base/bif/plugins/Zeek_Teredo.events.bif.zeek¶
-
GLOBAL¶
| Namespace: | GLOBAL |
|---|
Summary¶
Events¶
teredo_authentication: event |
Generated for IPv6 packets encapsulated in a Teredo tunnel that use the Teredo authentication encapsulation method. |
teredo_bubble: event |
Generated for Teredo bubble packets. |
teredo_origin_indication: event |
Generated for IPv6 packets encapsulated in a Teredo tunnel that use the Teredo origin indication encapsulation method. |
teredo_packet: event |
Generated for any IPv6 packet encapsulated in a Teredo tunnel. |
Detailed Interface¶
Events¶
-
teredo_authentication¶ Type: event(outer:connection, inner:teredo_hdr)Generated for IPv6 packets encapsulated in a Teredo tunnel that use the Teredo authentication encapsulation method. See RFC 4380 for more information about the Teredo protocol.
Outer: The Teredo tunnel connection. Inner: The Teredo-encapsulated IPv6 packet header and transport header. See also:
teredo_packet,teredo_origin_indication,teredo_bubbleNote
Since this event may be raised on a per-packet basis, handling it may become particularly expensive for real-time analysis.
-
teredo_bubble¶ Type: event(outer:connection, inner:teredo_hdr)Generated for Teredo bubble packets. That is, IPv6 packets encapsulated in a Teredo tunnel that have a Next Header value of
IPPROTO_NONE. See RFC 4380 for more information about the Teredo protocol.Outer: The Teredo tunnel connection. Inner: The Teredo-encapsulated IPv6 packet header and transport header. See also:
teredo_packet,teredo_authentication,teredo_origin_indicationNote
Since this event may be raised on a per-packet basis, handling it may become particularly expensive for real-time analysis.
-
teredo_origin_indication¶ Type: event(outer:connection, inner:teredo_hdr)Generated for IPv6 packets encapsulated in a Teredo tunnel that use the Teredo origin indication encapsulation method. See RFC 4380 for more information about the Teredo protocol.
Outer: The Teredo tunnel connection. Inner: The Teredo-encapsulated IPv6 packet header and transport header. See also:
teredo_packet,teredo_authentication,teredo_bubbleNote
Since this event may be raised on a per-packet basis, handling it may become particularly expensive for real-time analysis.
-
teredo_packet¶ Type: event(outer:connection, inner:teredo_hdr)Generated for any IPv6 packet encapsulated in a Teredo tunnel. See RFC 4380 for more information about the Teredo protocol.
Outer: The Teredo tunnel connection. Inner: The Teredo-encapsulated IPv6 packet header and transport header. See also:
teredo_authentication,teredo_origin_indication,teredo_bubbleNote
Since this event may be raised on a per-packet basis, handling it may become particularly expensive for real-time analysis.