Renamed LL-Analyzers to Packet Analyzers.

2025-10-02 22:58:20 +00:00 · 2020-07-13 16:44:39 +02:00 · 2020-07-13 16:44:39 +02:00 · e53ec46c23
commit e53ec46c23
parent b2e6c9ac9a
148 changed files with 587 additions and 587 deletions
--- a/src/packet_analysis/protocol/linux_sll/LinuxSLL.h
+++ b/src/packet_analysis/protocol/linux_sll/LinuxSLL.h
@ -0,0 +1,35 @@
+// See the file "COPYING" in the main distribution directory for copyright.
+
+#pragma once
+
+#include <packet_analysis/Analyzer.h>
+#include <packet_analysis/Component.h>
+
+namespace zeek::packet_analysis::LinuxSLL {
+
+class LinuxSLLAnalyzer : public Analyzer {
+public:
+	LinuxSLLAnalyzer();
+	~LinuxSLLAnalyzer() override = default;
+
+	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+
+	static Analyzer* Instantiate()
+		{
+		return new LinuxSLLAnalyzer();
+		}
+
+private:
+
+	// Structure layout is based on https://www.tcpdump.org/linktypes/LINKTYPE_LINUX_SLL.html
+	struct SLLHeader
+		{
+		uint16_t packet_type;
+		uint16_t arphrd_type;
+		uint16_t addr_len;
+		uint64_t addr;
+		uint16_t protocol_type;
+		} __attribute__((__packed__));
+};
+
+}