Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Initial commit of file reassembly.

Browse source
This commit is contained in:
Seth Hall 2013-12-20 00:05:08 -05:00
parent ae9e0d4cb6
commit 0b78f444a1
11 changed files with 189 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/file_analysis/File.h
View file

@ -8,6 +8,7 @@
#include <utility>
#include <vector>
#include "FileReassembler.h"
#include "Conn.h"
#include "Val.h"
#include "Tag.h"
@ -16,6 +17,8 @@
namespace file_analysis {
class FileReassembler;
/**
* Wrapper class around \c fa_file record values from script layer.
*/
@ -248,6 +251,8 @@ protected:
private:
string id; /**< A pretty hash that likely identifies file */
RecordVal* val; /**< \c fa_file from script layer. */
uint64 forwarded_offset; /**< The offset of the file which has been forwarded. */
FileReassembler *file_reassembler; /**< A reassembler for the file if it's needed. */
bool postpone_timeout; /**< Whether postponing timeout is requested. */
bool first_chunk; /**< Track first non-linear chunk. */
bool missed_bof; /**< Flags that we missed start of file. */