mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 22:58:20 +00:00
ee12a7a6e7
Using pcaps from https://interop.seemann.io/ as samples for QUIC protocol data didn't produce a conn.log for the contained data. `tcpdump -r` and Wireshark do show the contained IP/UDP packets. Teach Zeek how to handle link type DLT_PPP 0x09 using a new PPP analyzer based on the PPPSerial analyzer code. Usual update to files/x509 baseline after adding new analyzer due to enum values changing.
34 lines
1.1 KiB
Text
34 lines
1.1 KiB
Text
@load ./main.zeek
|
|
|
|
@load base/packet-protocols/root
|
|
@load base/packet-protocols/ip
|
|
@load base/packet-protocols/skip
|
|
@load base/packet-protocols/ethernet
|
|
@load base/packet-protocols/fddi
|
|
@load base/packet-protocols/ieee802_11
|
|
@load base/packet-protocols/ieee802_11_radio
|
|
@load base/packet-protocols/linux_sll
|
|
@load base/packet-protocols/linux_sll2
|
|
@load base/packet-protocols/nflog
|
|
@load base/packet-protocols/null
|
|
@load base/packet-protocols/ppp
|
|
@load base/packet-protocols/ppp_serial
|
|
@load base/packet-protocols/pppoe
|
|
@load base/packet-protocols/vlan
|
|
@load base/packet-protocols/mpls
|
|
@load base/packet-protocols/pbb
|
|
@load base/packet-protocols/vntag
|
|
@load base/packet-protocols/udp
|
|
@load base/packet-protocols/tcp
|
|
@load base/packet-protocols/icmp
|
|
@load base/packet-protocols/llc
|
|
@load base/packet-protocols/novell_802_3
|
|
@load base/packet-protocols/snap
|
|
|
|
@load base/packet-protocols/gre
|
|
@load base/packet-protocols/iptunnel
|
|
@load base/packet-protocols/ayiya
|
|
@load base/packet-protocols/geneve
|
|
@load base/packet-protocols/vxlan
|
|
@load base/packet-protocols/teredo
|
|
@load base/packet-protocols/gtpv1
|