1. 10 Aug, 2006 1 commit
  2. 09 Aug, 2006 15 commits
  3. 08 Aug, 2006 8 commits
  4. 07 Aug, 2006 3 commits
  5. 04 Aug, 2006 2 commits
    • Kirk Webb's avatar
      · 19616c33
      Kirk Webb authored
      bah, fix to the fix.
      19616c33
    • Kirk Webb's avatar
      · 4b477246
      Kirk Webb authored
      A few little things:
      
      * Minor bugfix to node_type_attributes mod.
      * When we don't recognize the gateway, set type to "*Unknown*".  Should
        have always been doing this.
      * Add NLR gateway - new nodes detected here will be set to pcplabinet2,
        but this could easily be changed.
      4b477246
  6. 03 Aug, 2006 10 commits
    • Russ Fish's avatar
      Typo, and add a link. · af9285c6
      Russ Fish authored
      af9285c6
    • Russ Fish's avatar
      Tweaks. · 1fbf0f40
      Russ Fish authored
      1fbf0f40
    • Russ Fish's avatar
      Continuing evolution. · b94fa7d5
      Russ Fish authored
      b94fa7d5
    • Russ Fish's avatar
    • Russ Fish's avatar
      Document new Windows images. · 43e17f90
      Russ Fish authored
      43e17f90
    • Kirk Webb's avatar
      · 38c27731
      Kirk Webb authored
      Switch to using GNU tar ('gtar').  This must have been the default tar for
      FBSD 4.X since options are missing from the tar in FBSD 6.X
      38c27731
    • Dan Gebhardt's avatar
      initial checkin · 8cf4bd58
      Dan Gebhardt authored
      8cf4bd58
    • Dan Gebhardt's avatar
      initial checkin. · 3edf8fe1
      Dan Gebhardt authored
      3edf8fe1
    • Russ Fish's avatar
      fb3d6f46
    • Leigh Stoller's avatar
      Support for capturing the trace data that is stored in the pcal files · 4ce9c421
      Leigh Stoller authored
      into per-experiment databases on ops. Additional support for reconsituting
      those databases back into temporary databases on ops, for post processing.
      
      * This revision relies on the "snort" port (/usr/ports/security/snort)
        to read the pcap files and load them into a database. The schema is
        probably not ideal, but its better then nothing. See the file
        ops:/usr/local/share/examples/snort/create_mysql for the schema.
      
      * For simplicity, I have hooked into loghole, which already had all
        the code for downloading the trace data. I added some new methods to
        the XMLRPC server for loghole to use, to get the users DB password
        and the name of the per-experiment database. There is a new slot in
        the traces table that indicates that the trace should be snorted to
        its DB. In case you forgot, at the end of a run or when the instance
        is swapped out, loghole is run to download the trace data.
      
      * For reconsituting, there are lots of additions to opsdb_control and
        opsdb_control.proxy to create "temporary" databases and load them
        from a dump file that is stored in the archive. I've added a button
        to the Template Record page, inappropriately called "Analyze" since
        right now all it does is reconsitute the trace data into a DB on
        ops.
      
        Currently, the only indication of what has been done (the name of
        the DBs created on ops) is the log email that the user gets. A
        future project is tell the user this info in the web interface.
      
      * To turn on database capturing of trace data, do this in your NS
        file:
      
      	set link0 ...
      	$link0 trace
      	$link0 trace_snaplen 128
      	$link0 trace_db 1
      
         the increase in snaplen is optional, but a good idea if you want
         snort to undertand more then just ip headers.
      
      * Also some changes to the parser to allow plain experiments to take
        advantage of all this stuff. To simple get yourself a per-experiment
        DB, put this in your NS file:
      
      	tb-set-dpdb 1
      
        however, anytime you turn trace_db on for a link or lan, you
        automatically get a per-experiment DB.
      
      * To capture the trace data to the DB, you can run loghole by hand:
      
      	loghole sync -s
      
        the -s option turns on the "post-process" phase of loghole.
      4ce9c421
  7. 02 Aug, 2006 1 commit