base/bif/plugins/Zeek_GTPv1.events.bif.zeek

GLOBAL
Namespace

GLOBAL

Summary

Events

gtpv1_create_pdp_ctx_request: event

Generated for GTPv1-C Create PDP Context Request messages.

gtpv1_create_pdp_ctx_response: event

Generated for GTPv1-C Create PDP Context Response messages.

gtpv1_delete_pdp_ctx_request: event

Generated for GTPv1-C Delete PDP Context Request messages.

gtpv1_delete_pdp_ctx_response: event

Generated for GTPv1-C Delete PDP Context Response messages.

gtpv1_g_pdu_packet: event

Generated for GTPv1 G-PDU packets.

gtpv1_message: event

Generated for any GTP message with a GTPv1 header.

gtpv1_update_pdp_ctx_request: event

Generated for GTPv1-C Update PDP Context Request messages.

gtpv1_update_pdp_ctx_response: event

Generated for GTPv1-C Update PDP Context Response messages.

Detailed Interface

Events

gtpv1_create_pdp_ctx_request
Type

event (c: connection, hdr: gtpv1_hdr, elements: gtp_create_pdp_ctx_request_elements)

Generated for GTPv1-C Create PDP Context Request messages.

C

The connection over which the message is sent.

Hdr

The GTPv1 header.

Elements

The set of Information Elements comprising the message.

gtpv1_create_pdp_ctx_response
Type

event (c: connection, hdr: gtpv1_hdr, elements: gtp_create_pdp_ctx_response_elements)

Generated for GTPv1-C Create PDP Context Response messages.

C

The connection over which the message is sent.

Hdr

The GTPv1 header.

Elements

The set of Information Elements comprising the message.

gtpv1_delete_pdp_ctx_request
Type

event (c: connection, hdr: gtpv1_hdr, elements: gtp_delete_pdp_ctx_request_elements)

Generated for GTPv1-C Delete PDP Context Request messages.

C

The connection over which the message is sent.

Hdr

The GTPv1 header.

Elements

The set of Information Elements comprising the message.

gtpv1_delete_pdp_ctx_response
Type

event (c: connection, hdr: gtpv1_hdr, elements: gtp_delete_pdp_ctx_response_elements)

Generated for GTPv1-C Delete PDP Context Response messages.

C

The connection over which the message is sent.

Hdr

The GTPv1 header.

Elements

The set of Information Elements comprising the message.

gtpv1_g_pdu_packet
Type

event (outer: connection, inner_gtp: gtpv1_hdr, inner_ip: pkt_hdr)

Generated for GTPv1 G-PDU packets. That is, packets with a UDP payload that includes a GTP header followed by an IPv4 or IPv6 packet.

Outer

The GTP outer tunnel connection.

Inner_gtp

The GTP header.

Inner_ip

The inner IP and transport layer packet headers.

Note

Since this event may be raised on a per-packet basis, handling it may become particularly expensive for real-time analysis.

gtpv1_message
Type

event (c: connection, hdr: gtpv1_hdr)

Generated for any GTP message with a GTPv1 header.

C

The connection over which the message is sent.

Hdr

The GTPv1 header.

gtpv1_update_pdp_ctx_request
Type

event (c: connection, hdr: gtpv1_hdr, elements: gtp_update_pdp_ctx_request_elements)

Generated for GTPv1-C Update PDP Context Request messages.

C

The connection over which the message is sent.

Hdr

The GTPv1 header.

Elements

The set of Information Elements comprising the message.

gtpv1_update_pdp_ctx_response
Type

event (c: connection, hdr: gtpv1_hdr, elements: gtp_update_pdp_ctx_response_elements)

Generated for GTPv1-C Update PDP Context Response messages.

C

The connection over which the message is sent.

Hdr

The GTPv1 header.

Elements

The set of Information Elements comprising the message.