[Bro] Progress in the IPv6 support
ju at klipix.org
Mon Apr 2 20:27:17 PDT 2007
Some months ago, I told you I wanted to improve Bro IPv6 support.
After a long time of source code reading I've started to code something.
To begin, I've primarily focused on the support for extensions.
So now when Bro receives a TCP or UDP packet with an arbitrary number of
IPv6 extensions (hop-by-hop option, destination option and routing
header for the moment) it can parse the content of the upper layer.
It's a beginning, but now I have some questions :
- what should I do with the data of the extensions header ?
- what do you think is the "best pratice" in Bro to code the support of
ICMPv6 (it's a major update compared to ICMPv4) ?
- do you think binpac could help me ?
I have not yet catched all the details of the analysers and event
handlers, and the most of the doc I have found focuses on upper layer
protocols, so any help would be greatly appreciated !
After that I will start dealing with the fragmentation, IPsec headers
and eventually the transition mechanisms.
Thank you for your help.
P.S : sorry but my code isn't clean enough yet to attach the patch, as
soon as I have something fully functionnal/tested I'll send it to the list.
More information about the Bro