base/protocols/irc/dcc-send.zeek
- IRC
File extraction and introspection for DCC transfers over IRC.
There is a major problem with this script in the cluster context because we might see A send B a message that a DCC connection is to be expected, but that connection will actually be between B and C which could be analyzed on a different worker.
- Namespace
IRC
- Imports
base/frameworks/cluster, base/protocols/conn/removal-hooks.zeek, base/protocols/irc/main.zeek, base/utils/files.zeek
Summary
Redefinitions
Hooks
IRC DCC data finalization hook. |
Detailed Interface
Hooks
- IRC::finalize_irc_data
- Type
IRC DCC data finalization hook. Remaining expected IRC DCC state may be purged when it’s called.