Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 02:28:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Added skeletons for TCP/UDP/ICMP packet analysis plugins.

Browse source 
This includes integration into the IP plugin and calling of the sessions code from each plugin.
This commit is contained in:
Tim Wojtulewicz 2021-02-24 15:04:48 -07:00
parent 82fb5722a1
commit 0c3e3069d0
25 changed files with 314 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/packet_analysis/protocol/ip/IP.cc
View file

@ -235,14 +235,6 @@ bool IPAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
packet->proto = proto;
switch ( proto ) {
case IPPROTO_TCP:
case IPPROTO_UDP:
case IPPROTO_ICMP:
case IPPROTO_ICMPV6:
DBG_LOG(DBG_PACKET_ANALYSIS, "Analysis in %s succeeded, next layer identifier is %#x.",
GetAnalyzerName(), proto);
session_mgr->ProcessTransportLayer(run_state::processing_start_time, packet, len);
break;
case IPPROTO_NONE:
// If the packet is encapsulated in Teredo, then it was a bubble and
// the Teredo analyzer may have raised an event for that, else we're