Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
128
Understanding Intrusion and Correlation Data Structures
Understanding Series 2 Data Blocks
Chapter 3
ICMP Type Data Block
The eStreamer service uses the ICMP Type data block to contain information
about ICMP Types. This data block has a record type of 260, and a block type of
19 in series 2.
The following diagram shows the structure of the ICMP Type data block.
The following diagram shows the structure of the ICMP Type data block.
table describes the fields in the ICMP Type data
block.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (260)
ICMP Type Data Block Type (19)
ICMP Type Data Block Length
Type
Protocol
Description
String Block Type (0)
String Block Length
Description...
ICMP Type Data Block Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
ICMP Type Data
Block Type
uint32
Initiates an ICMP Type data block. This value is
always 19.
ICMP Type Data
Block Length
uint32
Total number of bytes in the ICMP Type data
block, including eight bytes for the ICMP Type
data block type and length fields, plus the
number of bytes of data that follows.
Type
uint16
The ICMP type of the event.