Myra Canyon  v0.0.1-768
network control
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
Functions
Myra::Traffic::NTP Namespace Reference

Detect and examine UDP network time protocol packets. More...

Functions

bool examine (Flow &flow, const Myra::PktInfo &info)
 Examine a packet for UDP NTP, and mark the flow if found. More...
 

Detailed Description

Detect and examine UDP network time protocol packets.

Function Documentation

bool Myra::Traffic::NTP::examine ( Myra::Flow flow,
const Myra::PktInfo info 
)

Examine a packet for UDP NTP, and mark the flow if found.

Returns
true if this exam needs to be called again for the given flow
false if this exam never needs to be called again

This is a port-based exam. See if both the source and destination port is 123. 

-> flow #16771478187102949952: Unknown+IP+IPv4+UDP: 10.0.1.3:123->91.189.89.199:123, 1 packets
-> flow #16771478187102949952: UDP payload: number of bytes: 48
   0: 23 03 0a ed 00 00 2a 4a 00 00 21 bf 5b bd 59 c7 d8 73 15 8a d7 84 8c 53 d8 73 15 8a c3 e8 12 77 - #.....*J..!.[.Y..s.....S.s.....w
  20: d8 73 15 8a d7 84 8c 53 d8 73 19 b4 b0 51 cb 46                                                 - .s.....S.s...Q.F
-> flow #16771478187102949952: Unknown+IP+IPv4+UDP: 10.0.1.3:123->91.189.89.199:123, 2 packets
-> flow #16771478187102949952: UDP payload: number of bytes: 48
   0: 24 02 0a ec 00 00 02 e3 00 00 09 2e c0 5d 02 14 d8 73 14 ba 2f a7 b2 22 d8 73 19 b4 b0 51 cb 46 - $............]...s../..".s...Q.F
  20: d8 73 19 b4 c4 39 b5 a3 d8 73 19 b4 c4 3b d3 4e                                                 - .s...9...s...;.N

Here is the call graph for this function:

Here is the caller graph for this function: