Руководство Разработчика для Cisco Cisco Firepower Management Center 2000
4-68
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Protocol Data Block
The Protocol data block defines protocols. It is a very simple data block, with only the block type, block
length, and the IANA protocol number identifying the protocol. The Protocol data block has a block type
of 4 in the series 1 group of blocks.
length, and the IANA protocol number identifying the protocol. The Protocol data block has a block type
of 4 in the series 1 group of blocks.
The following graphic shows the format of the Protocol data block:
The following table describes the fields of the Protocol data block.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Protocol Block Type (4)
Protocol Block Length
Protocol
Table 4-33
Protocol Data Block Fields
Field
Data Type
Description
Protocol Block Type
uint32
Initiates a Protocol data block. This value is always
4
.
Protocol Block Length
uint32
Number of bytes in the Protocol data block. This value is always
10
.
Protocol
uint16
IANA protocol number or Ethertype. This is handled differently
for Transport and Network layer protocols.
for Transport and Network layer protocols.
Transport layer protocols are identified by the IANA protocol
number. For example:
number. For example:
•
6
- TCP
•
17
- UDP
Network layer protocols are identified by the decimal form of
the IEEE Registration Authority Ethertype. For example:
the IEEE Registration Authority Ethertype. For example:
•
2048
- IP