base/bif/plugins/Zeek_Gnutella.events.bif.zeek¶

GLOBAL¶

Namespace: GLOBAL

Summary¶

Events¶

`gnutella_binary_msg`: `event`	TODO.
`gnutella_establish`: `event`	TODO.
`gnutella_http_notify`: `event`	TODO.
`gnutella_not_establish`: `event`	TODO.
`gnutella_partial_binary_msg`: `event`	TODO.
`gnutella_text_msg`: `event`	TODO.

Detailed Interface¶

Events¶

gnutella_binary_msg¶

Type: event (c: connection, orig: bool, msg_type: count, ttl: count, hops: count, msg_len: count, payload: string, payload_len: count, trunc: bool, complete: bool)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_establish¶

Type: event (c: connection)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_http_notify¶

Type: event (c: connection)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_not_establish¶

Type: event (c: connection)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_partial_binary_msg, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_partial_binary_msg¶

Type: event (c: connection, orig: bool, msg: string, len: count)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_text_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.

gnutella_text_msg¶

Type: event (c: connection, orig: bool, headers: string)

TODO.

See Wikipedia for more information about the Gnutella protocol.

See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg

Todo

Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.