[Bro-Dev] #690: GTP de-tunneling
Bro Tracker
bro at tracker.bro-ids.org
Fri Oct 19 12:11:17 PDT 2012
#690: GTP de-tunneling
----------------------+------------------------
Reporter: robin | Owner:
Type: Problem | Status: new
Priority: Normal | Milestone: 2.1
Component: Bro | Version: git/master
Resolution: | Keywords:
----------------------+------------------------
Comment (by jsiwek):
In [9edbf3e53c849635de62042afc82c0c5d0e128fc/bro]:
{{{
#!CommitTicketReference repository="bro"
revision="9edbf3e53c849635de62042afc82c0c5d0e128fc"
Add GPRS Tunnelling Protocol (GTPv1) decapsulation.
This currently supports automatic decapsulation of GTP-U packets on
UDP port 2152.
The GTPv1 headers for such tunnels can be inspected by handling the
"gtpv1_g_pdu_packet" event, which has a parameter of type "gtpv1_hdr".
Analyzer and test cases are derived from submissions by Carsten Langer.
Addresses #690.
}}}
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/690#comment:2>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list