Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 00:58:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/scripts/base/protocols
History
Valerio G 18499fd7d9 Extend DHCP protocol analyzer with new options. 
Add the folowing option types:
- 55 Parameters Request List;
- 58 Renewal time;
- 59 Rebinding time;
- 61 Client Identifier;
- 82 Relay Agent Information.

Extend the following events with new parameters, specifically:
- dhcp_discover exports client identifier and parameters request list;
- dhcp_request exports client_identifier and parameters request list;
- dhcp_ack exports rebinding time, renewal time and list of suboptions value of
  dhcp relay agent information option;
- dhcp_inform exports parameters request list.

Add option type specific variables within the scope of DHCP module
(see src/analyzer/protocol/dhcp/types.bif).

Move protocol specific variables "dhcp_msg" and "dhcp_router_list" from scope Global to DHCP::
and adapt inet_net_var in src/NetVar.cc consequently.

Extend src/analyzer/protocols/dhcp/main.bro to handle the new events and to log
dhcp_ack, dhcp_request and dhcp_discover.

Modify scripts/policy/protocols/dhcp/known-devices-and-hostnames.bro to
include new events' variables.
2018-01-08 21:53:58 +01:00
..
conn Merge remote-tracking branch 'origin/topic/robin/history-rxmit' 2016-07-08 19:30:10 -07:00
dce-rpc Fixed some warnings seen while running "make doc" 2016-11-14 14:46:53 -06:00
dhcp Extend DHCP protocol analyzer with new options. 2018-01-08 21:53:58 +01:00
dnp3 Allow logging filters to inherit default path from stream. 2015-03-19 14:49:55 -05:00
dns Remove some DNS weirds that caused volume and didn't help anyone. 2017-12-13 15:00:15 -05:00
ftp Merge remote-tracking branch 'origin/topic/jazoff/fix-gridftp' 2017-09-21 09:15:57 -07:00
http Fix minor typos in documentation of various scripts 2016-11-11 14:08:17 -06:00
imap Basic IMAP StartTLS analyzer. 2015-07-22 10:35:49 -07:00
irc File API updates complete. 2015-04-20 10:46:48 -04:00
krb Merge remote-tracking branch 'origin/master' into topic/johanna/ocsp-new 2017-03-16 12:28:08 -07:00
modbus Allow logging filters to inherit default path from stream. 2015-03-19 14:49:55 -05:00
mysql Add missing documentation on the "Bro Package Index" page 2015-06-02 10:00:00 -05:00
ntlm Added missing README files for documentation 2016-10-10 22:55:50 -05:00
pop3 Add README files for base/protocols 2013-10-17 12:47:32 -05:00
radius Rework the RADIUS base script. 2017-02-20 00:07:14 -05:00
rdp Allow File analyzers to direcly pass mime type. 2017-02-10 17:03:33 -08:00
rfb Fix minor typos in documentation of various scripts 2016-11-11 14:08:17 -06:00
sip Add some missing Bro script documentation 2016-05-05 16:35:31 -05:00
smb Fix minor typos in documentation of various scripts 2016-11-11 14:08:17 -06:00
smtp SMTP does not need to pull in the notice framework. 2016-06-23 13:22:16 -07:00
snmp Allow logging filters to inherit default path from stream. 2015-03-19 14:49:55 -05:00
socks Merge remote-tracking branch 'origin/topic/johanna/socks-password' 2017-12-02 09:53:56 -06:00
ssh Addresses BIT-1831 2017-08-01 16:24:44 -04:00
ssl Small fixes and changes for the recent ssl-keyexchange-event merge. 2017-11-28 12:33:27 -08:00
syslog Add some missing Bro script documentation 2016-05-05 16:35:31 -05:00
tunnels Added missing README files for documentation 2016-10-10 22:55:50 -05:00
xmpp Add xmpp dpd sig and fix a few parsing problems for connections that do 2015-07-21 13:20:35 -07:00