Cisco Cisco Firepower Management Center 4000 Guide Du Développeur

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

357

Understanding Discovery & Connection Data Structures

Host Discovery and Connection Data Blocks

Chapter 4

IP Range

Specification

Data Blocks *

variable

IP Range Specification data blocks containing

information about the IP address ranges for the

user input. See

IP Address Range Data Block

for 5.2+

on page 270 for a description of this

data block.

Port

uint16

Port specified by the user.

Protocol

uint16

IANA protocol number or Ethertype. This is

handled differently for Transport and Network

layer protocols.
Transport layer protocols are identified by the

IANA protocol number. For example:

•

6 — TCP

•

17 — UDP

Network layer protocols are identified by the

decimal form of the IEEE Registration Authority

Ethertype. For example:

•

2048 — IP

Drop User

Product

uint32

Indicates whether the user OS definition was

deleted from the host:
•

— No

•

— Yes

String Block

Type

uint32

Initiates a String data block containing the

custom vendor name specified in the user

input. This value is always 0.

String Block

Length

uint32

Number of bytes in the custom vendor String

data block, including eight bytes for the block

type and length fields, plus the number of

bytes in the vendor name.

Custom

Vendor Name

string

The custom vendor name specified in the user

input.

String Block

Type

uint32

Initiates a String data block containing the

custom product name specified in the user

input. This value is always 0.

String Block

Length

uint32

Number of bytes in the custom product String

data block, including eight bytes for the block

type and length fields, plus the number of

bytes in the product name.

User Product Data Block Fields (Continued)

IELD

ATA

YPE

ESCRIPTION