From 69ab13c88ff8598e29692d7fc166a56f7a807f05 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Sat, 21 Apr 2012 15:10:30 -0400
Subject: [PATCH] Added some scripts for a tunnels framework.

- The AYIYA analyzer is now enabled on it's default port.
---
 scripts/base/frameworks/tunnels/__load__.bro | 1 +
 scripts/base/frameworks/tunnels/main.bro     | 8 ++++++++
 scripts/base/init-default.bro                | 1 +
 3 files changed, 10 insertions(+)
 create mode 100644 scripts/base/frameworks/tunnels/__load__.bro
 create mode 100644 scripts/base/frameworks/tunnels/main.bro

diff --git a/scripts/base/frameworks/tunnels/__load__.bro b/scripts/base/frameworks/tunnels/__load__.bro
new file mode 100644
index 0000000000..d551be57d3
--- /dev/null
+++ b/scripts/base/frameworks/tunnels/__load__.bro
@@ -0,0 +1 @@
+@load ./main
\ No newline at end of file
diff --git a/scripts/base/frameworks/tunnels/main.bro b/scripts/base/frameworks/tunnels/main.bro
new file mode 100644
index 0000000000..901bee9a75
--- /dev/null
+++ b/scripts/base/frameworks/tunnels/main.bro
@@ -0,0 +1,8 @@
+module Tunnels;
+
+export {
+
+}
+
+const ports = { 5072/udp } &redef;
+redef dpd_config += { [ANALYZER_AYIYA] = [$ports = ports] };
diff --git a/scripts/base/init-default.bro b/scripts/base/init-default.bro
index 1cf125c3ab..ecaa19132c 100644
--- a/scripts/base/init-default.bro
+++ b/scripts/base/init-default.bro
@@ -29,6 +29,7 @@
 @load base/frameworks/metrics
 @load base/frameworks/intel
 @load base/frameworks/reporter
+@load base/frameworks/tunnels
 
 @load base/protocols/conn
 @load base/protocols/dns