Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-13 20:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge remote-tracking branch 'origin/topic/jsiwek/gh-700-packet-sources-bif'

Browse source 
* origin/topic/jsiwek/gh-700-packet-sources-bif:
  GH-700: add packet_sources() BIF
This commit is contained in:
Tim Wojtulewicz 2019-12-05 11:57:12 -07:00
commit 5c85b083b6
6 changed files with 56 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

16
scripts/base/init-bare.zeek
View file

@ -120,6 +120,22 @@ type mime_match: record {
## :zeek:see:`file_magic`
type mime_matches: vector of mime_match;
## Properties of an I/O packet source being read by Zeek.
type PacketSource: record {
## Whether the packet source is a live interface or offline pcap file.
live: bool;
## The interface name for a live interface or filesystem path of
## an offline pcap file.
path: string;
## The data link-layer type of the packet source.
link_type: int;
## The netmask assoicated with the source or ``NETMASK_UNKNOWN``.
netmask: count;
};
## A list of packet sources being read by Zeek.
type PacketSourceList: vector of PacketSource;
## A connection's transport-layer protocol. Note that Zeek uses the term
## "connection" broadly, using flow semantics for ICMP and UDP.
type transport_proto: enum {