mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
GH-1215: Remove dispatch_map from packet analysis, replace with BIF methods for registering dispatches
This commit is contained in:
Tim Wojtulewicz
Tim Wojtulewicz
parent
43821a8957
commit
cd06bf34c7
34 changed files with 3770 additions and 3623 deletions
|
|
@ -996,8 +996,8 @@ const UDP_ACTIVE = 1; ##< Endpoint has sent something.
|
|||
const ignore_checksums = F &redef;
|
||||
|
||||
## Checksums are ignored for all packets with a src address within this set of
|
||||
## networks. Useful for cases where a host might be seeing packets collected
|
||||
## from local hosts before checksums were applied by hardware. This frequently
|
||||
## networks. Useful for cases where a host might be seeing packets collected
|
||||
## from local hosts before checksums were applied by hardware. This frequently
|
||||
## manifests when sniffing a local management interface on a host and Zeek sees
|
||||
## packets before the hardware has had a chance to apply the checksums.
|
||||
option ignore_checksums_nets: set[subnet] = set();
|
||||
|
|
@ -1914,6 +1914,7 @@ type gtp_delete_pdp_ctx_response_elements: record {
|
|||
@load base/bif/option.bif
|
||||
@load base/frameworks/supervisor/api
|
||||
@load base/bif/supervisor.bif
|
||||
@load base/bif/packet_analysis.bif
|
||||
|
||||
## Internal function.
|
||||
function add_interface(iold: string, inew: string): string
|
||||
|
|
@ -5377,18 +5378,4 @@ event net_done(t: time)
|
|||
@if ( __init_primary_bifs() )
|
||||
@endif
|
||||
|
||||
module PacketAnalyzer;
|
||||
|
||||
export {
|
||||
type DispatchEntry : record {
|
||||
## The analyzer to dispatch.
|
||||
analyzer : PacketAnalyzer::Tag;
|
||||
};
|
||||
|
||||
## A packet analyzer may extract a numeric identifier, which can be found in the
|
||||
## packet data and denotes the encapsulated protocol. A DispatchMap allows to map
|
||||
## the identifier to a child analyzer, which is defined using a DispatchEntry.
|
||||
type DispatchMap : table[count] of DispatchEntry;
|
||||
}
|
||||
|
||||
@load base/packet-protocols
|
||||
|
|
|
|||
|
|
@ -5,24 +5,22 @@ export {
|
|||
const default_analyzer: PacketAnalyzer::Tag = PacketAnalyzer::ANALYZER_IP &redef;
|
||||
|
||||
## IEEE 802.2 SNAP analyzer
|
||||
const snap_analyzer: PacketAnalyzer::Tag &redef;
|
||||
global snap_analyzer: PacketAnalyzer::Tag &redef;
|
||||
## Novell raw IEEE 802.3 analyzer
|
||||
const novell_raw_analyzer: PacketAnalyzer::Tag &redef;
|
||||
global novell_raw_analyzer: PacketAnalyzer::Tag &redef;
|
||||
## IEEE 802.2 LLC analyzer
|
||||
const llc_analyzer: PacketAnalyzer::Tag &redef;
|
||||
|
||||
## Identifier mappings based on EtherType
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
global llc_analyzer: PacketAnalyzer::Tag &redef;
|
||||
}
|
||||
|
||||
redef dispatch_map += {
|
||||
[0x8847] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_MPLS),
|
||||
[0x0800] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x86DD] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x0806] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_ARP),
|
||||
[0x8035] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_ARP),
|
||||
[0x8100] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_VLAN),
|
||||
[0x88A8] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_VLAN),
|
||||
[0x9100] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_VLAN),
|
||||
[0x8864] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_PPPOE)
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x8847, PacketAnalyzer::ANALYZER_MPLS);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x0800, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x86DD, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x0806, PacketAnalyzer::ANALYZER_ARP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x8035, PacketAnalyzer::ANALYZER_ARP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x8100, PacketAnalyzer::ANALYZER_VLAN);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x88A8, PacketAnalyzer::ANALYZER_VLAN);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x9100, PacketAnalyzer::ANALYZER_VLAN);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ETHERNET, 0x8864, PacketAnalyzer::ANALYZER_PPPOE);
|
||||
}
|
||||
|
|
@ -1,13 +1,9 @@
|
|||
module PacketAnalyzer::IEEE802_11;
|
||||
|
||||
export {
|
||||
## Identifier mappings based on EtherType
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
|
||||
redef dispatch_map += {
