base/bif/plugins/Zeek_Gnutella.events.bif.zeek¶

GLOBAL¶

Namespace: GLOBAL

Summary¶

Events¶

`gnutella_binary_msg`: `event`	TODO.
`gnutella_establish`: `event`	TODO.
`gnutella_http_notify`: `event`	TODO.
`gnutella_not_establish`: `event`	TODO.
`gnutella_partial_binary_msg`: `event`	TODO.
`gnutella_text_msg`: `event`	TODO.

Detailed Interface¶

Events¶

gnutella_binary_msg¶

Type: event (c: connection, orig: bool, msg_type: count, ttl: count, hops: count, msg_len: count, payload: string, payload_len: count, trunc: bool, complete: bool)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_establish¶

Type: event (c: connection)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_http_notify¶

Type: event (c: connection)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_not_establish¶

Type: event (c: connection)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_partial_binary_msg¶

Type: event (c: connection, orig: bool, msg: string, len: count)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_text_msg¶

Type: event (c: connection, orig: bool, headers: string)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

Read the Docs v: current (v5.2.0)

Versions: master; v5.2.0; v5.1.3; v5.1.2; v5.1.1; v5.1.0; v5.0.7; v5.0.6; v5.0.5; v5.0.4; v5.0.3; v5.0.2; v5.0.1; v5.0.0; v4.2.2; v4.1.1; v4.0.9; v3.2.3; v3.1.4; v3.0.14; lts; devel; current

Downloads: html

On Read the Docs: Project Home; Builds