main.zeek

PacketAnalyzer

Namespace:: PacketAnalyzer
Imports:: base/frameworks/analyzer/main.zeek

Summary

Functions

`PacketAnalyzer::register_for_port`: `function`	Registers an individual well-known port for an analyzer.
`PacketAnalyzer::register_for_ports`: `function`	Registers a set of well-known ports for an analyzer.

Detailed Interface

Functions

PacketAnalyzer::register_for_port 

Type:: function (parent: PacketAnalyzer::Tag, child: PacketAnalyzer::Tag, p: port) : bool

Registers an individual well-known port for an analyzer. If a future connection on this port is seen, the analyzer will be automatically assigned to parsing it. The function adds to all ports already registered, it doesn’t replace them.

Parameters:

tag – The tag of the analyzer.
p – The well-known port to associate with the analyzer.

Returns:

True if the port was successfully registered.

PacketAnalyzer::register_for_ports 

Type:: function (parent: PacketAnalyzer::Tag, child: PacketAnalyzer::Tag, ports: set [port]) : bool

Registers a set of well-known ports for an analyzer. If a future connection on one of these ports is seen, the analyzer will be automatically assigned to parsing it. The function adds to all ports already registered, it doesn’t replace them.

Parameters:

tag – The tag of the analyzer.
ports – The set of well-known ports to associate with the analyzer.

Returns:

True if the ports were successfully registered.