Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
382
Understanding Discovery & Connection Data Structures
Discovery and Connection Event Series 2 Data Blocks
Chapter 4
Access Control Rule Data Block
The eStreamer service uses the Access Control Rule data block in access control
rule metadata messages to map policy UUID and rule ID combinations to a
descriptive string. The Access Control Rule data block has a block type of 15 in
the series 2 group of blocks.
The following graphic shows the structure of the Access Control Rule data block.
The following graphic shows the structure of the Access Control Rule data block.
The
Access Control Rule Data Block Fields
table describes the fields in the
Access Control Rule data block.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Access Control Rule Block Type (15)
Access Control Rule Block Length
Access Control Rule UUID
Access Control Rule UUID, continued
Access Control Rule UUID, continued
Access Control Rule UUID, continued
Access Control Rule ID
String Block Type (0)
String Block Length
Name...
Access Control Rule Data Block Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Access Control
Rule Block Type
uint32
Initiates an Access Control Rule block. This
value is always 15.
Access Control
Rule Block
Length
uint32
Total number of bytes in the Access Control
Rule block, including eight bytes for the
Access Control Rule block type and length
fields, plus the number of bytes of data that
follows.
Access Control
Rule UUID
uint8[16]
The unique identifier for the access control
rule.