfg``, and ``networks.cfg`` files. In the ``broctl.cfg`` file, you should review the BroControl options and make sure the options are set correctly for your environment (for a description of every BroControl option, see the `Option Reference`_ section below). Next, edit the ``node.cfg`` file and specify the nodes that you will be running. For a description of every option available for nodes, see the `Node`_ section below. Finally, edit the ``networks.cfg`` file and list each network (see the examples in the file for the format to use) that is considered local to the monitored environment. BroControl is started with the ``broctl`` script and then expects commands on its command-line (alternatively, ``broctl`` can also be started with a single command directly on the shell's command line, such as ``broctl help``):: > broctl Welcome to BroControl x.y Type "help" for help. [BroControl] > As the message says, type help_ to see a list of all commands. We will now briefly summarize the most important commands. A full reference follows `Command Reference`_. The config_ command gives a list of all BroControl options with their current values. This can be useful when troubleshooting a problem to check if an option has the expected value. If this is the first time you are running BroControl, then the first command you must run is the BroControl deploy_ command. The "deploy" command will make sure all of the files needed by BroControl and Bro are brought up-to-date based on the configuration specified in the ``broctl.cfg``, ``node.cfg``, and ``networks.cfg`` files. It will also check if there are any syntax errors in your Bro policy scripts. For a cluster setup it will copy all of the required scripts and executables to all the other hosts in your cluster. Then it will successively start manager, proxies, and workers (for a standalone configuration, only one Bro instance will be started). The status_ command can be used to check that all nodes are "running". If any nodes have a status of "crashed", then use the diag_ command to see diagnostic information (you can specify the name of a crashed node as an argument to the diag command to show diagnostics for only that one node). To stop the monitoring, issue the stop_ command. After all nodes have stopped, the status_ command should show all nodes as "stopped". exit_ leaves the shell (you can also exit BroControl while Bro nodes are running). Whenever the BroControl or Bro configuration is modified in any way, including changes to configuration files and site-specific policy scripts or upgrading to a new version of Bro, deploy_ must be run (deploy will check all policy scripts, install all needed files, and restart Bro). No changes will take effect until deploy_ is run. Log Files --------- On the manager system (and on the stand-alone system), you find the current set of (aggregated) logs in ``logs/current`` (which is a symlink to the corresponding spool directory). The logs are archived in ``logs/``, by default once per hour. Log files of workers and proxies are discarded at the same rotation interval. If, for some reason, log files are not able to be archived (you would notice this by seeing a gap in the set of logs in the ``logs/`` directory), you can search for unarchived logs with a command like this:: find spool -name "*.log" If you see any logs in a subdirectory of ``spool/tmp/``, then those were moved there when Bro previously stopped or crashed. If Bro is still running, then there might be rotated logs (i.e., logs with filenames containing a timestamp) in Bro's working directory. Additionally, when broctl starts Bro, it creates two files "stdout.log" and "stderr.log". These files are sometimes useful to debug problems, because they might contain error messages from Bro or from the script which archives log files. Site-specific Customization --------------------------- You'll most likely want to adapt the Bro policy to the local environment and generally site-specific tuning requires writing local policy scripts. Sample local policy scripts (which you can edit) are located in ``share/bro/site``. In the stand-alone setup, a single file called ``local.bro`` gets loaded automatically. In the cluster setup, the same ``local.bro`` gets loaded, followed by one of three other files: ``local-manager.bro``, ``local-worker.bro``, and ``local-proxy.bro`` are loaded by the manager, workers, and proxy, respectively. The recommended way to modify the policy is to use only "@load" directives in the ``local.bro`` scripts. For example, you can add a "@load" directive to load a Bro policy script that is included with Bro but is not loaded by default. You can also create custom site-specific policy scripts in the same directory as the ``local.bro`` scripts, and "@load" them from one of the ``local.bro`` scripts. For example, you could create your own Bro script ``mypolicy.bro`` in the ``share/bro/site`` directory, and then add a line "@load mypolicy" (without the quotes) to the ``local.bro`` script. Note that in a cluster setup, notice filtering should be done only on the manager. After creating or modifying your local policy scripts, you must install them by using the broctl "install" or "deploy" command. Next, you can use the broctl "scripts" command to verify that your new scripts will be loaded when you start Bro. If you want to change which local policy scripts are loaded by the nodes, you can set SitePolicyStandalone_ for all Bro instances, SitePolicyManager_ for the manager, and SitePolicyWorker_ for the workers. To change the directory where local policy scripts are located, set the option SitePolicyPath_ to a different path. These options can be changed in the ``broctl.cfg`` file. Load Order of Scripts ~~~~~~~~~~~~~~~~~~~~~ When writing custom site-specific policy scripts, it can sometimes be useful to know in which order the scripts are loaded (the broctl "scripts" command shows the load order of every script loaded by Bro). For example, if more than one script sets a value for the same global variable, then the value that takes effect is the one set by the last such script loaded. When broctl starts Bro, the first script loaded is init-bare.bro, followed by init-default.bro (keep in mind that each of these scripts loads many other scripts). Next, the local.bro script is loaded. This provides for a common set of loaded scripts for all nodes. Next, the "broctl" script package is loaded. This consists of some standard settings that broctl needs. In a cluster setup, one of the following scripts are loaded: local-manager.bro, local-proxy.bro, or local-worker.bro. The next scripts loaded are ``local-networks.bro`` and ``broctl-config.bro``. These scripts are automatically generated by BroControl based on the contents of the ``networks.cfg`` and ``broctl.cfg`` files. The last scripts loaded are any node-specific scripts specified with the option ``aux_scripts`` in ``node.cfg``. This option can be used to load additional scripts to individual nodes only. For example, one could add a script ``experimental.bro`` to a single worker for trying out new experimental code. Miscellaneous ------------- Mails ~~~~~ BroControl sends three types of mails to the address given in ``MailTo``: 1. When the ``cron`` command runs it performs various tasks (such as checking available disk space, expiring old log files, etc.). If any problems occur, a list of those issues will be sent. 2. When the ``cron`` command notices that a node has crashed, it restarts it and sends a notification. It may also send a more detailed crash report containing information about the crash. 