Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
244
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
The
table describes the fields of the Protocol data
block.
Integer (INT32) Data Block
The Integer (INT32) data block is used in List data blocks to convey 32-bit integer
data, for example, in the Vulnerability Reference data block where it is used to
transmit a list of vulnerability identification numbers.
The Integer data block has a block type of 7 in the series 1 group of blocks.
The following diagram shows the format of the integer data block:
The Integer data block has a block type of 7 in the series 1 group of blocks.
The following diagram shows the format of the integer data block:
Protocol Data Block Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Protocol
Block Type
uint32
Initiates a Protocol data block. This value is
always 4.
Protocol
Block Length
uint32
Number of bytes in the Protocol data block. This
value is always 10.
Protocol
uint16
IANA protocol number or Ethertype. This is
handled differently for Transport and Network
layer protocols.
Transport layer protocols are identified by the
Transport layer protocols are identified by the
IANA protocol number. For example:
•
6 — TCP
•
17 — UDP
Network layer protocols are identified by the
decimal form of the IEEE Registration Authority
Ethertype. For example:
•
2048 — IP
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Integer Block Type (7)
Integer Block Length
Integer