Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 08:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Tweaking tunnel decapsulation.

Browse source 
Changing names to comply with "Bro Scripting Conventions"
Tweaking documentation.
This commit is contained in:
Gregor Maier 2011-08-10 13:47:02 -07:00
parent 1a565fadfe
commit d0a67dc8bf
6 changed files with 33 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/TunnelHandler.cc
View file

@ -54,7 +54,7 @@ TunnelInfo* TunnelHandler::DecapsulateTunnel(const IP_Hdr *ip_hdr, int len, int
// TODO: check if IP6 header makes sense
tunnel_info = new TunnelInfo();
tunnel_info->child = new IP_Hdr((const struct ip6_hdr*)ip_hdr->Payload());
tunnel_info->tunneltype = BifEnum::Tunnel::IP6inIP;
tunnel_info->tunneltype = BifEnum::Tunnel::IP6_IN_IP;
tunnel_info->hdr_len = tunnel_info->child->HdrLen();
tunnel_info->SetParentIPs(ip_hdr);
return tunnel_info;
@ -86,7 +86,7 @@ TunnelInfo* TunnelHandler::HandleUDP(const IP_Hdr *ip_hdr, int len, int caplen)
const u_char *data = ip_hdr->Payload();
const struct udphdr* uh = (const struct udphdr*)data;
IP_Hdr *cand_ip_hdr = 0;
BifEnum::Tunnel::tunneltype_t tunneltype = BifEnum::Tunnel::NONE;
BifEnum::Tunnel::Tunneltype tunneltype = BifEnum::Tunnel::NONE;
int hdr_len = sizeof(struct udphdr);
data += hdr_len;
@ -103,7 +103,7 @@ TunnelInfo* TunnelHandler::HandleUDP(const IP_Hdr *ip_hdr, int len, int caplen)
if (cand_ip_hdr)
{
tunneltype = (cand_ip_hdr->IP4_Hdr()) ?
BifEnum::Tunnel::IP4inUDP : BifEnum::Tunnel::IP6inUDP;
BifEnum::Tunnel::IP4_IN_UDP : BifEnum::Tunnel::IP6_IN_UDP;
}
else if (datalen >= 8)
{
@ -129,7 +129,7 @@ TunnelInfo* TunnelHandler::HandleUDP(const IP_Hdr *ip_hdr, int len, int caplen)
{
hdr_len += 8 + id_len + sig_len;
tunneltype = (cand_ip_hdr->IP4_Hdr()) ?
BifEnum::Tunnel::IP4inAYIAY : BifEnum::Tunnel::IP6inAYIAY;
BifEnum::Tunnel::IP4_IN_AYIAY : BifEnum::Tunnel::IP6_IN_AYIAY;
}
}
if (cand_ip_hdr)

10
src/TunnelHandler.h
View file

@ -39,11 +39,11 @@ public:
RecordVal* GetRecordVal() const
{
RecordVal *rv = new RecordVal(BifType::Record::Tunnel::parent_t);
RecordVal *rv = new RecordVal(BifType::Record::Tunnel::Parent);
TransportProto tproto;
switch(tunneltype) {
case BifEnum::Tunnel::IP6inIP:
case BifEnum::Tunnel::IP4inIP:
case BifEnum::Tunnel::IP6_IN_IP:
case BifEnum::Tunnel::IP4_IN_IP:
tproto = TRANSPORT_UNKNOWN;
break;
default:
@ -56,14 +56,14 @@ public:
id_val->Assign(2, new AddrVal(parent.dst_addr));
id_val->Assign(3, new PortVal(ntohs(parent.dst_port), tproto));
rv->Assign(0, id_val);
rv->Assign(1, new EnumVal(tunneltype, BifType::Enum::Tunnel::tunneltype_t));
rv->Assign(1, new EnumVal(tunneltype, BifType::Enum::Tunnel::Tunneltype));
return rv;
}
IP_Hdr *child;
ConnID parent;
int hdr_len;
BifEnum::Tunnel::tunneltype_t tunneltype;
BifEnum::Tunnel::Tunneltype tunneltype;
};
class TunnelHandler {

16
src/types.bif
View file

@ -168,16 +168,16 @@ enum ID %{
module Tunnel;
enum tunneltype_t %{
enum Tunneltype %{
NONE,
IP6inIP,
IP4inIP,
IP6inUDP,
IP4inUDP,
IP6inAYIAY,
IP4inAYIAY,
IP6_IN_IP,
IP4_IN_IP,
IP6_IN_UDP,
IP4_IN_UDP,
IP6_IN_AYIAY,
IP4_IN_AYIAY,
%}
type parent_t: record;
type Parent: record;
module GLOBAL;