Actions
Feature #3953
open8021BR E packet decoder
Effort:
low
Difficulty:
low
Label:
Beginner, C, Protocol
Description
Add packet decoder for 802.1BR E-tag. See the pcaps attached to the ticket. You can use setup/setup-decoder.sh to bootstrap a new packet decoder. The minimal functionality should be that the decoder gets called when the ethernet header has a ethertype indicating this header type (see DecodeNetworkLayer, and then the header should be decoded to find the next ethertype, for which the correct packet decoder should be called as well then.
Wireshark is a useful tool to inspect the pcaps and see how the headers are aranged.
As part of this ticket Suricata-Verify tests should be created using both pcaps.
Files
Updated by Victor Julien about 3 years ago
- Subject changed from 8021BR E pkt decoder © to 8021BR E packet decoder
Updated by Victor Julien about 3 years ago
- Assignee set to Community Ticket
- Target version set to TBD
- Effort set to low
- Difficulty set to low
- Label Beginner, C added
Updated by Victor Julien almost 3 years ago
Actions
#6
Updated by Victor Julien almost 3 years ago
- File 802.1BR-Etag-example2.pcap 802.1BR-Etag-example2.pcap added
- File 802.1BR-Etag-example.pcap 802.1BR-Etag-example.pcap added
Pcaps from the forum link attached.
Updated by Sumera Priyadarsini almost 3 years ago
- Assignee changed from Community Ticket to Sumera Priyadarsini
Actions