base/bif/plugins/Zeek_Gnutella.events.bif.zeek

GLOBAL

Namespace

GLOBAL

Summary

Events

gnutella_binary_msg: event	TODO.
gnutella_establish: event	TODO.
gnutella_http_notify: event	TODO.
gnutella_not_establish: event	TODO.
gnutella_partial_binary_msg: event	TODO.
gnutella_text_msg: event	TODO.

Detailed Interface

Events

gnutella_binary_msg

Type

event (c: connection, orig: bool, msg_type: count, ttl: count, hops: count, msg_len: count, payload: string, payload_len: count, trunc: bool, complete: bool)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_establish

Type

event (c: connection)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_http_notify

Type

event (c: connection)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_not_establish

Type

event (c: connection)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_partial_binary_msg

Type

event (c: connection, orig: bool, msg: string, len: count)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_text_msg

Type

event (c: connection, orig: bool, headers: string)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.