Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-12 03:28:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
11865 commits 389 branches 195 tags 271 MiB
Commit graph

26 commits

Author SHA1 Message Date
Tim Wojtulewicz
3e1692676d Move SessionManager::ParseIPPacket to IP analyzer's namespace 2021-05-18 11:52:03 -07:00
Tim Wojtulewicz
0c3e3069d0 Added skeletons for TCP/UDP/ICMP packet analysis plugins. 
This includes integration into the IP plugin and calling of the sessions code from each plugin.
 2021-05-18 11:52:03 -07:00
Tim Wojtulewicz
0b7ca5e7bc Remove Session prefix from some session-related classes and files 2021-04-29 11:09:35 -07:00
Tim Wojtulewicz
18c6aaaa33 Move session code into new directory and into zeek::session namespace 2021-04-29 11:09:35 -07:00
Tim Wojtulewicz
db1d753b35 Rename NetSessions to SessionManager 
This also includes:
- Deprecating the NetSessions name.
- Renaming the zeek::sessions global to zeek::session_mgr and deprecating the old name.
- Renaming Sessions.{h,cc} to SessionManager.{h,cc}.
 2021-04-29 10:24:45 -07:00
Tim Wojtulewicz
c752d76052 Move packet filter out of NetSessions 2021-04-29 10:24:45 -07:00
Tim Wojtulewicz
6c52fd502f GH-1493: Fix build with -DENABLE_MOBILE_IPV6 2021-04-07 13:44:18 -07:00
Tim Wojtulewicz
5111b8e386 Fix comment in IP analyzer 2021-03-02 14:04:30 -07:00
Tim Wojtulewicz
e27008ef26 GH-1184: Add 'source' field to weird log denoting where the weird was reported 2020-12-01 09:34:37 -07:00
Tim Wojtulewicz
96d9115360 GH-1079: Use full paths starting with zeek/ when including files 2020-11-12 12:15:26 -07:00
Tim Wojtulewicz
b3eb63c48a GH-1186: Remove Packet::hdr_size and uses of it. 
This change also removes Packet::IP(), since Packet now contains an ip_hdr member
that points at the IP header if it exists.
 2020-11-09 10:49:57 -07:00
Seth Hall
552a24e07c Add an option to ignore packets sourced from particular subnets. 
It's implemented with a new set[subnet] option named ignore_checksums_nets.

If you populate this set with subnets, any packet with a src address within
that set of subnets will not have it's checksum validated.
 2020-10-22 13:23:10 -04:00
Tim Wojtulewicz
ce2b00fe83 Fix a couple of Coverity findings (1433618, 1433619) 2020-10-21 10:53:34 -07:00
Tim Wojtulewicz
a99b540e46 Rework Sessions::Weird 2020-10-15 13:03:11 -07:00
Tim Wojtulewicz
ecd970ffde Store packet's ip header as unique_ptr 2020-10-15 12:49:08 -07:00
Tim Wojtulewicz
41dcd0cde0 Use shared_ptr for encapsulation data instead of raw pointer 2020-10-15 12:49:05 -07:00
Tim Wojtulewicz
a7d4364334 Review cleanup 2020-10-15 12:44:45 -07:00
Tim Wojtulewicz
665d0d9814 Store the ip header in the packet after processing, reuse other places 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
7d2c35174f Change to store data in packet directly instead of keystore 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
d0ef05c748 Don't always insert data into keystore for tunnels 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
02ed03adaa Add comment about packet header size and session analysis 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
d0cc30eccd Set data to ip header's payload instead of advancing the pointer 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
1cf251d1ca Move IP and IP tunnel code from Sessions into packet analyzers 2020-10-15 12:18:30 -07:00
Jan Grashoefer
38337d799b Improve packet analysis data flow. 2020-09-23 11:13:29 -07:00
Jan Grashoefer
90eb97876f Improve packet analyzer API. 2020-09-23 11:13:28 -07:00
Jan Grashoefer
d5ca0f9da5 Rename DefaultAnalyzer to IP. 2020-09-23 11:13:28 -07:00