Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/src/packet_analysis/Analyzer.cc
Jan Grashoefer 9feda100b9 Move dispatching into packet analyzers. 
WIP that updates only the Ethernet analyzer.
2020-09-23 11:13:28 -07:00

66 lines
No EOL
1.4 KiB
C++
Raw Blame History

// See the file "COPYING" in the main distribution directory for copyright.
#include <algorithm>
#include "Analyzer.h"
namespace zeek::packet_analysis {
Analyzer::Analyzer(std::string name)
{
Tag t = packet_mgr->GetComponentTag(name);
if ( ! t )
reporter->InternalError("unknown packet_analysis name %s", name.c_str());
Init(t);
}
Analyzer::Analyzer(const Tag& tag)
{
Init(tag);
}
/* PRIVATE */
void Analyzer::Init(const Tag& _tag)
{
tag = _tag;
}
const Tag Analyzer::GetAnalyzerTag() const
{
assert(tag);
return tag;
}
const char* Analyzer::GetAnalyzerName() const
{
assert(tag);
return packet_mgr->GetComponentName(tag).c_str();
}
bool Analyzer::IsAnalyzer(const char* name)
{
assert(tag);
return packet_mgr->GetComponentName(tag).compare(name) == 0;
}
AnalyzerResult Analyzer::AnalyzeInnerPacket(Packet* packet,
const uint8_t*& data, uint32_t identifier) const
{
auto inner_analyzer = packet_mgr->Dispatch(identifier);
if ( inner_analyzer == nullptr )
{
//TODO: Handle default analysis here
DBG_LOG(DBG_PACKET_ANALYSIS, "Analysis in %s failed, could not find analyzer for identifier %#x.",
GetAnalyzerName(), identifier);
packet->Weird("no_suitable_analyzer_found");
return AnalyzerResult::Failed;
}
DBG_LOG(DBG_PACKET_ANALYSIS, "Analysis in %s succeeded, next layer identifier is %#x.",
GetAnalyzerName(), identifier);
return inner_analyzer->Analyze(packet, data);
}
}
Reference in a new issue View git blame Copy permalink