zeek-dev March 2016

zeek-dev@lists.zeek.org

198 discussions

[Bro-Dev] [JIRA] (BIT-1561) Pull Request to fix resource leaking in BroControl Python API

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1561?page=com.atlassian.jira.p… ] Daniel Thayer updated BIT-1561: ------------------------------- Resolution: Merged (was: Fixed) Status: Closed (was: Merge Request) > Pull Request to fix resource leaking in BroControl Python API > ------------------------------------------------------------- > > Key: BIT-1561 > URL: https://bro-tracker.atlassian.net/browse/BIT-1561 > Project: Bro Issue Tracker > Issue Type: Patch > Components: BroControl > Reporter: Aaron Eppert > Labels: broctl > > connDelete() is never called in broctl, which is generally not an issue if it is being used via the command line. However, given the Python interface for calling into broctl, if a service is written around broctl and any parallel events are sent (peerstatus, netstats, etc.) then a TCP connection will be maintained given a connDelete() is not called. After a fairly certain interval, resources become an issue and things fail. > https://github.com/bro/broctl/pull/4 -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

[Bro-Dev] [JIRA] (BIT-1561) Pull Request to fix resource leaking in BroControl Python API

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1561?page=com.atlassian.jira.p… ] Daniel Thayer commented on BIT-1561: ------------------------------------ Each time a broctl command is run that uses broccoli, a new TCP connection is established. The connection is not closed until one either exits from broctl, or stops the Bro nodes. Ideally, it would reuse the TCP connection, but at least your fix is better than the current situation. > Pull Request to fix resource leaking in BroControl Python API > ------------------------------------------------------------- > > Key: BIT-1561 > URL: https://bro-tracker.atlassian.net/browse/BIT-1561 > Project: Bro Issue Tracker > Issue Type: Patch > Components: BroControl > Reporter: Aaron Eppert > Labels: broctl > > connDelete() is never called in broctl, which is generally not an issue if it is being used via the command line. However, given the Python interface for calling into broctl, if a service is written around broctl and any parallel events are sent (peerstatus, netstats, etc.) then a TCP connection will be maintained given a connDelete() is not called. After a fairly certain interval, resources become an issue and things fail. > https://github.com/bro/broctl/pull/4 -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

[Bro-Dev] [JIRA] (BIT-1561) Pull Request to fix resource leaking in BroControl Python API

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1561?page=com.atlassian.jira.p… ] Daniel Thayer updated BIT-1561: ------------------------------- Description: connDelete() is never called in broctl, which is generally not an issue if it is being used via the command line. However, given the Python interface for calling into broctl, if a service is written around broctl and any parallel events are sent (peerstatus, netstats, etc.) then a TCP connection will be maintained given a connDelete() is not called. After a fairly certain interval, resources become an issue and things fail. https://github.com/bro/broctl/pull/4 was:https://github.com/bro/broctl/pull/4 > Pull Request to fix resource leaking in BroControl Python API > ------------------------------------------------------------- > > Key: BIT-1561 > URL: https://bro-tracker.atlassian.net/browse/BIT-1561 > Project: Bro Issue Tracker > Issue Type: Patch > Components: BroControl > Reporter: Aaron Eppert > Labels: broctl > > connDelete() is never called in broctl, which is generally not an issue if it is being used via the command line. However, given the Python interface for calling into broctl, if a service is written around broctl and any parallel events are sent (peerstatus, netstats, etc.) then a TCP connection will be maintained given a connDelete() is not called. After a fairly certain interval, resources become an issue and things fail. > https://github.com/bro/broctl/pull/4 -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

[Bro-Dev] [JIRA] (BIT-1549) broctl top command doesn't work on OS X 10.10 or newer

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1549?page=com.atlassian.jira.p… ] Daniel Thayer updated BIT-1549: ------------------------------- Status: Merge Request (was: Open) > broctl top command doesn't work on OS X 10.10 or newer > ------------------------------------------------------ > > Key: BIT-1549 > URL: https://bro-tracker.atlassian.net/browse/BIT-1549 > Project: Bro Issue Tracker > Issue Type: Task > Components: BroControl > Reporter: Daniel Thayer > Fix For: 2.5 > > > On OS X Mavericks, the broctl top command was working, but on Yosemite > (and El Capitan), it no longer works. The reason is that the > "-stats vprvt" option of the top command always prints "N/A". -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

[Bro-Dev] [JIRA] (BIT-1549) broctl top command doesn't work on OS X 10.10 or newer

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1549?page=com.atlassian.jira.p… ] Daniel Thayer reassigned BIT-1549: ---------------------------------- Assignee: Justin Azoff > broctl top command doesn't work on OS X 10.10 or newer > ------------------------------------------------------ > > Key: BIT-1549 > URL: https://bro-tracker.atlassian.net/browse/BIT-1549 > Project: Bro Issue Tracker > Issue Type: Task > Components: BroControl > Reporter: Daniel Thayer > Assignee: Justin Azoff > Fix For: 2.5 > > > On OS X Mavericks, the broctl top command was working, but on Yosemite > (and El Capitan), it no longer works. The reason is that the > "-stats vprvt" option of the top command always prints "N/A". -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

[Bro-Dev] [JIRA] (BIT-1549) broctl top command doesn't work on OS X 10.10 or newer