3. If `trace-summary `_ is installed, a traffic summary is sent each rotation interval. This can be disabled by setting ``MailConnectionSummary=0``. Command Reference ----------------- The following summary lists all commands supported by BroControl. All commands may be either entered interactively or specified on the shell's command line. If not specified otherwise, commands taking *[]* as arguments apply their action either to the given set of nodes, to the manager node if "manager" is given, to all proxy nodes if "proxies" is given, to all worker nodes if "workers" is given, or to all nodes if none are given. .. include:: commands.rst Option Reference ---------------- This section summarizes the options that can be set in ``broctl.cfg`` for customizing the behavior of BroControl (the option names are case-insensitive). Usually, one only needs to change the "user options", which are listed first. The "internal options" are, as the name suggests, primarily used internally and set automatically. They are documented here only for reference. .. include:: options.rst Plugins ------- BroControl provides a plugin interface to extend its functionality. A plugin is written in Python and can do any, or all, of the following: * Perform actions before or after any of the standard BroControl commands is executed. When running before the actual command, it can filter which nodes to operate or stop the execution altogether. When running after the command, it gets access to the commands success status on a per-node basis (where applicable). * Add custom commands to BroControl. * Add custom options to BroControl defined in ``broctl.cfg``. * Add custom keys to nodes defined in ``node.cfg``. A plugin is written by deriving a new class from BroControl class `Plugin`_. The Python script with the new plugin is then copied into a plugin directory searched by BroControl at startup. By default, BroControl searches ``/lib/broctl/plugins``; additional directories may be configured by setting the SitePluginPath_ option. Note that any plugin script must end in ``*.py`` to be found. BroControl comes with some example plugins that can be used as a starting point; see the ``/lib/broctl/plugins`` directory. In the following, we document the API that is available to plugins. A plugin must be derived from the `Plugin`_ class, and can use its methods as well as those of the `Node`_ class. .. include:: plugins.rst .. _FAQ: Questions and Answers --------------------- *Can I use an NFS-mounted partition as the cluster's base directory to avoid the ``rsync``'ing?* Yes. BroBase_ can be on an NFS partition. Configure and install the shell as usual with ``--prefix=``. Then add ``HaveNFS=1`` and ``SpoolDir=`` to ``broctl.cfg``, where ```` is a path on the local disks of the nodes; ```` will be used for all non-shared data (make sure that the parent directory exists and is writable on all nodes!). Then run ``make install`` again. Finally, you can remove ``/spool`` (or link it to ). In addition, you might want to keep the log files locally on the nodes as well by setting LogDir_ to a non-NFS directory. (Only the manager's logs will be kept permanently, the logs of workers/proxies are discarded upon rotation.) *When I'm using the stand-alone mode, do I still need to have ``ssh`` and ``rsync`` installed and configured?* No. In stand-alone mode all operations are performed directly on the local file system. *What do I need to do when something in the Bro distribution changes?* After pulling from the main Bro git repository, just re-run ``make install`` inside your build directory. It will reinstall all the files from the distribution that are not up-to-date. Then do ``broctl deploy`` to make sure everything gets pushed out. *Can I change the naming scheme that BroControl uses for archived log files?* Yes, set MakeArchiveName_ to a script that outputs the desired destination file name for an archived log file. The default script for that task is ``/share/broctl/scripts/make-archive-name``, which you can use as a template for creating your own version. See the beginning of that script for instructions. *Can BroControl manage a cluster of nodes over non-global IPv6 scope (e.g. link-local)?* Yes, set ``ZoneID`` in ``broctl.cfg`` to the zone identifier that the BroControl node uses to identify the scope zone (the ``ifconfig`` command output is usually helpful, if it doesn't show the zone identifier appended to the address with a '%' character, then it may just be the interface name). Then in ``node.cfg``, add a ``zone_id`` key to each node section representing that particular node's zone identifier and set the ``host`` key to the IPv6 address assigned to the node within the scope zone. Most nodes probably have the same ``zone_id``, but may not if their interface configuration differs. See :rfc:`4007` for more information on IPv6 scoped addresses and zones. broctl-1.4-minimal/doc/Makefile0000664002342100234210000000056412535575000016321 0ustar johannajohanna# Builds the top-level broctl.rst from its parts. # # Note: It's not great to build this here and commit to the repository # (as opposed to in build/). However, otherwise it would get hard # to put the final document online www.bro.org. all: generate-docs generate-docs: @echo "Creating broctl.rst ..." @PYTHONPATH=.. ../bin/broctl.in --print-doc main.rst >broctl.rst broctl-1.4-minimal/BroControl/0000775002342100234210000000000012535575000016172 5ustar johannajohannabroctl-1.4-minimal/BroControl/node.py0000664002342100234210000002073712535575000017502 0ustar johannajohanna# # One BroControl node. # import os import copy from BroControl import doc class Node: """Class representing one node of the BroControl maintained setup. In standalone mode, there's always exactly one node of type ``standalone``. In a cluster setup, there is exactly one of type ``manager``, one or more of type ``proxy``, and zero or more of type ``worker``. A ``Node`` object has a number of keys with values that are set via the ``node.cfg`` file and can be accessed directly (from a plugin) via corresponding Python attributes (e.g., ``node.name``): ``name`` (string) The name of the node, which corresponds to the ``[]`` section in ``node.cfg``. ``type`` (string) The type of the node, which will be one of ``standalone``, ``manager``, ``proxy``, and ``worker``. ``env_vars`` (string) A comma-separated list of environment variables to set when running Bro (e.g., ``env_vars=VAR1=1,VAR2=2``). These node-specific values override any global values specified in the ``broctl.cfg`` file. ``host`` (string) The hostname of the system the node is running on. ``interface`` (string) The network interface for Bro to use; empty if not set. ``lb_procs`` (integer) The number of clustered Bro workers you'd like to start up. ``lb_method`` (string) The load balancing method to distribute packets to all of the processes (must be one of: ``pf_ring``, ``myricom``, or ``interfaces``). ``lb_interfaces`` (string) If the load balancing method is ``interfaces``, then this is a comma-separated list of network interface names to use. ``pin_cpus`` (string) A comma-separated list of CPU numbers to which the node's Bro processes will be pinned (if not specified, then CPU pinning will not be used for this node). This option is only supported on Linux and FreeBSD (it is ignored on all other platforms). CPU numbering starts at zero (e.g., the only valid CPU numbers for a machine with one dual-core processor would be 0 and 1). If the length of this list does not match the number of Bro processes for this node, then some CPUs could have zero (if too many CPU numbers are specified) or more than one (if not enough CPU numbers are specified) Bro processes pinned to them. Only the specified CPU numbers will be used, regardless of whether additional CPU cores exist. ``aux_scripts`` (string) Any node-specific Bro script configured for this node. ``zone_id`` (string) If BroControl is managing a cluster comprised of nodes using non-global IPv6 addresses, then this configures the :rfc:`4007` ``zone_id`` string that the node associates with the common zone that all cluster nodes are a part of. This identifier may differ between nodes. Any attribute that is not defined in ``node.cfg`` will be empty. In addition, plugins can override `Plugin.nodeKeys`_ to define their own node keys, which can then be likewise set in ``node.cfg``. The key names will be prepended with the plugin's `Plugin.prefix`_ (e.g., for the plugin ``test``, the node key ``foo`` is set by adding ``test.foo=value`` to ``node.cfg``). Finally, a Node object has the following methods that can be called from a plugin: """ # Valid keys in nodes file. The values will be stored in attributes of the # same name. Custom keys can be add via addKey(). _keys = {"type": 1, "host": 1, "interface": 1, "aux_scripts": 1, "brobase": 1, "ether": 1, "zone_id": 1, "lb_procs": 1, "lb_method": 1, "lb_interfaces": 1, "pin_cpus": 1, "env_vars": 1} def __init__(self, config, name): """Instantiates a new node of the given name.""" self.name = name self._config = config for key in Node._keys: self.