Myra Canyon  v0.0.1-768
network control
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
Functions
Myra::Traffic::RFB Namespace Reference

Detect and examine RFB packets, such as VNC. More...

Functions

bool examine (Flow &flow, const Myra::PktInfo &info)
 Examine a packet for RFB (Remote Frame Buffer), and mark the flow if found. More...
 

Detailed Description

Detect and examine RFB packets, such as VNC.

Function Documentation

bool Myra::Traffic::RFB::examine ( Myra::Flow flow,
const Myra::PktInfo info 
)

Examine a packet for RFB (Remote Frame Buffer), and mark the flow if found.

Returns
true if this exam needs to be called again for the given flow
false if this exam never needs to be called again
See also
http://en.wikipedia.org/wiki/RFB_protocol

First data packet is very small and contains just a version identifier: 

   -> flow #18357456258795776720: Unknown+FlowStart+IP+IPv4+TCP: 10.0.1.3:34188->192.168.1.3:5900 (data len: 12, number of packets: 4)
   -> flow #18357456258795776720: payload: number of bytes: 12
     0: 52 46 42 20 30 30 33 2e 30 30 37 0a     - RFB 003.007.
See also
https://tools.ietf.org/html/rfc6143#section-7.1.1

Here is the call graph for this function:

Here is the caller graph for this function: