mirror of
https://github.com/zeek/zeek.git
synced 2025-10-14 20:48:21 +00:00
Merge branch 'topic/rework-packets' of https://github.com/jsbarber/bro
* 'topic/rework-packets' of https://github.com/jsbarber/bro: One more tinker to Packet -- ensure no uninitialized values Packet::IP()-created IP_Hdr should not free Make enums work for non-C++11 config Refactor to make bro use a common Packet object. Do a better job of parsing layer 2 and keeping track of layer 3 proto. Add support for raw packet event, including Layer2 headers. Conflicts: aux/plugins
This commit is contained in:
Robin Sommer
commit
fe3579f1b4
34 changed files with 572 additions and 431 deletions
25
src/IP.cc
25
src/IP.cc
|
|
@ -327,24 +327,31 @@ RecordVal* IP_Hdr::BuildIPHdrVal() const
|
|||
RecordVal* IP_Hdr::BuildPktHdrVal() const
|
||||
{
|
||||
static RecordType* pkt_hdr_type = 0;
|
||||
|
||||
if ( ! pkt_hdr_type )
|
||||
pkt_hdr_type = internal_type("pkt_hdr")->AsRecordType();
|
||||
|
||||
RecordVal* pkt_hdr = new RecordVal(pkt_hdr_type);
|
||||
return BuildPktHdrVal(pkt_hdr, 0);
|
||||
}
|
||||
|
||||
RecordVal* IP_Hdr::BuildPktHdrVal(RecordVal* pkt_hdr, int sindex) const
|
||||
{
|
||||
static RecordType* tcp_hdr_type = 0;
|
||||
static RecordType* udp_hdr_type = 0;
|
||||
static RecordType* icmp_hdr_type = 0;
|
||||
|
||||
if ( ! pkt_hdr_type )
|
||||
if ( ! tcp_hdr_type )
|
||||
{
|
||||
pkt_hdr_type = internal_type("pkt_hdr")->AsRecordType();
|
||||
tcp_hdr_type = internal_type("tcp_hdr")->AsRecordType();
|
||||
udp_hdr_type = internal_type("udp_hdr")->AsRecordType();
|
||||
icmp_hdr_type = internal_type("icmp_hdr")->AsRecordType();
|
||||
}
|
||||
|
||||
RecordVal* pkt_hdr = new RecordVal(pkt_hdr_type);
|
||||
|
||||
if ( ip4 )
|
||||
pkt_hdr->Assign(0, BuildIPHdrVal());
|
||||
pkt_hdr->Assign(sindex + 0, BuildIPHdrVal());
|
||||
else
|
||||
pkt_hdr->Assign(1, BuildIPHdrVal());
|
||||
pkt_hdr->Assign(sindex + 1, BuildIPHdrVal());
|
||||
|
||||
// L4 header.
|
||||
const u_char* data = Payload();
|
||||
|
|
@ -368,7 +375,7 @@ RecordVal* IP_Hdr::BuildPktHdrVal() const
|
|||
tcp_hdr->Assign(6, new Val(tp->th_flags, TYPE_COUNT));
|
||||
tcp_hdr->Assign(7, new Val(ntohs(tp->th_win), TYPE_COUNT));
|
||||
|
||||
pkt_hdr->Assign(2, tcp_hdr);
|
||||
pkt_hdr->Assign(sindex + 2, tcp_hdr);
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
@ -381,7 +388,7 @@ RecordVal* IP_Hdr::BuildPktHdrVal() const
|
|||
udp_hdr->Assign(1, new PortVal(ntohs(up->uh_dport), TRANSPORT_UDP));
|
||||
udp_hdr->Assign(2, new Val(ntohs(up->uh_ulen), TYPE_COUNT));
|
||||
|
||||
pkt_hdr->Assign(3, udp_hdr);
|
||||
pkt_hdr->Assign(sindex + 3, udp_hdr);
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
@ -392,7 +399,7 @@ RecordVal* IP_Hdr::BuildPktHdrVal() const
|
|||
|
||||
icmp_hdr->Assign(0, new Val(icmpp->icmp_type, TYPE_COUNT));
|
||||
|
||||
pkt_hdr->Assign(4, icmp_hdr);
|
||||
pkt_hdr->Assign(sindex + 4, icmp_hdr);
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue