zeek/scripts/base/packet-protocols/pbb/main.zeek at 56aa03031d0df7775282ae57b2357417982f8cdb - Mirror/zeek - git.uphillsecurity.com: We code.

Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-17 05:58:20 +00:00

Eldon Koyle 56aa03031d Simplify PBB analyzer by using Ethernet analyzer

After the first 4 bytes, this traffic actually just looks like Ethernet.
Rather than try to re-implement the ethernet analyzer, just check the
length, skip 4 bytes, and pass it on.

2023-02-16 08:19:30 -07:00

6 lines

182 B

Text

Raw Blame History

 module PacketAnalyzer::PBB;
 event zeek_init() &priority=20
 	{
 	PacketAnalyzer::register_packet_analyzer(PacketAnalyzer::ANALYZER_PBB, 0x6558, PacketAnalyzer::ANALYZER_ETHERNET);
 	}