Feature #3953
open8021BR E packet decoder
Description
Add packet decoder for 802.1BR E-tag. See the pcaps attached to the ticket. You can use setup/setup-decoder.sh
to bootstrap a new packet decoder. The minimal functionality should be that the decoder gets called when the ethernet header has a ethertype indicating this header type (see DecodeNetworkLayer
, and then the header should be decoded to find the next ethertype, for which the correct packet decoder should be called as well then.
Wireshark is a useful tool to inspect the pcaps and see how the headers are aranged.
As part of this ticket Suricata-Verify tests should be created using both pcaps.
Files
Updated by Victor Julien about 4 years ago
- Subject changed from 8021BR E pkt decoder © to 8021BR E packet decoder
Updated by Victor Julien about 4 years ago
- Assignee set to Community Ticket
- Target version set to TBD
- Effort set to low
- Difficulty set to low
- Label Beginner, C added
Updated by Victor Julien about 4 years ago
Updated by Victor Julien about 4 years ago
- File 802.1BR-Etag-example2.pcap 802.1BR-Etag-example2.pcap added
- File 802.1BR-Etag-example.pcap 802.1BR-Etag-example.pcap added
Pcaps from the forum link attached.
Updated by Sumera Priyadarsini about 4 years ago
- Assignee changed from Community Ticket to Sumera Priyadarsini
Updated by Juliana Fajardini Reichow almost 1 year ago
- Target version changed from TBD to 8.0.0-beta1
Hi there, according to our guidelines for stale tickets, I'm unassigning this ticket.
Thanks for all your contributions to our project, and feel free to reach out in case you have time and want to contribute to Suricata again :) :)
Refer to:
https://forum.suricata.io/t/important-outreachy-contribution-phase-wrap-up-prs-claimed-tickets-and-more
https://docs.suricata.io/en/latest/devguide/codebase/contributing/contribution-process.html#stale-tickets-policy
Updated by Juliana Fajardini Reichow almost 1 year ago
- Assignee changed from Sumera Priyadarsini to Community Ticket
Updated by Victor Julien 5 months ago
- Target version changed from 8.0.0-beta1 to TBD