__dict__[key] = "" def __str__(self): return self.name def copy(self): n = Node(self._config, self.name) for key in self.__dict__: if key.startswith("_"): # This is to avoid copying _config, which causes problems. setattr(n, key, getattr(self, key)) else: # Must make a copy of some config items (e.g. env_vars) so that # changes to the value only affect one node. setattr(n, key, copy.copy(getattr(self, key))) return n def items(self): """Returns a list of (key, value) tuples, sorted by key, of a node.""" def tostr(v): if isinstance(v, dict): return ",".join(["%s=%s" % (key, val) for (key, val) in sorted(v.items())]) else: return str(v) return [(k, tostr(self.__dict__[k])) for k in sorted(self.__dict__.keys())] @doc.api def describe(self): """Returns an extended string representation of the node including all its keys with values (sorted by key).""" def fmt(v): if isinstance(v, list): v = ",".join(v) elif isinstance(v, dict): v = ",".join(["%s=%s" % (key, val) for (key, val) in sorted(v.items())]) return v # Do not output attributes starting with underscore, because they are # for internal use and don't provide useful information to the user. return ("%15s - " % self.name) + " ".join(["%s=%s" % (k, fmt(self.__dict__[k])) for k in sorted(self.__dict__.keys()) if not k.startswith("_")]) def to_dict(self): d = dict(self.items()) d["name"] = self.name d["description"] = self.describe() return d @doc.api def cwd(self): """Returns a string with the node's working directory.""" return os.path.join(self._config.spooldir, self.name) # Stores the nodes process ID. def setPID(self, pid): """Stores the process ID for the node's Bro process.""" key = "%s-pid" % self.name self._config.set_state(key, pid) key = "%s-host" % self.name self._config.set_state(key, self.host) @doc.api def getPID(self): """Returns the process ID of the node's Bro process if running, and None otherwise.""" key = "%s-pid" % self.name.lower() return self._config.get_state(key) def clearPID(self): """Clears the stored process ID for the node's Bro process, indicating that it is no longer running.""" key = "%s-pid" % self.name self._config.set_state(key, None) def setCrashed(self): """Marks node's Bro process as having terminated unexpectedly.""" key = "%s-crashed" % self.name self._config.set_state(key, True) # Unsets the flag for unexpected termination. def clearCrashed(self): """Clears the mark for the node's Bro process having terminated unexpectedly.""" key = "%s-crashed" % self.name self._config.set_state(key, False) # Returns true if node has terminated unexpectedly. @doc.api def hasCrashed(self): """Returns True if the node's Bro process has exited abnormally.""" key = "%s-crashed" % self.name.lower() return self._config.get_state(key) def getExpectRunning(self): key = "%s-expect-running" % self.name.lower() val = self._config.get_state(key) if val is None: val = False return val def setExpectRunning(self, val): key = "%s-expect-running" % self.name.lower() self._config.set_state(key, val) # Set the Bro port this node is using. def setPort(self, port): key = "%s-port" % self.name self._config.set_state(key, port) # Get the Bro port this node is using. @doc.api def getPort(self): """Returns an integer with the port that this node's communication system is listening on for incoming connections, or -1 if no such port has been set yet. """ key = "%s-port" % self.name.lower() return self._config.get_state(key) or -1 @staticmethod def addKey(kw): """Adds a supported node key. This is used by the PluginRegistry to register custom keys.""" Node._keys[kw] = 1 broctl-1.4-minimal/BroControl/brocmd.py0000664002342100234210000000425512535575000020020 0ustar johannajohannafrom __future__ import print_function import cmd from BroControl import py3bro class ExitValueCmd(cmd.Cmd): def cmdloop(self, intro=None): """Repeatedly issue a prompt, accept input, parse an initial prefix off the received input, and dispatch to action methods, passing them the remainder of the line as argument. """ self.preloop() if self.use_rawinput and self.completekey: try: import readline self.old_completer = readline.get_completer() readline.set_completer(self.complete) readline.parse_and_bind(self.completekey + ": complete") except ImportError: pass try: if intro is not None: self.intro = intro if self.intro: self.stdout.write("%s\n" % self.intro) self._stopping = False success = True while not self._stopping: if self.cmdqueue: line = self.cmdqueue.pop(0) else: if self.use_rawinput: try: line = py3bro.input(self.prompt) except EOFError: line = "EOF" else: self.stdout.write(self.prompt) self.stdout.flush() line = self.stdin.readline() if not line: line = "EOF" else: line = line.rstrip("\r\n") line = self.precmd(line) try: success = self.onecmd(line) except Exception as e: success = False print("Error: %s" % e) self.postcmd(False, line) self.postloop() finally: if self.use_rawinput and self.completekey: try: import readline readline.set_completer(self.old_completer) except ImportError: pass return success broctl-1.4-minimal/BroControl/doc.py0000664002342100234210000000341512535575000017314 0ustar johannajohanna# # Generates the dynamic parts of the BroControl documentation. # import inspect def api(*deco_args): if len(deco_args) == 1 and callable(deco_args[0]): # No argument to decorator. method = deco_args[0] method._doc = "" return method else: # Tag argument. def _api(method): method._doc = deco_args[0] return method return _api def print_indented(text, level): out = "" if not isinstance(text, list): text = text.splitlines() for line in text: out += "%s %s\n" % (" " * level, line) out += "\n" return out # Prints API documentation for a class. Includes all methods tagged with # @api(tag). (Use an unknown tag to not exclude all methods.) If header is # False, the class's name and doc string is not included. def print_class(cls, tag="", header=True): out = "" methods = {} for (key, val) in cls.__dict__.items(): if not inspect.isfunction(val): continue if not "_doc" in val.__dict__: continue if val.__dict__["_doc"] == tag: methods[key] = val if header: out += ".. _%s:\n\n" % cls.__name__ out += "Class ``%s``\n" % cls.__name__ out += "~~~~~~~~%s~~" % ("~" * len(cls.__name__)) out += "\n\n" out += "class **%s**\n" % cls.__name__ out += print_indented(inspect.getdoc(cls), 1) for name in sorted(methods.keys()): func = methods[name] (args, varargs, keywords, defaults) = inspect.getargspec(func) out += print_indented(".. _%s.%s:" % (cls.