Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

270

Understanding Discovery & Connection Data Structures

Host Discovery and Connection Data Blocks

Chapter 4

IP Address Range Data Block for 5.2+

The IP Address Range data block for 5.2+ conveys a range of IP addresses. IP 

Address Range data blocks are used in User Protocol, User Client Application, 

Address Specification, User Product, User Server, User Hosts, User Vulnerability, 

User Criticality, and User Attribute Value data blocks. The IP Address Range data 

block has a block type of 141 in the series 1 group of blocks.
The following diagram shows the format of the IP Address Range data block: 

Source ID

uint32

Identification number that maps to the source 

that added the affected client application. 

Depending on the source type, this may map to 

RNA, a user, a scanner, or a third-party 

application.

Generic List 

Block Type

uint32

Initiates a Generic List data block. This value is 

always 31.

Generic List 

Block Length

uint32

Number of bytes in the Generic List block and 

encapsulated data blocks. This number includes 

the eight bytes of the generic list block header 

fields, plus the number of bytes in all of the 

encapsulated data blocks.

User Client 

Application 

Blocks

variable

Encapsulated User Client Application data blocks 

up to the maximum number of bytes in the list 

block length. For more information on the User 

Client Application data block, see 

User Client Application List Data Block Fields (Continued)

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

IP Address Range Block Type (141)

IP Address Range Block Length

IP Address Range Start

IP Address Range Start, continued