Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add GTPv1 packet analyzer, disable old analyzer

Browse source
This commit is contained in:
Tim Wojtulewicz 2021-11-03 12:17:22 -07:00
parent dc0ecf9811
commit 2044fbe53b
28 changed files with 1661 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

5
scripts/base/frameworks/tunnels/main.zeek
View file

@ -90,14 +90,9 @@ export {
global finalize_tunnel: Conn::RemovalHook;
}
const gtpv1_ports = { 2152/udp, 2123/udp };
redef likely_server_ports += { gtpv1_ports };
event zeek_init() &priority=5
{
Log::create_stream(Tunnel::LOG, [$columns=Info, $path="tunnel", $policy=log_policy]);
Analyzer::register_for_ports(Analyzer::ANALYZER_GTPV1, gtpv1_ports);
}
function register_all(ecv: EncapsulatingConnVector)