Class: Unified2::Constructor::Construct

Inherits:

BinData::Record

• Object
• BinData::Record
• Unified2::Constructor::Construct

Defined in:

lib/unified2/constructor/construct.rb

Overview

Unified2 Construction

Instance Method Summary

• #padding_length ⇒ Object

  Sometimes the data needs extra padding.

• #type_selection ⇒ Object

  Type Selection.

Instance Method Details

#padding_length ⇒ Object

Sometimes the data needs extra padding

# File 'lib/unified2/constructor/construct.rb', line 71

def padding_length
  if header.u2length > data.num_bytes
    header.u2length - data.num_bytes
  else
    0
  end
end

#type_selection ⇒ Object

Type Selection

Deterime and call data type based on the unified2 type attribute

# File 'lib/unified2/constructor/construct.rb', line 44

def type_selection
  case header.u2type.to_i
  when 1
    # define UNIFIED2_EVENT 1
  when 2
    # define UNIFIED2_PACKET 2
    "packet"
  when 7
    # define UNIFIED2_IDS_EVENT 7
    "ev4"
  when 66
    # define UNIFIED2_EVENT_EXTENDED 66
  when 67
    # define UNIFIED2_PERFORMANCE 67
  when 68
    # define UNIFIED2_PORTSCAN 68
  when 72
    # define UNIFIED2_IDS_EVENT_IPV6 72
    "ev6"
  else
    "unknown type #{header.u2type}"
  end
end