mirror of
https://github.com/zeek/zeek.git
synced 2025-10-08 17:48:21 +00:00
Unified2 file analyzer updated to new plugin style.
This commit is contained in:
Seth Hall
parent
a6eb7bb9df
commit
04de4ce24b
15 changed files with 169 additions and 28 deletions
40
src/file_analysis/analyzer/unified2/Unified2.h
Normal file
40
src/file_analysis/analyzer/unified2/Unified2.h
Normal file
|
|
@ -0,0 +1,40 @@
|
|||
// See the file "COPYING" in the main distribution directory for copyright.
|
||||
|
||||
#ifndef FILE_ANALYSIS_UNIFIED2_H
|
||||
#define FILE_ANALYSIS_UNIFIED2_H
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "Val.h"
|
||||
#include "File.h"
|
||||
#include "Analyzer.h"
|
||||
#include "unified2_pac.h"
|
||||
|
||||
namespace file_analysis {
|
||||
|
||||
/**
|
||||
* An analyzer to extract content of files to local disk.
|
||||
*/
|
||||
class Unified2 : public file_analysis::Analyzer {
|
||||
public:
|
||||
|
||||
virtual ~Unified2();
|
||||
|
||||
virtual bool DeliverStream(const u_char* data, uint64 len);
|
||||
|
||||
static file_analysis::Analyzer* Instantiate(RecordVal* args, File* file);
|
||||
|
||||
protected:
|
||||
|
||||
Unified2(RecordVal* args, File* file);
|
||||
|
||||
private:
|
||||
binpac::Unified2::Unified2_Analyzer* interp;
|
||||
|
||||
string filename;
|
||||
int fd;
|
||||
};
|
||||
|
||||
} // namespace file_analysis
|
||||
|
||||
#endif
|
||||
Loading…
Add table
Add a link
Reference in a new issue