base/bif/plugins/Zeek_Gnutella.events.bif.zeek¶

GLOBAL¶

Namespace:	GLOBAL

Summary¶

Events¶

`gnutella_binary_msg`: `event`	TODO.
`gnutella_establish`: `event`	TODO.
`gnutella_http_notify`: `event`	TODO.
`gnutella_not_establish`: `event`	TODO.
`gnutella_partial_binary_msg`: `event`	TODO.
`gnutella_text_msg`: `event`	TODO.

Detailed Interface¶

Events¶

gnutella_binary_msg¶

Type:	`event` (c: `connection`, orig: `bool`, msg_type: `count`, ttl: `count`, hops: `count`, msg_len: `count`, payload: `string`, payload_len: `count`, trunc: `bool`, complete: `bool`)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_establish¶

Type:	`event` (c: `connection`)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_http_notify¶

Type:	`event` (c: `connection`)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_not_establish¶

Type:	`event` (c: `connection`)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_partial_binary_msg¶

Type:	`event` (c: `connection`, orig: `bool`, msg: `string`, len: `count`)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_text_msg¶

Type:	`event` (c: `connection`, orig: `bool`, headers: `string`)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

Read the Docs v: current (v3.0.1)

Versions: master; v3.1.0-rc; v3.0.1; lts; current

Downloads

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.