Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-01 22:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/src/analyzer/protocol/quic/QUIC.evt
Evan Typanski fe44022ee7 Update COPYING date to now and fix some [skip CI]
2025-01-09 08:38:45 -05:00

24 lines
1.3 KiB
Text
Raw Blame History

# See the file "COPYING" in the main distribution directory for copyright.
# Copyright (c) 2023, NCC Group / Fox-IT. See COPYING for details.
%doc-id = Zeek::QUIC;
%doc-description = "QUIC analyzer";
protocol analyzer QUIC over UDP:
parse originator with QUIC::RequestFrame,
parse responder with QUIC::ResponseFrame;
import QUIC;
on QUIC::InitialPacket -> event QUIC::initial_packet($conn, $is_orig, self.header.version, self.header.dest_conn_id, self.header.src_conn_id);
on QUIC::RetryPacket -> event QUIC::retry_packet($conn, $is_orig, self.header.version, self.header.dest_conn_id, self.header.src_conn_id, self.retry_token, self.integrity_tag);
on QUIC::HandshakePacket -> event QUIC::handshake_packet($conn, $is_orig, self.header.version, self.header.dest_conn_id, self.header.src_conn_id);
on QUIC::ZeroRTTPacket -> event QUIC::zero_rtt_packet($conn, $is_orig, self.header.version, self.header.dest_conn_id, self.header.src_conn_id);
on QUIC::ConnectionClosePayload -> event QUIC::connection_close_frame($conn, $is_orig, self.header.version, self.header.dest_conn_id, self.header.src_conn_id,
self.error_code.result_, self.reason_phrase);
on QUIC::UnhandledVersion -> event QUIC::unhandled_version($conn, $is_orig, self.header.version, self.header.dest_conn_id, self.header.src_conn_id);
Reference in a new issue View git blame Copy permalink