Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-12 19:48:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/src/packet_analysis/protocol/arp/ARP.h
Tim Wojtulewicz e97c14add5 clang-format: Other include ordering changes
2021-09-27 10:49:48 -07:00

44 lines
1.1 KiB
C++
Raw Blame History

// See the file "COPYING" in the main distribution directory for copyright.
#pragma once
// clang-format off
#include <sys/socket.h>
#include <sys/types.h>
#include <net/if_arp.h>
// clang-format on
#include "zeek/packet_analysis/Analyzer.h"
#include "zeek/packet_analysis/Component.h"
#ifndef arp_pkthdr
#define arp_pkthdr arphdr
#endif
namespace zeek::packet_analysis::ARP
{
class ARPAnalyzer : public Analyzer
{
public:
ARPAnalyzer();
~ARPAnalyzer() override = default;
bool AnalyzePacket(size_t len, const uint8_t* data, Packet* packet) override;
static zeek::packet_analysis::AnalyzerPtr Instantiate()
{
return std::make_shared<ARPAnalyzer>();
}
private:
zeek::AddrValPtr ToAddrVal(const void* addr);
zeek::StringValPtr ToEthAddrStr(const u_char* addr);
void BadARPEvent(const struct arp_pkthdr* hdr, const char* fmt, ...)
__attribute__((format(printf, 3, 4)));
void RequestReplyEvent(EventHandlerPtr e, const u_char* src, const u_char* dst, const char* spa,
const char* sha, const char* tpa, const char* tha);
};
}
Reference in a new issue View git blame Copy permalink