Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
265
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
User Protocol Data Block
The User Protocol data block is used to contain information about added
protocols, the type of the protocol, and lists of IP address and MAC address
ranges for the hosts with the protocol. The User Protocol data block has a block
type of 57 in the series 1 group of blocks.
The following diagram shows the basic structure of a User Protocol data block:
The following diagram shows the basic structure of a User Protocol data block:
The
table describes the fields of the User
Protocol data block.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
User Protocol Block Type (57)
User Protocol Block Length
IP Address Ranges
Generic List Block Type (31)
Generic List Block Length
IP Range Specification Data Blocks*
MAC Add. Ranges
Generic List Block Type (31)
Generic List Block Length
MAC Range Specification Data Blocks...
Protocol Type
Protocol
User Protocol Data Block Fields
F
IELD
N
UMBER
OF
B
YTES
D
ESCRIPTION
User Protocol
Block Type
uint32
Initiates a User Protocol data block. This value is
always 57.
User Protocol
Block Length
uint32
Total number of bytes in the User Protocol data
block, including eight bytes for the user protocol
block type and length fields, plus the number of
bytes of user protocol data that follows.
Generic List
Block Type
uint32
Initiates a Generic List data block comprising IP
Range Specification data blocks conveying IP
address range data. This value is always 31.