Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-06 08:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

packet_analysis: Introduce PacketAnalyzer::__disable_analyzer()

Browse source 
This adds machinery to the packet_analysis manager for disabling
and enabling packet analyzers and implements two low-level bifs
to use it.

Extend Analyzer::enable_analyzer() and Analyzer::disable_analyzer()
to transparently work with packet analyzers, too. This also allows
to add packet analyzers to Analyzer::disabled_analyzers.
This commit is contained in:
Arne Welzel 2022-09-29 14:36:18 +02:00
parent 0d5c669c1c
commit af5a0215c0
12 changed files with 206 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/packet_analysis/packet_analysis.bif
View file

@ -77,3 +77,17 @@ function register_protocol_detection%(parent: PacketAnalyzer::Tag, child: Packet
parent_analyzer->RegisterProtocolDetection(child_analyzer);
return zeek::val_mgr->True();
%}
## Internal function to disable a packet analyzer.
function PacketAnalyzer::__disable_analyzer%(id: PacketAnalyzer::Tag%) : bool
%{
bool result = zeek::packet_mgr->DisableAnalyzer(id->AsEnumVal());
return zeek::val_mgr->Bool(result);
%}
## Internal function to enable a packet analyzer.
function PacketAnalyzer::__enable_analyzer%(id: PacketAnalyzer::Tag%) : bool
%{
bool result = zeek::packet_mgr->EnableAnalyzer(id->AsEnumVal());
return zeek::val_mgr->Bool(result);
%}