c5d5023654
This adds a protocol post-dissector for Community ID support to Wireshark/tshark: https://github.com/corelight/community-id-spec The protocol is disabled by default. It establishes one new filter value, "communityid". Includes test cases and baselines to verify correct Community ID strings based on similar testsuites in the existing Zeek and Python implementations. |
||
---|---|---|
.. | ||
communityid-filtered.txt | ||
communityid.txt | ||
dhcp-filter.ek | ||
dhcp-raw.ek | ||
dhcp.ek | ||
dhcp.json | ||
dhcp.jsonraw | ||
elastic-mapping-ip-subset.json | ||
ff-ts-usec-pcap-direct.txt | ||
io-rawshark-dhcp-pcap.txt |