OSPF protocol analyzer

Hello everyone,

I was wondering if is it possible to make an analyzer of OSPF with Binpac. The problem that I face is that OSPF is a layer 4 (there’s no tcp or udp below it).

Can anyone give me a solution to my problem?


Anything that's not on top of TCP/UDP remains problematic to support
in Bro currently, unfortunately. It's less a limitation of BinPAC; the
problem is that Bro's lower layers (before BinPAC even comes into the
picture) still pretty much hardcode the transport-layer protocols.
Changing that has been on the TODO list for a while, but nobody's
tackled it yet.

If one just wanted to hack something in to get data to a
proof-of-concept OSPF analyzer, that probably wouldn't be too hard.
But the real solution would require some internal refactoring first.