Task #5678
open
tracking: Parse protocols that are not over TCP/UDP
Added by Philippe Antoine about 3 years ago.
Updated 6 days ago.
Description
Like like LLDP directly over Ethernet.
This will require various lower level things to happen:
- "flow" tracking for ethernet addresses with some protocol specific identifiers?
- app layer API support
- output API support
This work will depend on an actual protocol being developed & contributed.
Related issues
3 (3 open — 0 closed)
- Related to Task #5488: Suricon 2022 brainstorm added
- Tracker changed from Feature to Task
- Subject changed from Parse protocols that are not over TCP/UDP like LLDP directly over Ethernet to tracking: Parse protocols that are not over TCP/UDP
- Description updated (diff)
- Assignee changed from OISF Dev to Community Ticket
- Related to Task #4151: Research: New protocol support added
- Related to Task #8123: Suricon 2025 Brainstorm added
LLDP mentionne at suricata 2025
Also tunneled protocols : CAPWAP / Mobile IP
Also available in: Atom
PDF