Finishing tunnel decapsulation support in C++ core.

Policy script is next.

policy/bro.init

@@ -86,7 +86,7 @@ export {
 	type parent_t: record {
 		cid: conn_id;
 		tunnel_type: tunneltype_t;
-	};
+	} &log;
 } # end export
 module GLOBAL;
 

src/Sessions.cc

@@ -135,7 +135,6 @@ NetSessions::NetSessions()
 		tunnel_handler = new TunnelHandler(this);
 	else
 		tunnel_handler = 0;
-	printf("tunnel_handler: %p\n", tunnel_handler);
 	}
 
 NetSessions::~NetSessions()

src/TunnelHandler.cc

@@ -18,10 +18,22 @@
 TunnelHandler::TunnelHandler(NetSessions *arg_s) 
 	{
 	s = arg_s;
+	PortVal *pv = 0;
+	TableVal *udp_tunnel_ports = BifConst::Tunnel::udp_tunnel_ports->AsTableVal();
+	// Find UDP ports we want to analyze. Store them in an array for faster
+	// lookup. 
 	for (int i=0; i< 65536; i++)
-		udp_ports[i] = 0;
+		{
-	udp_ports[3544] = 1;
+		Unref(pv);
-	udp_ports[5072] = 1;
+		pv = new PortVal(i, TRANSPORT_UDP);
+		if (udp_tunnel_ports->Lookup(pv, false)) 
+			{
+			udp_ports[i] = 1;
+			}
+		else 
+			udp_ports[i] = 0;
+		}
+	Unref(pv);
 	}
 
 TunnelInfo* TunnelHandler::DecapsulateTunnel(const IP_Hdr *ip_hdr, int len, int caplen,