__name__, name), 1) out += print_indented("**%s** (%s)" % (name, ", ".join(args)), 1) out += print_indented(inspect.getdoc(func), 2) return out broctl-1.4-minimal/BroControl/util.py0000664002342100234210000001241712535575000017526 0ustar johannajohannaimport os import errno import time import signal from BroControl import config def fmttime(t): return time.strftime(config.Config.timefmt, time.localtime(float(t))) lockCount = 0 # Return: 0 if no lock, >0 for PID of lock, or -1 on error def _break_lock(cmdout): from BroControl import execute try: # Check whether lock is stale. with open(config.Config.lockfile, "r") as f: pid = f.readline().strip() except (OSError, IOError) as err: cmdout.error("failed to read lock file: %s" % err) return -1 (success, output) = execute.run_localcmd("%s %s" % (os.path.join(config.Config.helperdir, "check-pid"), pid)) if success and output[0] == "running": # Process still exists. try: return int(pid) except ValueError: return -1 cmdout.info("removing stale lock") try: # Break lock. os.unlink(config.Config.lockfile) except (OSError, IOError) as err: cmdout.error("failed to remove lock file: %s" % err) return -1 return 0 # Return: 0 if lock is acquired, or if failed to acquire lock return >0 for # PID of lock, or -1 on error def _acquire_lock(cmdout): lockpid = -1 pid = str(os.getpid()) tmpfile = config.Config.lockfile + "." + pid lockdir = os.path.dirname(config.Config.lockfile) if not os.path.exists(lockdir): cmdout.info("creating directory for lock file: %s" % lockdir) os.makedirs(lockdir) try: try: # This should be NFS-safe. with open(tmpfile, "w") as f: f.write("%s\n" % pid) n = os.stat(tmpfile)[3] os.link(tmpfile, config.Config.lockfile) m = os.stat(tmpfile)[3] if n == m-1: return 0 # File is locked. lockpid = _break_lock(cmdout) if lockpid == 0: return _acquire_lock(cmdout) except OSError: # File is already locked. lockpid = _break_lock(cmdout) if lockpid == 0: return _acquire_lock(cmdout) except IOError as e: cmdout.error("cannot acquire lock: %s" % e) return lockpid finally: try: os.unlink(tmpfile) except (OSError, IOError): pass return lockpid def _release_lock(cmdout): try: os.unlink(config.Config.lockfile) except OSError as e: cmdout.error("cannot remove lock file: %s" % e) def lock(cmdout, showwait=True): global lockCount if lockCount > 0: # Already locked. lockCount += 1 return True lockpid = _acquire_lock(cmdout) if lockpid < 0: return False if lockpid: if showwait: cmdout.info("waiting for lock (owned by PID %d) ..." % lockpid) count = 0 while _acquire_lock(cmdout) != 0: time.sleep(1) count += 1 if count > 30: return False lockCount = 1 return True def unlock(cmdout): global lockCount if lockCount == 0: cmdout.error("mismatched lock/unlock") return if lockCount > 1: # Still locked. lockCount -= 1 return _release_lock(cmdout) lockCount = 0 # Keyboard interrupt handler. def sigint_handler(signum, frame): config.Config.config["sigint"] = "1" def enable_signals(): pass #signal.signal(signal.SIGINT, sigint_handler) def disable_signals(): pass #signal.signal(signal.SIGINT, signal.SIG_IGN) # 'src' is the file to which the link will point, and 'dst' is the link to make def force_symlink(src, dst): try: os.symlink(src, dst) except OSError as e: if e.errno == errno.EEXIST: os.remove(dst) os.symlink(src, dst) else: raise # Returns an IP address string suitable for embedding in a Bro script, # for IPv6 colon-hexadecimal address strings, that means surrounding it # with square brackets. def format_bro_addr(addr): if ":" not in addr: return addr else: return "[%s]" % addr # Returns an IP prefix string suitable for embedding in a Bro script, # for IPv6 colon-hexadecimal prefix strings, that means surrounding the # IP address part with square brackets. def format_bro_prefix(prefix): if ":" not in prefix: return prefix else: parts = prefix.split("/") return "[%s]/%s" % (parts[0], parts[1]) # Returns an IP address string suitable for use with rsync, which requires # encasing IPv6 addresses in square brackets, and some shells may require # quoting the brackets. def format_rsync_addr(addr): if ":" not in addr: return addr else: return "'[%s]'" % addr # Scopes a non-global IPv6 address with a zone identifier according to RFC 4007 def scope_addr(addr): zoneid = config.Config.zoneid if ":" not in addr or zoneid == "": return addr else: return addr + "%" + zoneid # Convert a number into a string with a unit (e.g., 1024 into "1K"). def number_unit_str(num): units = (("G", 1024*1024*1024), ("M", 1024*1024), ("K", 1024)) for (unit, factor) in units: if num >= factor: return "%3.0f%s" % (num / factor, unit) return " %3.0f" % (num) broctl-1.4-minimal/BroControl/control.py0000664002342100234210000013250412535575000020231 0ustar johannajohanna# Functions to control the nodes' operations. from collections import namedtuple import glob import os import shutil import time import logging from BroControl import execute from BroControl import events from BroControl import util from BroControl import config from BroControl import install from BroControl import cron from BroControl import node as node_mod from BroControl import cmdresult # Waits for the nodes' Bro processes to reach the given status. # Build the Bro parameters for the given node. Include # script for live operation if live is true. def _make_bro_params(node, live): args = [] if live and node.interface: try: # Interface name needs quotes so that shell doesn't interpret any # potential metacharacters in the name. args += ["-i", "'%s'" % node.interface] except AttributeError: pass if config.Config.savetraces == "1": args += ["-w", "trace.pcap"] args += ["-U", ".status"] args += ["-p", "broctl"] if live: args += ["-p", "broctl-live"] if node.type == "standalone": args += ["-p", "standalone"] for prefix in config.Config.prefixes.split(":"): args += ["-p", "%s" % prefix] args += ["-p", "%s" % node.name] # The order of loaded scripts is as follows: # 1) local.bro gives a common set of loaded scripts for all nodes. # 2) The common configuration of broctl is loaded via the broctl package. # 3) The distribution's default settings for node configuration are loaded # from either the cluster framework or standalone scripts. This also # involves loading local-.bro scripts. At this point anything # in the distribution's default per-node is overridable and any # identifiers in local.bro are able to be used (e.g. in defining # a notice policy). # 4) Autogenerated broctl scripts are loaded, which may contain # settings that override the previously loaded node-specific scripts. # (e.g. Log::default_rotation_interval is set in manager.bro, # but overrided by broctl.cfg) args += config.Config.sitepolicystandalone.split() args += ["broctl"] if node.type == "standalone": args += ["broctl/standalone"] else: args += ["base/frameworks/cluster"] if node.type == "manager": args += config.Config.sitepolicymanager.split() elif node.type == "proxy": args += ["local-proxy"] elif node.type == "worker": args += config.Config.sitepolicyworker.split() args += ["broctl/auto"] if getattr(node, "aux_scripts", None): args += [node.aux_scripts] if config.Config.broargs: # Some args in broargs might contain spaces, so we cannot split it. args += [config.Config.broargs] return args # Build the environment variables for the given node. def _make_env_params(node, returnlist=False): envs = [] if node.type != "standalone": envs.append("CLUSTER_NODE=%s" % node.name) envs += ["%s=%s" % (key, val) for (key, val) in sorted(node.env_vars.items())] if returnlist: envlist = [("-v", i) for i in envs] return [j for i in envlist for j in i] return " ".join(envs) class Controller: def __init__(self, config, ui, executor, pluginregistry): self.config = config self.ui = ui self.executor = executor self.pluginregistry = pluginregistry def start(self, nodes): results = cmdresult.CmdResult() manager = [] proxies = [] workers = [] for n in nodes: n.setExpectRunning(True) if n.type == "worker": workers += [n] elif n.type == "proxy": proxies += [n] else: