Cisco Cisco Firepower Management Center 2000 开发者指南

The eStreamer service uses the Access Control Rule Reason data block in Access Control Rule Reason 
metadata messages to map Access Control reasons to a descriptive string. The Access Control Rule 
Reason data block has a block type of 21 in the series 2 group of blocks.

The following graphic shows the structure of the Access Control Rule Reason data block.:

The following table describes the fields in the Access Control Rule Reason data block.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Access Control Rule Reason Block Type (21)

Access Control Rule Block Length

Description

Access Control Rule Reason

String Block Type (0)

String Block Type (0), cont.

String Block Length

String Block Length, cont.

Description...

Access Control Rule 
Reason Block Type

uint32

Initiates an Access Control Rule Reason block. This value is 
always 

21

.

Access Control Rule 
Reason Block 
Length

uint32

Total number of bytes in the Access Control Rule Reason 
block, including eight bytes for the Access Control Rule 
Reason block type and length fields, plus the number of bytes 
of data that follows.

Access Control Rule 
Reason

uint16

The reason the Access Control rule logged the connection.

String Block Type

uint32

Initiates a String data block containing the descriptive name 
associated with the access control rule reason. This value is 
always 

0

.

String Block Length

uint32

The number of bytes included in the name String data block, 
including eight bytes for the block type and header fields plus 
the number of bytes in the Description field.

Description

string

Description of the Access Control rule reason.