I was wondering is there an existing way in Zeek to log IP Header Options? The conn log has a lot of the IP Header fields but not the IP Header “Options” field data. Specifically looking at logging data related to CIPSO packet labeling (reference: https://tools.ietf.org/html/draft-ietf-cipso-ipsecurity-01).
If not, can anyone point me to a decent example of a bro script logging similar data from the IP Header? (it’s been quite a few years since I’ve looked at bro scripts and I haven’t found any examples doing something similar to what I want)
Thank guys any information you can provide would be helpful!