policy/frameworks/dpd/detect-protocols.bro
-
ProtocolDetector
Finds connections with protocols on non-standard ports with DPD.
| Namespace: | ProtocolDetector |
|---|---|
| Imports: | base/frameworks/notice, base/utils/conn-ids.bro, base/utils/site.bro |
| Source File: | /scripts/policy/frameworks/dpd/detect-protocols.bro |
Summary
Options
ProtocolDetector::minimum_duration: interval &redef |
|
ProtocolDetector::minimum_volume: double &redef |
|
ProtocolDetector::suppress_servers: set &redef |
|
ProtocolDetector::valids: table &redef |
Constants
ProtocolDetector::check_interval: interval |
State Variables
ProtocolDetector::servers: table &read_expire = 14.0 days |
Types
ProtocolDetector::dir: enum |
Redefinitions
Notice::Type: enum |
Functions
ProtocolDetector::found_protocol: function |
Detailed Interface
Options
-
ProtocolDetector::suppress_servers Type: set[Analyzer::Tag]Attributes: &redefDefault: {}
-
ProtocolDetector::valids Type: table[Analyzer::Tag,addr,port] ofProtocolDetector::dirAttributes: &redefDefault: {}
Constants
-
ProtocolDetector::check_interval Type: intervalDefault: 5.0 secs
State Variables
Types
-
ProtocolDetector::dir Type: -
ProtocolDetector::NONE
-
ProtocolDetector::INCOMING
-
ProtocolDetector::OUTGOING
-
ProtocolDetector::BOTH
-
Functions
-
ProtocolDetector::found_protocol Type: function(c:connection, atype:Analyzer::Tag, protocol:string) :void
Copyright 2016, The Bro Project.
Last updated on December 07, 2018.
Created using Sphinx 1.8.2.