Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 22:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'master' of https://github.com/rdenniston/zeek

Browse source 
* 'master' of https://github.com/rdenniston/zeek:
  Add linux netfilter NFLOG capture functionality initial commit

I made modifications:

  - Formatting / code style

  - More error handling and validity checks

  - The Type and Length value of TLVs is technically host order

  - Changed / fixed the Length value padding check: it's generally
    32-bit alignment, not just aligning any TLV less than 8 bytes.
This commit is contained in:
Jon Siwek 2019-03-19 19:12:47 -07:00
commit a262ed8d9c
9 changed files with 132 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/iosource/BPF_Program.cc
View file

@ -104,6 +104,17 @@ bool BPF_Program::Compile(int snaplen, int linktype, const char* filter,
{
FreeCode();
if ( linktype == DLT_NFLOG )
{
// No-op, NFLOG does not support BPF filters.
// Raising a warning might be good, but it would also be noisy
// since the default scripts will always attempt to compile
// and install a default filter
m_compiled = true;
m_matches_anything = true;
return true;
}
#ifdef LIBPCAP_PCAP_COMPILE_NOPCAP_HAS_ERROR_PARAMETER
char my_error[PCAP_ERRBUF_SIZE];