blob: 8559161b3b0604fc07c1eb789e2012685f4b1512 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
#
# Location definitions for packet matching
#
# name alignment offset mask shift
ip.version u8 net+0 0xF0 4
ip.hdrlen u8 net+0 0x0F
ip.diffserv u8 net+1
ip.length u16 net+2
ip.id u16 net+4
ip.flag.res u8 net+6 0xff 7
ip.df u8 net+6 0x40 6
ip.mf u8 net+6 0x20 5
ip.offset u16 net+6 0x1FFF
ip.ttl u8 net+8
ip.proto u8 net+9
ip.chksum u16 net+10
ip.src u32 net+12
ip.dst u32 net+16
# if ip.ihl > 5
ip.opts u32 net+20
#
# IP version 6
#
# name alignment offset mask shift
ip6.version u8 net+0 0xF0 4
ip6.tc u16 net+0 0xFF0 4
ip6.flowlabel u32 net+0 0xFFFFF
ip6.length u16 net+4
ip6.nexthdr u8 net+6
ip6.hoplimit u8 net+7
ip6.src 16 net+8
ip6.dst 16 net+24
#
# Transmission Control Protocol (TCP)
#
# name alignment offset mask shift
tcp.sport u16 tcp+0
tcp.dport u16 tcp+2
tcp.seq u32 tcp+4
tcp.ack u32 tcp+8
# Data offset (4 bits)
tcp.off u8 tcp+12 0xF0 4
# Reserved [0 0 0] (3 bits)
tcp.reserved u8 tcp+12 0x04 1
# ECN [N C E] (3 bits)
tcp.ecn u16 tcp+12 0x01C00 6
# Individual TCP flags (0|1) (6 bits in total)
tcp.flag.urg u8 tcp+13 0x20 5
tcp.flag.ack u8 tcp+13 0x10 4
tcp.flag.psh u8 tcp+13 0x08 3
tcp.flag.rst u8 tcp+13 0x04 2
tcp.flag.syn u8 tcp+13 0x02 1
tcp.flag.fin u8 tcp+13 0x01
tcp.win u16 tcp+14
tcp.csum u16 tcp+16
tcp.urg u16 tcp+18
tcp.opts u32 tcp+20
#
# User Datagram Protocol (UDP)
#
# name alignment offset mask shift
udp.sport u16 tcp+0
udp.dport u16 tcp+2
udp.length u16 tcp+4
udp.csum u16 tcp+6
|
