base/bif/plugins/Zeek_Teredo.events.bif.zeek

GLOBAL
Namespace

GLOBAL

Summary

Events

teredo_authentication: event

Generated for IPv6 packets encapsulated in a Teredo tunnel that use the Teredo authentication encapsulation method.

teredo_bubble: event

Generated for Teredo bubble packets.

teredo_origin_indication: event

Generated for IPv6 packets encapsulated in a Teredo tunnel that use the Teredo origin indication encapsulation method.

teredo_packet: event

Generated for any IPv6 packet encapsulated in a Teredo tunnel.

Detailed Interface

Events

teredo_authentication
Type

event (outer: connection, inner: teredo_hdr)

Generated for IPv6 packets encapsulated in a Teredo tunnel that use the Teredo authentication encapsulation method. See RFC 4380 for more information about the Teredo protocol.

Parameters

  • outer – The Teredo tunnel connection.

  • inner – The Teredo-encapsulated IPv6 packet header and transport header.

See also: teredo_packet, teredo_origin_indication, teredo_bubble

Note

Since this event may be raised on a per-packet basis, handling it may become particularly expensive for real-time analysis.

teredo_bubble
Type

event (outer: connection, inner: teredo_hdr)

Generated for Teredo bubble packets. That is, IPv6 packets encapsulated in a Teredo tunnel that have a Next Header value of IPPROTO_NONE. See RFC 4380 for more information about the Teredo protocol.

Parameters

  • outer – The Teredo tunnel connection.

  • inner – The Teredo-encapsulated IPv6 packet header and transport header.

See also: teredo_packet, teredo_authentication, teredo_origin_indication

Note

Since this event may be raised on a per-packet basis, handling it may become particularly expensive for real-time analysis.

teredo_origin_indication
Type

event (outer: connection, inner: teredo_hdr)

Generated for IPv6 packets encapsulated in a Teredo tunnel that use the Teredo origin indication encapsulation method. See RFC 4380 for more information about the Teredo protocol.

Parameters

  • outer – The Teredo tunnel connection.

  • inner – The Teredo-encapsulated IPv6 packet header and transport header.

See also: teredo_packet, teredo_authentication, teredo_bubble

Note

Since this event may be raised on a per-packet basis, handling it may become particularly expensive for real-time analysis.

teredo_packet
Type

event (outer: connection, inner: teredo_hdr)

Generated for any IPv6 packet encapsulated in a Teredo tunnel. See RFC 4380 for more information about the Teredo protocol.

Parameters

  • outer – The Teredo tunnel connection.

  • inner – The Teredo-encapsulated IPv6 packet header and transport header.

See also: teredo_authentication, teredo_origin_indication, teredo_bubble

Note

Since this event may be raised on a per-packet basis, handling it may become particularly expensive for real-time analysis.