manager += [n] # Start nodes. Do it in the order manager, proxies, workers. if manager: self._start_nodes(manager, results) if not results.ok: for n in (proxies + workers): results.set_node_fail(n) return results if proxies: self._start_nodes(proxies, results) if not results.ok: for n in workers: results.set_node_fail(n) return results if workers: self._start_nodes(workers, results) return results # Starts the given nodes. def _start_nodes(self, nodes, results): filtered = [] # Ignore nodes which are still running. for (node, isrunning) in self._isrunning(nodes): if not isrunning: filtered += [node] if node.hasCrashed(): self.ui.info("starting %s (was crashed) ..." % node.name) else: self.ui.info("starting %s ..." % node.name) else: self.ui.info("%s still running" % node.name) nodes = filtered # Generate crash report for any crashed nodes. crashed = [node for node in nodes if node.hasCrashed()] self._make_crash_reports(crashed) # Make working directories. dirs = [(node, node.cwd()) for node in nodes] nodes = [] for (node, success) in self.executor.mkdirs(dirs): if success: nodes += [node] else: self.ui.error("cannot create working directory for %s" % node.name) results.set_node_fail(node) # Start Bro process. cmds = [] for node in nodes: envs = [] pin_cpu = node.pin_cpus # If this node isn't using CPU pinning, then use a placeholder value if pin_cpu == "": pin_cpu = -1 envs = _make_env_params(node, True) cmds += [(node, "start", envs + [node.cwd(), str(pin_cpu)] + _make_bro_params(node, True))] nodes = [] # Note: the shell is used to interpret the command because broargs # might contain quoted arguments. for (node, success, output) in self.executor.run_helper(cmds, shell=True): if success: nodes += [node] node.setPID(int(output[0])) else: self.ui.error("cannot start %s; check output of \"diag\"" % node.name) results.set_node_fail(node) if output: self.ui.error("\n".join(output)) # Check whether processes did indeed start up. hanging = [] running = [] for (node, success) in self._waitforbros(nodes, "RUNNING", 3, True): if success: running += [node] else: hanging += [node] # It can happen that Bro hangs in DNS lookups at startup # which can take a while. At this point we already know # that the process has been started (_waitforbros ensures that). # If by now there is not a TERMINATED status, we assume that it # is doing fine and will move on to RUNNING once DNS is done. for (node, success) in self._waitforbros(hanging, "TERMINATED", 0, False): if success: self.ui.info("%s terminated immediately after starting; check output with \"diag\"" % node.name) node.clearPID() results.set_node_fail(node) else: self.ui.info("(%s still initializing)" % node.name) running += [node] for node in running: self._log_action(node, "started") results.set_node_success(node) return results def _isrunning(self, nodes, setcrashed=True): results = [] cmds = [] for node in nodes: pid = node.getPID() if not pid: results += [(node, False)] continue cmds += [(node, "check-pid", [str(pid)])] for (node, success, output) in self.executor.run_helper(cmds): # If we cannot run the helper script, then we ignore this node # because the process might actually be running but we can't tell. if not success: if self.config.cron == "0": self.ui.error("cannot connect to %s" % node.name) continue running = output[0] == "running" and True or False results += [(node, running)] if not running: if setcrashed: # Grmpf. It crashed. node.clearPID() node.setCrashed() return results def _waitforbros(self, nodes, status, timeout, ensurerunning): # If ensurerunning is true, process must still be running. if ensurerunning: running = self._isrunning(nodes) else: running = [(node, True) for node in nodes] results = [] # Determine set of nodes still to check. todo = {} for (node, isrunning) in running: if isrunning: todo[node.name] = node else: results += [(node, False)] while True: # Determine whether process is still running. We need to do this # before we get the state to avoid a race condition. running = self._isrunning(todo.values(), setcrashed=False) # Check nodes' .status file cmds = [] for node in todo.values(): cmds += [(node, "first-line", ["%s/.status" % node.cwd()])] for (node, success, output) in self.executor.run_helper(cmds): if not success or not output[0]: continue fields = output[0].split() if len(fields) == 2: if status in fields[0]: # Status reached. Cool. del todo[node.name] results += [(node, True)] else: # Something's wrong. We give up on that node. del todo[node.name] results += [(node, False)] for (node, isrunning) in running: if node.name in todo and not isrunning: # Alright, a dead node's status will not change anymore. del todo[node.name] results += [(node, False)] if not todo: # All done. break # Wait a bit before we start over. time.sleep(1) # Timeout reached? timeout -= 1 if timeout <= 0: break logging.debug("Waiting for %d node(s)...", len(todo)) for node in todo.values(): # These did time-out. results += [(node, False)] if todo: logging.debug("Timeout while waiting for %d node(s)", len(todo)) return results def _log_action(self, node, action): if self.config.statslogenable == "0": return t = time.time() with open(self.config.statslog, "a") as out: out.write("%s %s action %s\n" % (t, node, action)) # Do a "post-terminate crash" for the given nodes. def _make_crash_reports(self, nodes): for n in nodes: self.pluginregistry.broProcessDied(n) msg = "If you want to help us debug this problem, then please forward\nthis mail to reports@bro.org\n" postterminate = os.path.join(self.config.scriptsdir, "post-terminate") cmds = [(node, postterminate, [node.cwd(), "crash"]) for node in nodes] for (node, success, output) in self.executor.run_cmds(cmds): if success: msuccess, moutput = self._sendmail("Crash report from %s" % node.name, msg + "\n".join(output)) if not msuccess: self.ui.error("error occurred while trying to send mail: %s" % moutput[0]) else: self.ui.error("error running post-terminate for %s: %s" % (node.name, output[0])) node.clearCrashed() def _sendmail(self, subject, body): if not self.config.sendmail: return True, "" cmd = "%s '%s'" % (os.path.join(self.config.scriptsdir, "send-mail"), subject) (success, output) = execute.run_localcmd(cmd, "", body) return success, output # Stop Bro processes on nodes. def stop(self, nodes): results = cmdresult.CmdResult() manager = [] proxies = [] workers = [] for n in nodes: n.setExpectRunning(False) if n.type == "worker": workers += [n] elif n.type == "proxy": proxies += [n] else: manager += [n] # Stop nodes. Do it in the order workers, proxies, manager # (the reverse of "start"). if workers: self._stop_nodes(workers, results) if not results.ok: for n in (proxies + manager): results.set_node_fail(n) return results if proxies: self._stop_nodes(proxies, results) if not results.ok: for n in manager: results.set_node_fail(n) return results if manager: self._stop_nodes(manager, results) return results def _stop_nodes(self, nodes, results): running = [] # Check for crashed nodes. for (node, isrunning) in self._isrunning(nodes): if isrunning: running += [node] self.ui.info("stopping %s ..." % node.name) else: results.set_node_success(node) if node.hasCrashed(): self.ui.info("%s not running (was crashed)" % node.name) self._make_crash_reports([node]) else: self.ui.info("%s not running" % node.name) # Helper function to stop nodes with given signal. def stop(nodes, signal): cmds = [] for node in nodes: cmds += [(node, "stop", [str(node.getPID()), str(signal)])] return self.executor.run_helper(cmds) # Stop nodes. for (node, success, output) in stop(running, 15): if not success: self.ui.error("failed to send stop signal to %s" % node.name) if running: time.sleep(1) # Check whether they terminated. terminated = [] kill = [] for (node, success) in