mirror of
https://github.com/zeek/zeek.git
synced 2025-10-12 11:38:20 +00:00
5dc630f722
- Introducing analyzer::<protocol> namespaces. - Moving protocol-specific events out of events.bif into analyzer/protocol/<protocol>/events.bif - Moving ARP over (even though it's not an actual analyzer). - Moving NetFlow over (even though it's not an actual analyzer). - Moving MIME over (even though it's not an actual analyzer).
27 lines
627 B
C++
27 lines
627 B
C++
// See the file "COPYING" in the main distribution directory for copyright.
|
|
|
|
#ifndef ssh_h
|
|
#define ssh_h
|
|
|
|
#include "analyzer/protocols/tcp/TCP.h"
|
|
#include "analyzer/protocols/tcp/ContentLine.h"
|
|
|
|
namespace analyzer { namespace ssh {
|
|
|
|
class SSH_Analyzer : public tcp::TCP_ApplicationAnalyzer {
|
|
public:
|
|
SSH_Analyzer(Connection* conn);
|
|
|
|
virtual void DeliverStream(int len, const u_char* data, bool orig);
|
|
|
|
static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
|
|
{ return new SSH_Analyzer(conn); }
|
|
|
|
private:
|
|
tcp::ContentLine_Analyzer* orig;
|
|
tcp::ContentLine_Analyzer* resp;
|
|
};
|
|
|
|
} } // namespace analyzer::*
|
|
|
|
#endif
|