GLOBAL¶| Namespace: | GLOBAL | 
|---|---|
| Source File: | /scripts/base/bif/plugins/Bro_Gnutella.events.bif.bro | 
| gnutella_binary_msg:event | TODO. | 
| gnutella_establish:event | TODO. | 
| gnutella_http_notify:event | TODO. | 
| gnutella_not_establish:event | TODO. | 
| gnutella_partial_binary_msg:event | TODO. | 
| gnutella_text_msg:event | TODO. | 
gnutella_binary_msg¶| Type: | event(c:connection, orig:bool, msg_type:count, ttl:count, hops:count, msg_len:count, payload:string, payload_len:count, trunc:bool, complete:bool) | 
|---|
TODO.
See Wikipedia for more information about the Gnutella protocol.
See also: gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_signature_found, gnutella_text_msg
Todo
Bro’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported to Bro 2.x. To still enable this event, one needs to register a port for it or add a DPD payload signature.
gnutella_establish¶| Type: | event(c:connection) | 
|---|
TODO.
See Wikipedia for more information about the Gnutella protocol.
See also: gnutella_binary_msg, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_signature_found, gnutella_text_msg
Todo
Bro’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported to Bro 2.x. To still enable this event, one needs to register a port for it or add a DPD payload signature.
gnutella_http_notify¶| Type: | event(c:connection) | 
|---|
TODO.
See Wikipedia for more information about the Gnutella protocol.
See also: gnutella_binary_msg, gnutella_establish, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_signature_found, gnutella_text_msg
Todo
Bro’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported to Bro 2.x. To still enable this event, one needs to register a port for it or add a DPD payload signature.
gnutella_not_establish¶| Type: | event(c:connection) | 
|---|
TODO.
See Wikipedia for more information about the Gnutella protocol.
See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_partial_binary_msg, gnutella_signature_found, gnutella_text_msg
Todo
Bro’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported to Bro 2.x. To still enable this event, one needs to register a port for it or add a DPD payload signature.
gnutella_partial_binary_msg¶| Type: | event(c:connection, orig:bool, msg:string, len:count) | 
|---|
TODO.
See Wikipedia for more information about the Gnutella protocol.
See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_signature_found, gnutella_text_msg
Todo
Bro’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported to Bro 2.x. To still enable this event, one needs to register a port for it or add a DPD payload signature.
gnutella_text_msg¶| Type: | event(c:connection, orig:bool, headers:string) | 
|---|
TODO.
See Wikipedia for more information about the Gnutella protocol.
See also: gnutella_binary_msg, gnutella_establish, gnutella_http_notify, gnutella_not_establish, gnutella_partial_binary_msg, gnutella_signature_found
Todo
Bro’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported to Bro 2.x. To still enable this event, one needs to register a port for it or add a DPD payload signature.