|
||||
[0x0800] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x86DD] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x0806] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_ARP),
|
||||
[0x8035] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_ARP)
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_IEEE802_11, 0x0800, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_IEEE802_11, 0x86DD, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_IEEE802_11, 0x0806, PacketAnalyzer::ANALYZER_ARP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_IEEE802_11, 0x8035, PacketAnalyzer::ANALYZER_ARP);
|
||||
}
|
||||
|
|
@ -1,12 +1,8 @@
|
|||
module PacketAnalyzer::IEEE802_11_RADIO;
|
||||
|
||||
export {
|
||||
## Identifier mappings
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
|
||||
const DLT_IEEE802_11 : count = 105;
|
||||
|
||||
redef dispatch_map += {
|
||||
[DLT_IEEE802_11] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IEEE802_11)
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_IEEE802_11_RADIO, DLT_IEEE802_11, PacketAnalyzer::ANALYZER_IEEE802_11);
|
||||
}
|
||||
|
|
@ -1,12 +1,8 @@
|
|||
module PacketAnalyzer::IP;
|
||||
|
||||
export {
|
||||
## Identifier mappings based on IP version (4 or 6)
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
|
||||
redef dispatch_map += {
|
||||
[4] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IPTUNNEL), # IPv4 tunnel
|
||||
[41] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IPTUNNEL), # IPv6 tunnel
|
||||
[47] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_GRE)
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_IP, 4, PacketAnalyzer::ANALYZER_IPTUNNEL);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_IP, 41, PacketAnalyzer::ANALYZER_IPTUNNEL);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_IP, 47, PacketAnalyzer::ANALYZER_GRE);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,14 +1,11 @@
|
|||
module PacketAnalyzer::LINUXSLL;
|
||||
|
||||
export {
|
||||
## Identifier mappings based on EtherType
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_LINUXSLL, 0x0800, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_LINUXSLL, 0x86DD, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_LINUXSLL, 0x0806, PacketAnalyzer::ANALYZER_ARP);
|
||||
|
||||
redef dispatch_map += {
|
||||
[0x0800] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x86DD] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x0806] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_ARP),
|
||||
# RARP
|
||||
[0x8035] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_ARP)
|
||||
};
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_LINUXSLL, 0x8035, PacketAnalyzer::ANALYZER_ARP);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,14 +1,10 @@
|
|||
module PacketAnalyzer::NFLOG;
|
||||
|
||||
export {
|
||||
## Identifier mappings
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
|
||||
const AF_INET : count = 2;
|
||||
const AF_INET6 : count = 10;
|
||||
|
||||
redef dispatch_map += {
|
||||
[AF_INET] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[AF_INET6] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP)
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_NFLOG, AF_INET, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_NFLOG, AF_INET6, PacketAnalyzer::ANALYZER_IP);
|
||||
}
|
||||
|
|
@ -1,24 +1,18 @@
|
|||
module PacketAnalyzer::NULL;
|
||||
|
||||
export {
|
||||
## Identifier mappings
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
|
||||
const DLT_NULL : count = 0;
|
||||
|
||||
redef PacketAnalyzer::ROOT::dispatch_map += {
|
||||
[DLT_NULL] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_NULL)
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ROOT, DLT_NULL, PacketAnalyzer::ANALYZER_NULL);
|
||||
|
||||
## From the Wireshark Wiki: AF_INET6ANALYZER, unfortunately, has different
|
||||
## values in {NetBSD,OpenBSD,BSD/OS}, {FreeBSD,DragonFlyBSD}, and
|
||||
## {Darwin/macOS}, so an IPv6 packet might have a link-layer header with 24, 28,
|
||||
## or 30 as the ``AF_`` value. As we may be reading traces captured on platforms
|
||||
## other than what we're running on, we accept them all here.
|
||||
redef dispatch_map += {
|
||||
[2] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[24] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[28] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[30] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP)
|
||||
};
