policy/frameworks/dpd/detect-protocols.zeek¶
-
ProtocolDetector
¶
Finds connections with protocols on non-standard ports with DPD.
- Namespace
ProtocolDetector
- Imports
base/frameworks/notice, base/protocols/conn/removal-hooks.zeek, base/utils/conn-ids.zeek, base/utils/site.zeek
Summary¶
Runtime Options¶
Constants¶
State Variables¶
|
Types¶
Hooks¶
|
Non-standard protocol port detection finalization hook. |
Functions¶
Detailed Interface¶
Runtime Options¶
- ProtocolDetector::suppress_servers¶
- Type
- Attributes
- Default
{}
- ProtocolDetector::valids¶
- Type
table
[AllAnalyzers::Tag
,addr
,port
] ofProtocolDetector::dir
- Attributes
- Default
{}
Constants¶
- ProtocolDetector::check_interval¶
- Type
- Default
5.0 secs
State Variables¶
Types¶
Hooks¶
- ProtocolDetector::finalize_protocol_detection¶
- Type
Non-standard protocol port detection finalization hook.
Functions¶
- ProtocolDetector::found_protocol¶
- Type
function
(c:connection
, atype:AllAnalyzers::Tag
, protocol:string
) :void