Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base
History
Jon Siwek 51bad73e1e Fixes for IPv6 truncation and ICMP/ICMP6 analysis. 
- Add more guards against trying to analyze captured packets with a
  truncated IPv6 static header or extension header chain.

- Add back in the ICMP payload tracking for ICMP "connections".

- Fix 'icmp_context' record construction.  Some field assignments
  were mismatched for ICMP and ICMP6.  Source and destination
  addresses were set incorrectly for context packets that don't
  contain a full IP header.  Some fields for ICMP6 weren't filled out.

- Changed ICMP Time Exceeded packets to raise the 'icmp_time_exceeded'
  event instead of 'icmp_error_message'.

- Add unit tests for truncation and the main types of ICMP/ICMP6
  that have specific events.

- Documentation clarifications.
2012-04-11 16:27:31 -05:00
..
frameworks Checkpoint after pass. 2012-02-15 13:07:08 -08:00
misc Hopefully the last major script reorganization. 2011-08-05 23:09:53 -04:00
protocols Change IPv6 literal constant syntax to require encasing square brackets 2012-03-13 13:47:07 -05:00
utils Fix some malformed Broxygen xref roles. 2011-12-16 14:30:36 -06:00
init-bare.bro Fixes for IPv6 truncation and ICMP/ICMP6 analysis. 2012-04-11 16:27:31 -05:00
init-default.bro Metrics framework update. Mostly to make metrics work on clusters. 2011-08-15 15:57:48 -04:00