zeek/testing/btest/Traces/ppp/quic-interop-retry.pcap at 1567fe8c098ffc437d97f46db2bc8e473d3ac11a

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

Arne Welzel ee12a7a6e7 PPP: Add PPP analyzer to handle LINKTYPE_PPP (0x9)

Using pcaps from https://interop.seemann.io/ as samples for QUIC protocol
data didn't produce a conn.log for the contained data. `tcpdump -r`
and Wireshark do show the contained IP/UDP packets. Teach Zeek how
to handle link type DLT_PPP 0x09 using a new PPP analyzer based on the
PPPSerial analyzer code.

Usual update to files/x509 baseline after adding new analyzer due
to enum values changing.

2023-08-23 16:41:19 +02:00

17 KiB

Raw History

View raw

17 KiB Raw History

17 KiB

Raw History