Руководство Разработчика для Cisco Cisco Firepower Management Center 2000
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
130
Understanding Intrusion and Correlation Data Structures
Understanding Series 2 Data Blocks
Chapter 3
The
table describes the fields in the ICMP Code
data block.
ICMP Code Data Block Type (20)
ICMP Code Data Block Length
Code
Type
Descriptio
n
Protocol
String Block Type (0)
String Block Type (0), continued
String Block Length
String Block Length, continued
Description...
ICMP Code Data Block Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
ICMP Code
Data Block Type
uint32
Initiates a ICMP Code data block. This value is
always 20.
ICMP Code
Data Block
Length
uint32
Total number of bytes in the ICMP Code data
block, including eight bytes for the ICMP Code
data block type and length fields, plus the
number of bytes of data that follows.
Code
uint16
The ICMP code of the event.
Type
uint16
The ICMP type of the event.
Protocol
uint16
IANA-specified protocol number. For example:
• 0 — IP
• 0 — IP
• 1 — ICMP
• 6 — TCP
• 17 — UDP
and so on.
and so on.
String Block
Type
uint32
Initiates a String data block containing the
description of the ICMP code. This value is
always 0.
String Block
Length
uint32
The number of bytes included in the name
String data block, including eight bytes for the
block type and header fields plus the number
of bytes in the Description field.
Description
string
Description of the ICMP code for the event.