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1549?page=com.atlassian.jira.p… ] Daniel Thayer commented on BIT-1549: ------------------------------------ Branch "topic/dnthayer/ticket1549" in the broctl repo contains the fix for this issue. > broctl top command doesn't work on OS X 10.10 or newer > ------------------------------------------------------ > > Key: BIT-1549 > URL: https://bro-tracker.atlassian.net/browse/BIT-1549 > Project: Bro Issue Tracker > Issue Type: Task > Components: BroControl > Reporter: Daniel Thayer > Fix For: 2.5 > > > On OS X Mavericks, the broctl top command was working, but on Yosemite > (and El Capitan), it no longer works. The reason is that the > "-stats vprvt" option of the top command always prints "N/A". -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

[Bro-Dev] [JIRA] (BIT-1498) Suppress ssh login banner from broctl output

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1498?page=com.atlassian.jira.p… ] Daniel Thayer updated BIT-1498: ------------------------------- Resolution: Merged (was: Fixed) Status: Closed (was: Merge Request) > Suppress ssh login banner from broctl output > -------------------------------------------- > > Key: BIT-1498 > URL: https://bro-tracker.atlassian.net/browse/BIT-1498 > Project: Bro Issue Tracker > Issue Type: Patch > Components: BroControl > Affects Versions: 2.4 > Reporter: scampbell > Assignee: Daniel Thayer > Priority: Trivial > Labels: broctl > Fix For: 2.5 > > > When using broctl in an environment with login banners, they will be displayed in the broctl command. In the event that they can not be configured away on the sshd end using '-q' avoids displaying the banner on the client side. > The patch is trivial: > --- a/BroControl/ssh_runner.py > +++ b/BroControl/ssh_runner.py > @@ -108,6 +108,7 @@ class SSHMaster: > self.base_cmd = [ > "ssh", > "-o", "BatchMode=yes", > + "-q", > host, > ] > self.need_connect = True -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

[Bro-Dev] [JIRA] (BIT-1498) Suppress ssh login banner from broctl output

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1498?page=com.atlassian.jira.p… ] Daniel Thayer updated BIT-1498: ------------------------------- Summary: Suppress ssh login banner from broctl output (was: add '-q' to ssh execution in ssh_runner.py) > Suppress ssh login banner from broctl output > -------------------------------------------- > > Key: BIT-1498 > URL: https://bro-tracker.atlassian.net/browse/BIT-1498 > Project: Bro Issue Tracker > Issue Type: Patch > Components: BroControl > Affects Versions: 2.4 > Reporter: scampbell > Assignee: Daniel Thayer > Priority: Trivial > Labels: broctl > Fix For: 2.5 > > > When using broctl in an environment with login banners, they will be displayed in the broctl command. In the event that they can not be configured away on the sshd end using '-q' avoids displaying the banner on the client side. > The patch is trivial: > --- a/BroControl/ssh_runner.py > +++ b/BroControl/ssh_runner.py > @@ -108,6 +108,7 @@ class SSHMaster: > self.base_cmd = [ > "ssh", > "-o", "BatchMode=yes", > + "-q", > host, > ] > self.need_connect = True -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

[Bro-Dev] [JIRA] (BIT-1549) broctl top command doesn't work on OS X 10.10 or newer

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1549?page=com.atlassian.jira.p… ] Daniel Thayer commented on BIT-1549: ------------------------------------ As a quick fix, I will just change "vprvt" to "mem". This means that both memory columns in the top command output will contain the same data. > broctl top command doesn't work on OS X 10.10 or newer > ------------------------------------------------------ > > Key: BIT-1549 > URL: https://bro-tracker.atlassian.net/browse/BIT-1549 > Project: Bro Issue Tracker > Issue Type: Task > Components: BroControl > Reporter: Daniel Thayer > Fix For: 2.5 > > > On OS X Mavericks, the broctl top command was working, but on Yosemite > (and El Capitan), it no longer works. The reason is that the > "-stats vprvt" option of the top command always prints "N/A". -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

[Bro-Dev] [JIRA] (BIT-1498) add '-q' to ssh execution in ssh_runner.py

by Daniel Thayer (JIRA)

[ https://bro-tracker.atlassian.net/browse/BIT-1498?page=com.atlassian.jira.p… ] Daniel Thayer reassigned BIT-1498: ---------------------------------- Assignee: Daniel Thayer > add '-q' to ssh execution in ssh_runner.py > ------------------------------------------ > > Key: BIT-1498 > URL: https://bro-tracker.atlassian.net/browse/BIT-1498 > Project: Bro Issue Tracker > Issue Type: Patch > Components: BroControl > Affects Versions: 2.4 > Reporter: scampbell > Assignee: Daniel Thayer > Priority: Trivial > Labels: broctl > Fix For: 2.5 > > > When using broctl in an environment with login banners, they will be displayed in the broctl command. In the event that they can not be configured away on the sshd end using '-q' avoids displaying the banner on the client side. > The patch is trivial: > --- a/BroControl/ssh_runner.py > +++ b/BroControl/ssh_runner.py > @@ -108,6 +108,7 @@ class SSHMaster: > self.base_cmd = [ > "ssh", > "-o", "BatchMode=yes", > + "-q", > host, > ] > self.need_connect = True -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-022#72002)

5 years, 9 months

Jump to page:

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

zeek-dev March 2016