|
||||
# From the Wireshark Wiki: AF_INET6ANALYZER, unfortunately, has different
|
||||
# values in {NetBSD,OpenBSD,BSD/OS}, {FreeBSD,DragonFlyBSD}, and
|
||||
# {Darwin/macOS}, so an IPv6 packet might have a link-layer header with 24, 28,
|
||||
# or 30 as the ``AF_`` value. As we may be reading traces captured on platforms
|
||||
# other than what we're running on, we accept them all here.
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_NULL, 2, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_NULL, 24, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_NULL, 28, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_NULL, 30, PacketAnalyzer::ANALYZER_IP);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,18 +1,12 @@
|
|||
module PacketAnalyzer::PPP_SERIAL;
|
||||
|
||||
export {
|
||||
## Identifier mappings
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
|
||||
const DLT_PPP_SERIAL : count = 50;
|
||||
|
||||
redef PacketAnalyzer::ROOT::dispatch_map += {
|
||||
[DLT_PPP_SERIAL] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_PPPSERIAL)
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ROOT, DLT_PPP_SERIAL, PacketAnalyzer::ANALYZER_PPPSERIAL);
|
||||
|
||||
redef dispatch_map += {
|
||||
[0x0281] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_MPLS),
|
||||
[0x0021] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x0057] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP)
|
||||
};
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_PPPSERIAL, 0x0281, PacketAnalyzer::ANALYZER_MPLS);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_PPPSERIAL, 0x0021, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_PPPSERIAL, 0x0057, PacketAnalyzer::ANALYZER_IP);
|
||||
}
|
||||
|
|
@ -1,11 +1,7 @@
|
|||
module PacketAnalyzer::PPPOE;
|
||||
|
||||
export {
|
||||
## Identifier mappings
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
|
||||
redef dispatch_map += {
|
||||
[0x0021] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x0057] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP)
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_PPPOE, 0x0021, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_PPPOE, 0x0057, PacketAnalyzer::ANALYZER_IP);
|
||||
}
|
||||
|
|
@ -3,9 +3,6 @@ module PacketAnalyzer::ROOT;
|
|||
export {
|
||||
## Default analyzer (if we don't know the link type, we assume raw IP)
|
||||
const default_analyzer: PacketAnalyzer::Tag = PacketAnalyzer::ANALYZER_IP &redef;
|
||||
|
||||
## Identifier mappings based on link type
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
|
||||
const DLT_EN10MB : count = 1;
|
||||
|
|
@ -15,12 +12,12 @@ const DLT_IEEE802_11_RADIO : count = 127;
|
|||
const DLT_LINUX_SLL : count = 113;
|
||||
const DLT_NFLOG : count = 239;
|
||||
|
||||
redef dispatch_map += {
|
||||
[DLT_EN10MB] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_ETHERNET),
|
||||
[DLT_FDDI] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_FDDI),
|
||||
[DLT_IEEE802_11] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IEEE802_11),
|
||||
[DLT_IEEE802_11_RADIO] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IEEE802_11_RADIO),
|
||||
[DLT_LINUX_SLL] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_LINUXSLL),
|
||||
[DLT_NFLOG] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_NFLOG)
|
||||
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ROOT, DLT_EN10MB, PacketAnalyzer::ANALYZER_ETHERNET);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ROOT, DLT_FDDI, PacketAnalyzer::ANALYZER_FDDI);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ROOT, DLT_IEEE802_11, PacketAnalyzer::ANALYZER_IEEE802_11);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ROOT, DLT_IEEE802_11_RADIO, PacketAnalyzer::ANALYZER_IEEE802_11_RADIO);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ROOT, DLT_LINUX_SLL, PacketAnalyzer::ANALYZER_LINUXSLL);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_ROOT, DLT_NFLOG, PacketAnalyzer::ANALYZER_NFLOG);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,16 +1,12 @@
|
|||
module PacketAnalyzer::VLAN;
|
||||
|
||||
export {
|
||||
## Identifier mappings based on EtherType
|
||||
const dispatch_map: PacketAnalyzer::DispatchMap = {} &redef;
|
||||
}
|
||||
|
||||
redef dispatch_map += {
|
||||
[0x8847] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_MPLS),
|
||||
[0x0800] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x86DD] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_IP),
|
||||
[0x0806] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_ARP),
|
||||
[0x8035] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_ARP),
|
||||
[0x8100] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_VLAN),
|
||||
[0x8864] = PacketAnalyzer::DispatchEntry($analyzer=PacketAnalyzer::ANALYZER_PPPOE)
|
||||
};
|
||||
event zeek_init() &priority=20
|
||||
{
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_VLAN, 0x8847, PacketAnalyzer::ANALYZER_MPLS);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_VLAN, 0x0800, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_VLAN, 0x86DD, PacketAnalyzer::ANALYZER_IP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_VLAN, 0x0806, PacketAnalyzer::ANALYZER_ARP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_VLAN, 0x8035, PacketAnalyzer::ANALYZER_ARP);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_VLAN, 0x8100, PacketAnalyzer::ANALYZER_VLAN);
|
||||
PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_VLAN, 0x8864, PacketAnalyzer::ANALYZER_PPPOE);
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue