[Bro-Dev] [JIRA] (BIT-1377) Please merge topic/johanna/conn-threshold
Johanna Amann (JIRA)
jira at bro-tracker.atlassian.net
Fri Apr 17 10:05:00 PDT 2015
Johanna Amann created BIT-1377:
----------------------------------
Summary: Please merge topic/johanna/conn-threshold
Key: BIT-1377
URL: https://bro-tracker.atlassian.net/browse/BIT-1377
Project: Bro Issue Tracker
Issue Type: Improvement
Components: Bro
Affects Versions: git/master
Reporter: Johanna Amann
Fix For: 2.4
Please merge topic/johanna/conn-threshold. This branch adds a high-level and a low-level API for connection thresholding (packets or bytes).
The functions that are exposed to users are:
{code}
ConnThreshold::set_bytes_threshold(c, [bytes], [direction]);
ConnThreshold::set_packets_threshold(c, [packets], [direction]);
{code}
as well as ConnThreshold::delete_bytes_threshold and ConnThreshold::delete_packets_threshold to delete thresholds. Several thresholds can be added for a single connection; all of them will be raised.
The following two events trigger with the thresholds:
{code}
event ConnThreshold::bytes_threshold_crossed(c: connection, threshold: count, is_orig: bool)
event ConnThreshold::packets_threshold_crossed(c: connection, threshold: count, is_orig: bool)
{code}
--
This message was sent by Atlassian JIRA
(v6.4-OD-16-006#64014)
More information about the bro-dev
mailing list