Activates port-independent protocol detection and selectively disables analyzers if protocol violations occur.
||Analyzers which you don’t want to throw|
||Ignore violations which go this many bytes into the connection.|
||Number of protocol violations to tolerate before disabling an analyzer.|
||The record type defining the columns to log in the DPD logging stream.|
||Ongoing DPD state tracking information.|
Type: Attributes: Default:
Analyzers which you don’t want to throw
Ignore violations which go this many bytes into the connection. Set to 0 to never ignore protocol violations.
Timestamp for when protocol analysis failed.
Connection unique ID.
Connection ID containing the 4-tuple which identifies endpoints.
Transport protocol for the violation.
The analyzer that generated the violation.
The textual reason for the analysis failure.
(present if policy/frameworks/dpd/packet-segment-logging.zeek is loaded)
A chunk of the payload that most likely resulted in the protocol violation.
The record type defining the columns to log in the DPD logging stream.