Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-17 05:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Renamed LL-Analyzers to Packet Analyzers.

Browse source
This commit is contained in:
Jan Grashoefer 2020-07-13 16:44:39 +02:00 committed by Tim Wojtulewicz
parent b2e6c9ac9a
commit e53ec46c23
148 changed files with 587 additions and 587 deletions
Download patch file Download diff file Expand all files Collapse all files

19
src/packet_analysis/protocol/arp/ARP.cc Normal file
View file

@ -0,0 +1,19 @@
// See the file "COPYING" in the main distribution directory for copyright.
#include "ARP.h"
using namespace zeek::packet_analysis::ARP;
ARPAnalyzer::ARPAnalyzer()
: zeek::packet_analysis::Analyzer("ARP")
{
}
std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> ARPAnalyzer::Analyze(Packet* packet)
{
// TODO: Make ARP analyzer a native LL analyzer
packet->l3_proto = L3_ARP;
// Leave LL analyzer land
return { AnalyzerResult::Terminate, 0 };
}

23
src/packet_analysis/protocol/arp/ARP.h Normal file
View file

@ -0,0 +1,23 @@
// See the file "COPYING" in the main distribution directory for copyright.
#pragma once
#include <packet_analysis/Analyzer.h>
#include <packet_analysis/Component.h>
namespace zeek::packet_analysis::ARP {
class ARPAnalyzer : public Analyzer {
public:
ARPAnalyzer();
~ARPAnalyzer() override = default;
std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
static Analyzer* Instantiate()
{
return new ARPAnalyzer();
}
};
}

8
src/packet_analysis/protocol/arp/CMakeLists.txt Normal file
View file

@ -0,0 +1,8 @@
include(ZeekPlugin)
include_directories(BEFORE $ {CMAKE_CURRENT_SOURCE_DIR} $ {CMAKE_CURRENT_BINARY_DIR})
zeek_plugin_begin(LLAnalyzer ARP)
zeek_plugin_cc(ARP.cc Plugin.cc)
zeek_plugin_end()

24
src/packet_analysis/protocol/arp/Plugin.cc Normal file
View file

@ -0,0 +1,24 @@
// See the file "COPYING" in the main distribution directory for copyright.
#include "plugin/Plugin.h"
#include "ARP.h"
#include "packet_analysis/Component.h"
namespace zeek::plugin::Zeek_ARP {
class Plugin : public zeek::plugin::Plugin {
public:
zeek::plugin::Configuration Configure()
{
AddComponent(new zeek::packet_analysis::Component("ARP",
zeek::packet_analysis::ARP::ARPAnalyzer::Instantiate));
zeek::plugin::Configuration config;
config.name = "Zeek::ARP";
config.description = "ARP packet analyzer";
return config;
}
} plugin;
}