[Bro-Dev] #816: Reworked PacketFilter framework
Bro Tracker
bro at tracker.bro-ids.org
Wed May 2 20:32:17 PDT 2012
#816: Reworked PacketFilter framework
---------------------------+------------------------
Reporter: seth | Owner:
Type: Merge Request | Status: new
Priority: Normal | Milestone: Bro2.1
Component: Bro | Version: git/master
Keywords: |
---------------------------+------------------------
This is in the topic/seth/scripts-for-2.1 branch, apologies for the poor
naming. One test is failing for me (coverage.test-all-policy) but I'm not
sure what to do to fix it.
This branch reworks the packet filter framework to make it easier to
accomplish common actions.
- Removes the PacketFilter::all_packets variable and instead makes "ip or
not ip" the default capture filter.
- Adds some convenience methods for restricting the traffic that is
monitored and shunting traffic away with BPF.
- Adds the beginning of load balancing support that is necessary to tie in
with some load balancing methods through broctl.
- Change the queue manager to flush the event queue before initializing
analyzers through DPD.
- New protocols framework that adds some convenience support for defining
the analyzer->DPD linkage.
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/816>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list