Add "encap_hdr_size" option back in.

The "tunnel_port" and "parse_udp_tunnels" options are still gone
as those did not work entirely (e.g. IPv6 support and misnaming
of tunnel_port/udp_tunnel_port).

scripts/base/init-bare.bro

@@ -915,6 +915,10 @@ const frag_timeout = 0.0 sec &redef;
 ##    to be potentially copied and buffered.
 const packet_sort_window = 0 usecs &redef;
 
+## If positive, indicates the encapsulation header size that should
+## be skipped. This applies to all packets.
+const encap_hdr_size = 0 &redef;
+
 ## Whether to use the ``ConnSize`` analyzer to count the number of packets and
 ## IP-level bytes transfered by each endpoint. If true, these values are returned
 ## in the connection's :bro:see:`endpoint`  record value.

src/NetVar.cc

@@ -30,6 +30,8 @@ int partial_connection_ok;
 int tcp_SYN_ack_ok;
 int tcp_match_undelivered;
 
+int encap_hdr_size;
+
 double frag_timeout;
 
 double tcp_SYN_timeout;
@@ -323,6 +325,8 @@ void init_net_var()
 	tcp_SYN_ack_ok = opt_internal_int("tcp_SYN_ack_ok");
 	tcp_match_undelivered = opt_internal_int("tcp_match_undelivered");
 
+	encap_hdr_size = opt_internal_int("encap_hdr_size");
+
 	frag_timeout = opt_internal_double("frag_timeout");
 
 	tcp_SYN_timeout = opt_internal_double("tcp_SYN_timeout");

src/NetVar.h

@@ -33,6 +33,8 @@ extern int partial_connection_ok;
 extern int tcp_SYN_ack_ok;
 extern int tcp_match_undelivered;
 
+extern int encap_hdr_size;
+
 extern double frag_timeout;
 
 extern double tcp_SYN_timeout;

src/Sessions.cc

@@ -158,6 +158,10 @@ void NetSessions::DispatchPacket(double t, const struct pcap_pkthdr* hdr,
 			ip_data = pkt + hdr_size + (ip_hdr->ip_hl << 2);
 		}
 
+	if ( encap_hdr_size > 0 && ip_data )
+		// Blanket encapsulation
+		hdr_size += encap_hdr_size;
+
 	if ( src_ps->FilterType() == TYPE_FILTER_NORMAL )
 		NextPacket(t, hdr, pkt, hdr_size, pkt_elem);
 	else