Feature #3953: 8021BR E packet decoder - Suricata - Open Information Security Foundation

Actions

Feature #3953

open

8021BR E packet decoder

Added by Shivani Bhardwaj over 4 years ago. Updated 11 months ago.

Status:

New

Priority:

Normal

Assignee:

Community Ticket

Target version:

Effort:

low

Difficulty:

low

Label:

Beginner, C, Protocol

Description

Add packet decoder for 802.1BR E-tag. See the pcaps attached to the ticket. You can use setup/setup-decoder.sh to bootstrap a new packet decoder. The minimal functionality should be that the decoder gets called when the ethernet header has a ethertype indicating this header type (see DecodeNetworkLayer, and then the header should be decoded to find the next ethertype, for which the correct packet decoder should be called as well then.

Wireshark is a useful tool to inspect the pcaps and see how the headers are aranged.

As part of this ticket Suricata-Verify tests should be created using both pcaps.

Files

Download all files

802.1BR-Etag-example2.pcap (116 Bytes) 802.1BR-Etag-example2.pcap		Victor Julien, 10/26/2020 06:57 AM
802.1BR-Etag-example.pcap (108 Bytes) 802.1BR-Etag-example.pcap		Victor Julien, 10/26/2020 06:57 AM

Actions

#1

Updated by Victor Julien over 4 years ago

Subject changed from 8021BR E pkt decoder © to 8021BR E packet decoder

Actions

#2

Updated by Victor Julien over 4 years ago

Label Protocol added

Actions

#3

Updated by Victor Julien over 4 years ago

Assignee set to Community Ticket
Target version set to TBD
Effort set to low
Difficulty set to low
Label Beginner, C added

Actions

#4

Updated by Victor Julien over 4 years ago

Pcaps: https://forum.suricata.io/t/802-1br-e-tag-support/594

Actions

#5

Updated by Victor Julien over 4 years ago

Description updated (diff)

Actions

Copy link Download all files

#6

Updated by Victor Julien over 4 years ago

File 802.1BR-Etag-example2.pcap 802.1BR-Etag-example2.pcap added
File 802.1BR-Etag-example.pcap 802.1BR-Etag-example.pcap added

Pcaps from the forum link attached.

Actions

#7

Updated by Sumera Priyadarsini over 4 years ago

Assignee changed from Community Ticket to Sumera Priyadarsini

Actions

#8

Updated by Juliana Fajardini Reichow over 1 year ago

Target version changed from TBD to 8.0.0-beta1

Hi there, according to our guidelines for stale tickets, I'm unassigning this ticket.

Thanks for all your contributions to our project, and feel free to reach out in case you have time and want to contribute to Suricata again :) :)

Refer to:
https://forum.suricata.io/t/important-outreachy-contribution-phase-wrap-up-prs-claimed-tickets-and-more
https://docs.suricata.io/en/latest/devguide/codebase/contributing/contribution-process.html#stale-tickets-policy

Actions

#9

Updated by Juliana Fajardini Reichow over 1 year ago

Assignee changed from Sumera Priyadarsini to Community Ticket

Actions

#10

Updated by Victor Julien 11 months ago

Target version changed from 8.0.0-beta1 to TBD

Actions

Also available in: Atom PDF