base/utils/directions-and-hosts.bro

Imports:base/utils/site.bro
Source File:/scripts/base/utils/directions-and-hosts.bro

Summary

Types

Direction: enum  
Host: enum  

Functions

addr_matches_host: function Checks whether a given host (IP address) matches a given host type.
id_matches_direction: function Checks whether a given connection is of a given direction with respect to the locally-monitored network.

Detailed Interface

Types

Direction
Type:

enum

INBOUND

The connection originator is not within the locally-monitored network, but the other endpoint is.

OUTBOUND

The connection originator is within the locally-monitored network, but the other endpoint is not.

BIDIRECTIONAL

Only one endpoint is within the locally-monitored network, meaning the connection is either outbound or inbound.

NO_DIRECTION

This value doesn’t match any connection.

Host
Type:

enum

LOCAL_HOSTS

A host within the locally-monitored network.

REMOTE_HOSTS

A host not within the locally-monitored network.

ALL_HOSTS

Any host.

NO_HOSTS

This value doesn’t match any host.

Functions

addr_matches_host
Type:function (ip: addr, h: Host) : bool

Checks whether a given host (IP address) matches a given host type.

Ip:address of a host.
H:a host type.
Returns:T if the given host matches the given type, else F.
id_matches_direction
Type:function (id: conn_id, d: Direction) : bool

Checks whether a given connection is of a given direction with respect to the locally-monitored network.

Id:a connection record containing the originator/responder hosts.
D:a direction with respect to the locally-monitored network.
Returns:T if the two connection endpoints match the given direction, else F.

Previous Page

base/utils/paths.bro

Copyright 2016, The Bro Project. Last updated on December 08, 2017. Created using Sphinx 1.5.2.