mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
8 lines
278 B
Standard ML
8 lines
278 B
Standard ML
# Provide DPD signatures for tunneling protocols that otherwise
|
|
# wouldn't be detected at all.
|
|
|
|
signature dpd_teredo {
|
|
ip-proto = udp
|
|
payload /^(\x00\x00)|(\x00\x01)|([\x60-\x6f].{7}((\x20\x01\x00\x00)).{28})|([\x60-\x6f].{23}((\x20\x01\x00\x00))).{12}/
|
|
enable "teredo"
|
|
}
|