[Zeek] Extract IP Header Options
Justin Mullins
shadowx787 at gmail.com
Thu Apr 4 13:45:05 PDT 2019
Hi,
I was wondering is there an existing way in Zeek to log IP Header Options?
The conn log has a lot of the IP Header fields but not the IP Header
"Options" field data. Specifically looking at logging data related to CIPSO
packet labeling (reference:
https://tools.ietf.org/html/draft-ietf-cipso-ipsecurity-01).
If not, can anyone point me to a decent example of a bro script logging
similar data from the IP Header? (it's been quite a few years since I've
looked at bro scripts and I haven't found any examples doing something
similar to what I want)
Thank guys any information you can provide would be helpful!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190404/d38d319b/attachment.html
More information about the Zeek
mailing list