self._waitforbros(running, "TERMINATED", int(self.config.stoptimeout), False): if not success: # Check whether it crashed during shutdown ... result = self._isrunning([node]) for (node, isrunning) in result: if isrunning: self.ui.info("%s did not terminate ... killing ..." % node.name) kill += [node] else: # crashed flag is set by _isrunning(). self.ui.info("%s crashed during shutdown" % node.name) if kill: # Kill those which did not terminate gracefully. stop(kill, 9) # Give them a bit to disappear. time.sleep(5) # Check which are still running. We check all nodes to be on the safe # side and give them a bit more time to finally disappear. timeout = 10 todo = {} for node in running: todo[node.name] = node while True: running = self._isrunning(todo.values(), setcrashed=False) for (node, isrunning) in running: if node.name in todo and not isrunning: # Alright, it's gone. del todo[node.name] terminated += [node] results.set_node_success(node) if not todo: # All done. break # Wait a bit before we start over. if timeout <= 0: break time.sleep(1) timeout -= 1 for node in todo: results.set_node_fail(node) # Do post-terminate cleanup for those which terminated gracefully. cleanup = [node for node in terminated if not node.hasCrashed()] cmds = [] postterminate = os.path.join(self.config.scriptsdir, "post-terminate") for node in cleanup: crashflag = "" if node in kill: crashflag = "killed" cmds += [(node, postterminate, [node.cwd(), crashflag])] for (node, success, output) in self.executor.run_cmds(cmds): if success: self._log_action(node, "stopped") else: self.ui.error("error running post-terminate for %s: %s" % (node.name, output[0])) self._log_action(node, "stopped (failed)") node.clearPID() node.clearCrashed() return results # Output status summary for nodes. def status(self, nodes): results = cmdresult.CmdResult() showall = self.config.statuscmdshowall != "0" if showall: self.ui.info("Getting process status ...") nodestatus = self._isrunning(nodes) running = [] cmds = [] for (node, isrunning) in nodestatus: if isrunning: running += [node] cmds += [(node, "first-line", ["%s/.startup" % node.cwd(), "%s/.status" % node.cwd()])] startups = {} statuses = {} for (n, success, output) in self.executor.run_helper(cmds): startups[n.name] = (success and output[0]) and util.fmttime(output[0]) or "???" statuses[n.name] = (success and output[1]) and output[1].split()[0].lower() or "???" if showall: self.ui.info("Getting peer status ...") peers = {} nodes = [n for n in running if statuses[n.name] == "running"] for (node, success, args) in self._query_peerstatus(nodes): if success: peers[node.name] = [] for f in args[0].split(): keyval = f.split("=") if len(keyval) > 1: (key, val) = keyval if key == "peer" and val != "": peers[node.name] += [val] for (node, isrunning) in nodestatus: node_info = { "name": node.name, "type": node.type, "host": node.host, "status": "stopped", "pid": None, "started": None, } if showall: node_info["peers"] = None if isrunning: node_info["status"] = statuses[node.name] elif node.hasCrashed(): node_info["status"] = "crashed" if isrunning: node_info["pid"] = node.getPID() if showall: if node.name in peers: node_info["peers"] = len(peers[node.name]) else: node_info["peers"] = "???" node_info["started"] = startups[node.name] results.set_node_data(node, True, node_info) return results # Check the configuration for nodes without installing first. def check(self, nodes): return self._check_config(nodes, False, False) # Print the loaded_scripts.log for either the installed scripts # (if "check" is false), or the original scripts (if "check" is true). def scripts(self, nodes, check): return self._check_config(nodes, not check, True) def _check_config(self, nodes, installed, list_scripts): results = cmdresult.CmdResult() nodetmpdirs = [(node, os.path.join(self.config.tmpdir, "check-config-%s" % node.name)) for node in nodes] nodes = [] for (node, cwd) in nodetmpdirs: if os.path.isdir(cwd): try: shutil.rmtree(cwd) except OSError as err: self.ui.error("cannot remove directory: %s" % err) results.ok = False return results try: os.makedirs(cwd) except OSError as err: self.ui.error("cannot create temporary directory: %s" % err) results.ok = False return results nodes += [(node, cwd)] cmds = [] for (node, cwd) in nodes: env = _make_env_params(node) installed_policies = installed and "1" or "0" print_scripts = list_scripts and "1" or "0" install.make_layout(cwd, self.ui, True) if not install.make_local_networks(cwd, self.ui, True): results.ok = False return results install.make_broctl_config_policy(cwd, self.ui, True) cmd = os.path.join(self.config.scriptsdir, "check-config") + " %s %s %s %s" % (installed_policies, print_scripts, cwd, " ".join(_make_bro_params(node, False))) cmd += " broctl/check" cmds += [((node, cwd), cmd, env, None)] for ((node, cwd), success, output) in execute.run_localcmds(cmds): results.set_node_output(node, success, output) shutil.rmtree(cwd) return results def _query_peerstatus(self, nodes): running = self._isrunning(nodes) eventlist = [] for (node, isrunning) in running: if isrunning: eventlist += [(node, "Control::peer_status_request", [], "Control::peer_status_response")] return events.send_events_parallel(eventlist) def execute_cmd(self, nodes, cmd): results = cmdresult.CmdResult() for node, success, out in self.executor.run_shell_cmds([(n, cmd) for n in nodes]): results.set_node_output(node, success, out) return results # Clean up the working directory for nodes (flushes state). # If cleantmp is true, also wipes ${tmpdir}; this is done # even when the node is still running. def cleanup(self, nodes, cleantmp=False): def addfailed(orig, res): for (n, status) in res: if not status: orig.add(n.name) return orig results = cmdresult.CmdResult() result = self._isrunning(nodes) running = [node for (node, on) in result if on] notrunning = [node for (node, on) in result if not on] for node in running: self.ui.info(" %s is still running, not cleaning work directory" % node) results1 = self.executor.rmdirs([(n, n.cwd()) for n in notrunning]) results2 = self.executor.mkdirs([(n, n.cwd()) for n in notrunning]) failed = set() failed = addfailed(failed, results1) failed = addfailed(failed, results2) for node in notrunning: node.clearCrashed() if cleantmp: results3 = self.executor.rmdirs([(n, self.config.tmpdir) for n in running + notrunning]) results4 = self.executor.mkdirs([(n, self.config.tmpdir) for n in running + notrunning]) failed = addfailed(failed, results3) failed = addfailed(failed, results4) for node in nodes: if node.name in failed: results.set_node_fail(node) else: results.set_node_success(node) return results # Report diagnostics for nodes (e.g., stderr output). def diag(self, nodes): results = cmdresult.CmdResult() crashdiag = os.path.join(self.config.scriptsdir, "crash-diag") cmds = [(node, crashdiag, [node.cwd()]) for node in nodes] for (node, success, output) in self.executor.run_cmds(cmds): if not success: errmsgs = ["error running crash-diag for %s" % node.name] errmsgs += output results.set_node_output(node, False, errmsgs) continue results.set_node_output(node, True, output) return results def capstats(self, nodes, interval): results = cmdresult.CmdResult() if self.config.capstatspath: for (node, netif, success, vals) in self.get_capstats_output(nodes, interval): if not success: vals = {"output": vals} results.set_node_data(node, success, vals) return results # Gather capstats from interfaces. # # Returns a list of tuples of the form (node, netif, success, vals) # where 'netif' is the network interface name used by capstats on # the 'node', and 'success' is a boolean indicating whether or not # we were able to get the data; in case there's no error, 'vals' maps # tags to their values (otherwise, 'vals' is an error message). # # Tags are those as returned by capstats on the command-line. # # If there is more than one node, then the results will also contain # one "pseudo-node" of the name "$total" with the sum of all individual # values. def get_capstats_output(self, nodes, interval): results = [] # Construct a list of (node, interface) tuples, one tuple for each # unique (host, interface) pair. nodenetifs = [] hosts = {} for node in nodes: if not node.interface: continue netif = self._capstats_interface(node) if hosts.setdefault((node.addr, netif), node) == node: nodenetifs.append((node, netif)) capstats = self.config.capstatspath cmds = [(node, capstats, ["-I", str(interval), "-n", "1", "-i", interface]) for (node, interface) in nodenetifs] outputs = self.executor.run_cmds(cmds) totals = {} for (node, success, output) in outputs: netif = self._capstats_interface(node) if not success: if output: results += [(node, netif, False, "%s: capstats failed (%s)" % (node.name, output[0]))] else: results += [(node, netif, False, "%s: cannot execute capstats" % node.name)] continue if not output: results += [(node, netif, False, "%s: no capstats output" % node.name)] continue fields = output[0].split()[1:] if not fields: results += [(node, netif, False, "%s: unexpected capstats output: %s" % (node.name, output[0]))] continue vals = {} try: for field in fields: (key, val) = field.split("=") val = float(val) vals[key] = val if key in totals: totals[key] += val else: totals[key] = val results += [(node, netif, True, vals)] except ValueError: results += [(node, netif, False, "%s: unexpected capstats output: %s" % (node.name, output[0]))] # Add pseudo-node for totals if len(nodes) > 1: results += [(node_mod.Node(self.config, "$total"), None, True, totals)] return results def _capstats_interface(self, node): netif = node.interface # If PF_RING+DNA with pfdnacluster_master is being used, then this hack # is needed to prevent capstats from trying to use the same interface # name as Bro. if netif.startswith("dnacl") and netif.count("@") == 1: netif = netif.split("@", 1)[0] return netif # Get current statistics from cFlow. # # Returns dict of the form port->(cum-pkts, cum-bytes). # # Returns None if we can't run the helper sucessfully. def getCFlowStatus(self): (success, output) = execute.run_localcmd(os.path.join(self.config.scriptsdir, "cflow-stats")) if not success or not output: self.ui.error("failed to run cflow-stats") return None vals = {} for line in output: try: (port, pps, bps, pkts, bytes) = line.split() vals[port] = (float(pkts), float(bytes)) except ValueError: # Probably an error message because we can't connect. self.ui.error("failed to get cFlow statistics: %s" % line) return None return vals # Calculates the differences between two getCFlowStatus() calls. # Returns a list of tuples in the same form as get_capstats_output() does. def calculateCFlowRate(self, start, stop, interval): diffs = [(port, stop[port][0] - start[port][0], (stop[port][1] - start[port][1])) for port in start.keys() if port in stop] rates = [] for (port, pkts, bytes) in diffs: vals = {"kpps": "%.1f" % (pkts / 1e3 / interval)} if start[port][1] >= 0: vals["mbps"] = "%.1f" % (bytes * 8 / 1e6 / interval) rates += [(port, None, vals)] return rates # Update the configuration of a running instance on the fly. def update(self, nodes): results = cmdresult.CmdResult() running = self._isrunning(nodes) zone = self.config.zoneid if not zone: zone = "NOZONE" cmds = [] for (node, isrunning) in running: if isrunning: env = _make_env_params(node) env += " BRO_DNS_FAKE=1" args = " ".join(_make_bro_params(node, False)) cmds += [(node.name, os.path.join(self.config.scriptsdir, "update") + " %s %s %s/tcp %s" % (util.format_bro_addr(node.addr), zone, node.getPort(), args), env, None)] self.ui.info("updating %s ..." % node.name) res = execute.run_localcmds(cmds) for (tag, success, output) in res: node = self.config.nodes(tag=tag)[0] if not success: self.ui.info("failed to update %s: %s" % (tag, output[0])) results.set_node_fail(node) else: self.ui.info("%s: %s" % (tag, output[0])) results.set_node_success(node) return results # Gets disk space on all volumes relevant to broctl installation. # Returns a list of the form: [ (host, diskinfo), ...] # where diskinfo is a list of the form DiskInfo named tuple objects (fs, # total, used, avail, percent) or ["FAIL", ] if an error # is encountered. def df(self, nodes): results = cmdresult.CmdResult() DiskInfo = namedtuple("DiskInfo", ("fs", "total", "used", "available", "percent")) dirs = ("logdir", "bindir", "helperdir", "cfgdir", "spooldir", "policydir", "libdir", "tmpdir", "staticdir", "scriptsdir") df = {} for node in nodes: df[node.name] = {} cmds = [] for node in nodes: for key in dirs: if key == "logdir" and node.type not in ("manager", "standalone"): # Don't need this on the workers/proxies. continue path = self.config.config[key] cmds += [(node, "df", [path])] res = self.executor.run_helper(cmds) for (node, success, output) in res: if success: if not output: df[node.name]["FAIL"] = "no output from df helper" continue fields = output[0].split() fs = fields[0] # Ignore NFS mounted volumes. if ":" in fs: continue total = float(fields[1]) used = float(fields[2]) avail = float(fields[3]) perc = used * 100.0 / (used + avail) df[node.name][fs] = DiskInfo(fs, total, used, avail, perc) else: if output: msg = output[0] else: msg = "unknown failure" df[node.name]["FAIL"] = msg for node in nodes: success = "FAIL" not in df[node.name] results.set_node_data(node, success, df[node.name]) return results # Returns a list of tuples of the form (node, error, vals) where 'error' is # an error message string, or None if there was no error. 'vals' is a list # of dicts which map tags to their values. Tags are "pid", "proc", "vsize", # "rss", "cpu", and "cmd". def get_top_output(self, nodes): results = [] cmds = [] running = self._isrunning(nodes) # Get all the PIDs first. pids = {} parents = {} for (node, isrunning) in running: if isrunning: pid = node.getPID() pids[node.name] = [pid] parents[node.name] = str(pid) cmds += [(node, "get-childs", [str(pid)])] else: results += [(node, "not running", [{}])] continue if not cmds: return results for (node, success, output) in self.executor.run_helper(cmds): if not success: results += [(node, "cannot get child pids", [{}])] continue pids[node.name] += [int(line) for line in output] cmds = [] hosts = {} # Now run top once per host. for node in nodes: # Do the loop again to keep the order. if node.name not in pids: continue if node.host in hosts: continue hosts[node.host] = 1 cmds += [(node, "top", [])] if not cmds: return results res = {} for (node, success, output) in self.executor.run_helper(cmds): res[node.host] = (success, output) # Gather results for all the nodes that are running for node in nodes: if node.name not in pids: continue success, output = res[node.host] if not success: results += [(node, "top failed: %s" % output[0], [{}])] continue if not output: results += [(node, "no output from top", [{}])] continue procs = [line.split() for line in output if int(line.split()[0]) in pids[node.name]] if not procs: # It's possible that the process is no longer there. results += [(node, "not running", [{}])] continue vals = [] try: for p in procs: d = {} d["pid"] = int(p[0]) d["proc"] = (p[0] == parents[node.name] and "parent" or "child") d["vsize"] = int(float(p[1])) #May be something like 2.17684e+9 d["rss"] = int(float(p[2])) d["cpu"] = p[3] d["cmd"] = " ".join(p[4:]) vals += [d] except ValueError as err: results += [(node, "unexpected top output: %s" % err, [{}])] continue results += [(node, None, vals)] return results # Produce a top-like output for node's processes. def top(self, nodes): results = cmdresult.CmdResult() for (node, error, vals) in self.get_top_output(nodes): top_info = {"name": node.name, "type": node.type, "host": node.host, "pid": None, "proc": None, "vsize": None, "rss": None, "cpu": None, "cmd": None, "error": None} if error: top_info["error"] = error results.set_node_data(node, False, {"procs": [top_info]}) continue proclist = [] for d in vals: top_info2 = top_info.copy() top_info2.update(d) proclist.append(top_info2) results.set_node_data(node, True, {"procs": proclist}) return results def print_id(self, nodes, id): running = self._isrunning(nodes) eventlist = [] for (node, isrunning) in running: if isrunning: eventlist += [(node, "Control::id_value_request", [id], "Control::id_value_response")] results = cmdresult.CmdResult() for (node, success, args) in events.send_events_parallel(eventlist): results.set_node_output(node, success, args) return results def _query_netstats(self, nodes): running = self._isrunning(nodes) eventlist = [] for (node, isrunning) in running: if isrunning: eventlist += [(node, "Control::net_stats_request", [], "Control::net_stats_response")] return events.send_events_parallel(eventlist) def peerstatus(self, nodes): results = cmdresult.CmdResult() for (node, success, args) in self._query_peerstatus(nodes): if success: out = args[0] else: out = args results.set_node_output(node, success, out) return results def netstats(self, nodes): results = cmdresult.CmdResult() for (node, success, args) in self._query_netstats(nodes): if success: out = args[0].strip() else: out = args results.set_node_output(node, success, out) return results def process(self, trace, bro_options, bro_scripts): results = cmdresult.CmdResult() if not os.path.isfile(trace): self.ui.error("trace file not found: %s" % trace) results.ok = False return results standalone = (self.config.standalone == "1") if standalone: tag = "standalone" else: tag = "workers" node = self.config.nodes(tag=tag)[0] cwd = os.path.join(self.config.tmpdir, "testing") if os.path.isdir(cwd): try: shutil.rmtree(cwd) except OSError as err: self.ui.error("cannot remove directory: %s" % err) results.ok = False return results try: os.makedirs(cwd) except OSError as err: self.ui.error("cannot create directory: %s" % err) results.ok = False return results env = _make_env_params(node) bro_args = " ".join(bro_options + _make_bro_params(node, False)) bro_args += " broctl/process-trace" if bro_scripts: bro_args += " " + " ".join(bro_scripts) cmd = os.path.join(self.config.scriptsdir, "run-bro-on-trace") + " %s %s %s %s" % (0, cwd, trace, bro_args) self.ui.info(cmd) (success, output) = execute.run_localcmd(cmd, env, donotcaptureoutput=True) if not success: results.ok = False for line in output: self.ui.info(line) self.ui.info("\n### Bro output in %s" % cwd) return results def install(self, local_only): results = cmdresult.CmdResult() try: self.config.record_bro_version() except config.ConfigurationError as err: self.ui.error("%s" % err) results.ok = False return results manager = self.config.manager() # Delete previously installed policy files to not mix things up. policies = [self.config.policydirsiteinstall, self.config.policydirsiteinstallauto] for dirpath in policies: if os.path.isdir(dirpath): self.ui.info("removing old policies in %s ..." % dirpath) try: shutil.rmtree(dirpath) except OSError as err: self.ui.error("failed to remove directory: %s" % err) results.ok = False return results self.ui.info("creating policy directories ...") for dirpath in policies: try: os.makedirs(dirpath) except OSError as err: self.ui.error("failed to create directory: %s" % err) results.ok = False return results # Install local site policy. if self.config.sitepolicypath: self.ui.info("installing site policies ...") dst = self.config.policydirsiteinstall for dir in self.config.sitepolicypath.split(":"): dirpath = self.config.subst(dir) for pathname in glob.glob(os.path.join(dirpath, "*")): if not execute.install(pathname, dst, self.ui): results.ok = False return results install.make_layout(self.config.policydirsiteinstallauto, self.ui) self.ui.info("generating local-networks.bro ...") if not install.make_local_networks(self.config.policydirsiteinstallauto, self.ui): results.ok = False return results self.ui.info("generating broctl-config.bro ...") install.make_broctl_config_policy(self.config.policydirsiteinstallauto, self.ui) current = self.config.subst(os.path.join(self.config.logdir, "current")) try: util.force_symlink(manager.cwd(), current) except (IOError, OSError) as err: results.ok = False self.ui.error("failed to update symlink '%s': %s" % (current, err)) return results self.ui.info("generating broctl-config.sh ...") if not install.make_broctl_config_sh(self.ui): results.ok = False return results if local_only: return results # Sync to clients. self.ui.info("updating nodes ...") # Make sure we install each remote host only once. nodes = self.config.hosts(nolocal=True) dirs = [] if self.config.havenfs != "1": # Non-NFS, need to explicitly synchronize. syncs = install.get_syncs() else: # NFS. We only need to take care of the spool/log directories. # We need this only on the manager. dirs.append((manager, self.config.logdir)) syncs = install.get_nfssyncs() createdirs = [self.config.subst(dir) for (dir, mirror) in syncs if not mirror] for n in nodes: for dir in createdirs: dirs.append((n, dir)) for (node, success) in self.executor.mkdirs(dirs): if not success: self.ui.error("cannot create (some of the) directories %s on node %s" % (",".join(createdirs), node.name)) results.ok = False return results paths = [self.config.subst(dir) for (dir, mirror) in syncs if mirror] if not execute.sync(nodes, paths, self.ui): results.ok = False return results # Save current node configuration state. self.config.update_nodecfg_hash() # Save current configuration state. self.config.update_broctlcfg_hash() return results # Triggers all activity which is to be done regularly via cron. def cron(self, watch): if not self.config.has_attr("cronenabled"): self.config.set_state("cronenabled", True) if not self.config.cronenabled: return # Check if "broctl install" has been run. if not os.path.exists(os.path.join(self.config.scriptsdir, "broctl-config.sh")): # Don't output anything here, otherwise the cron job may generate # emails before the user has a chance to do "broctl install". return # Flag to indicate that we're running from cron. self.config.config["cron"] = "1" cronui = cron.CronUI() tasks = cron.CronTasks(cronui, self.config, self, self.executor, self.pluginregistry) cronui.buffer_output() if watch: # Check if node state matches expected state, and start/stop if # necessary. startlist = [] stoplist = [] for (node, isrunning) in self._isrunning(self.config.nodes()): expectrunning = node.getExpectRunning() if not isrunning and expectrunning: startlist.append(node) elif isrunning and not expectrunning: stoplist.append(node) if startlist: results = self.start(startlist) if stoplist: results = self.stop(stoplist) # Check for dead hosts. tasks.check_hosts() # Generate statistics. tasks.log_stats(5) # Check available disk space. tasks.check_disk_space() # Expire old log files. tasks.expire_logs() # Update the HTTP stats directory. tasks.update_http_stats() # Run external command if we have one. tasks.run_cron_cmd() # Mail potential output. output = cronui.get_buffered_output() if output: success, out = self._sendmail("cron: " + output.splitlines()[0], output) if not success: self.ui.error("broctl cron failed to send mail: %s" % out[0]) self.ui.info("\nOutput of broctl cron:\n%s" % output) self.config.config["cron"] = "0" logging.debug("cron done") broctl-1.4-minimal/BroControl/install.py0000664002342100234210000002122712535575000020216 0ustar johannajohanna# Functions to install files on all nodes. import os from BroControl import util from BroControl import config # In all paths given in this file, ${