diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/pktloc | 44 |
1 files changed, 32 insertions, 12 deletions
@@ -2,14 +2,15 @@ # Location definitions for packet matching # -# name alignment offset mask -ip.version u8 net+0 0xF0 +# name alignment offset mask shift +ip.version u8 net+0 0xF0 4 ip.hdrlen u8 net+0 0x0F ip.diffserv u8 net+1 ip.length u16 net+2 ip.id u16 net+4 -ip.df u8 net+6 0x40 -ip.mf u8 net+6 0x20 +ip.flag.res u8 net+6 0xff 7 +ip.df u8 net+6 0x40 6 +ip.mf u8 net+6 0x20 5 ip.offset u16 net+6 0x1FFF ip.ttl u8 net+8 ip.proto u8 net+9 @@ -17,12 +18,16 @@ ip.chksum u16 net+10 ip.src u32 net+12 ip.dst u32 net+16 +# if ip.ihl > 5 +ip.opts u32 net+20 + + # # IP version 6 # -# name alignment offset mask -ip6.version u8 net+0 0xF0 -ip6.tc u16 net+0 0xFF0 +# name alignment offset mask shift +ip6.version u8 net+0 0xF0 4 +ip6.tc u16 net+0 0xFF0 4 ip6.flowlabel u32 net+0 0xFFFFF ip6.length u16 net+4 ip6.nexthdr u8 net+6 @@ -33,14 +38,29 @@ ip6.dst 16 net+24 # # Transmission Control Protocol (TCP) # -# name alignment offset mask +# name alignment offset mask shift tcp.sport u16 tcp+0 tcp.dport u16 tcp+2 tcp.seq u32 tcp+4 tcp.ack u32 tcp+8 -tcp.off u8 tcp+12 0xF0 -tcp.reserved u8 tcp+12 0x0F -# FLAGS + +# Data offset (4 bits) +tcp.off u8 tcp+12 0xF0 4 + +# Reserved [0 0 0] (3 bits) +tcp.reserved u8 tcp+12 0x04 1 + +# ECN [N C E] (3 bits) +tcp.ecn u16 tcp+12 0x01C00 6 + +# Individual TCP flags (0|1) (6 bits in total) +tcp.flag.urg u8 tcp+13 0x20 5 +tcp.flag.ack u8 tcp+13 0x10 4 +tcp.flag.psh u8 tcp+13 0x08 3 +tcp.flag.rst u8 tcp+13 0x04 2 +tpc.flag.syn u8 tcp+13 0x02 1 +tcp.flag.fin u8 tcp+13 0x01 + tcp.win u16 tcp+14 tcp.csum u16 tcp+16 tcp.urg u16 tcp+18 @@ -49,7 +69,7 @@ tcp.opts u32 tcp+20 # # User Datagram Protocol (UDP) # -# name alignment offset mask +# name alignment offset mask shift udp.sport u16 tcp+0 udp.dport u16 tcp+2 udp.length u16 tcp+4 |