Add basic LLC, SNAP, and Novell 802.3 packet analyzers

scripts/base/packet-protocols/__load__.zeek

@@ -20,6 +20,9 @@
 @load base/packet-protocols/udp
 @load base/packet-protocols/tcp
 @load base/packet-protocols/icmp
+@load base/packet-protocols/llc
+@load base/packet-protocols/novell_802_3
+@load base/packet-protocols/snap
 
 @load base/packet-protocols/gre
 @load base/packet-protocols/iptunnel

scripts/base/packet-protocols/llc/__load__.zeek

@@ -0,0 +1 @@
+@load ./main

scripts/base/packet-protocols/llc/main.zeek

@@ -0,0 +1 @@
+module PacketAnalyzer::LLC;

scripts/base/packet-protocols/novell_802_3/__load__.zeek

@@ -0,0 +1 @@
+@load ./main

scripts/base/packet-protocols/novell_802_3/main.zeek

@@ -0,0 +1,6 @@
+module PacketAnalyzer::NOVELL_802_3;
+
+export {
+	# The Novell 802.3 protocol should expect an IPX analyzer here. Since
+	# one doesn't exist yet, the default analyzer is left undefined.
+}

scripts/base/packet-protocols/snap/__load__.zeek

@@ -0,0 +1 @@
+@load ./main

scripts/base/packet-protocols/snap/main.zeek

@@ -0,0 +1,9 @@
+module PacketAnalyzer::SNAP;
+
+event zeek_init() &priority=20
+	{
+	PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_SNAP, 0x0800, PacketAnalyzer::ANALYZER_IP);
+	PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_SNAP, 0x86DD, PacketAnalyzer::ANALYZER_IP);
+	PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_SNAP, 0x0806, PacketAnalyzer::ANALYZER_ARP);
+	PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_SNAP, 0x8035, PacketAnalyzer::ANALYZER_ARP);
+	}