Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
610
Understanding Legacy Data Structures
Legacy Connection Data Structures
Appendix B
Connection Chunk Data Block for 4.10.1 - 5.1
The Connection Chunk data block conveys connection data detected by a
NetFlow device. The Connection Chunk data block has a block type of 66 for pre-
4.10.1 versions. For version 4.10.1 - 5.1, it has a block type of 119.
The following diagram shows the format of the Connection Chunk data block:
The following diagram shows the format of the Connection Chunk data block:
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Connection Chunk Block Type (66 | 119)
Connection Chunk Block Length
Initiator IP Address
Responder IP Address
Start Time
Application ID
Responder Port
Protocol
Connection Type
NetFlow Detector IP Address
Packets Sent
Packets Received
Bytes Sent
Bytes Received
Connections