Johanna Amann created BIT-1377:
----------------------------------
Summary: Please merge topic/johanna/conn-threshold
Key: BIT-1377
URL: https://bro-tracker.atlassian.net/browse/BIT-1377
Project: Bro Issue Tracker
Issue Type: Improvement
Components: Bro
Affects Versions: git/master
Reporter: Johanna Amann
Fix For: 2.4
Please merge topic/johanna/conn-threshold. This branch adds a high-level and a
low-level API for connection thresholding (packets or bytes).
The functions that are exposed to users are:
{code}
ConnThreshold::set_bytes_threshold(c, [bytes], [direction]);
ConnThreshold::set_packets_threshold(c, [packets], [direction]);
{code}
as well as ConnThreshold::delete_bytes_threshold and
ConnThreshold::delete_packets_threshold to delete thresholds. Several
thresholds can be added for a single connection; all of them will be raised.
The following two events trigger with the thresholds:
{code}
event ConnThreshold::bytes_threshold_crossed(c: connection, threshold: count,
is_orig: bool)
event ConnThreshold::packets_threshold_crossed(c: connection, threshold: count,
is_orig: bool)
{code}
--
This message was sent by Atlassian JIRA
(v6.4-OD-16-006#64014)
_______________________________________________
bro-dev mailing list
[email protected]
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
