| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 |
- #
- # Location definitions for packet matching
- #
- # name alignment offset mask shift
- ip.version u8 net+0 0xF0 4
- ip.hdrlen u8 net+0 0x0F
- ip.diffserv u8 net+1
- ip.length u16 net+2
- ip.id u16 net+4
- ip.flag.res u8 net+6 0xff 7
- ip.df u8 net+6 0x40 6
- ip.mf u8 net+6 0x20 5
- ip.offset u16 net+6 0x1FFF
- ip.ttl u8 net+8
- ip.proto u8 net+9
- ip.chksum u16 net+10
- ip.src u32 net+12
- ip.dst u32 net+16
- # if ip.ihl > 5
- ip.opts u32 net+20
- #
- # IP version 6
- #
- # name alignment offset mask shift
- ip6.version u8 net+0 0xF0 4
- ip6.tc u16 net+0 0xFF0 4
- ip6.flowlabel u32 net+0 0xFFFFF
- ip6.length u16 net+4
- ip6.nexthdr u8 net+6
- ip6.hoplimit u8 net+7
- ip6.src 16 net+8
- ip6.dst 16 net+24
- #
- # Transmission Control Protocol (TCP)
- #
- # name alignment offset mask shift
- tcp.sport u16 tcp+0
- tcp.dport u16 tcp+2
- tcp.seq u32 tcp+4
- tcp.ack u32 tcp+8
- # Data offset (4 bits)
- tcp.off u8 tcp+12 0xF0 4
- # Reserved [0 0 0] (3 bits)
- tcp.reserved u8 tcp+12 0x04 1
- # ECN [N C E] (3 bits)
- tcp.ecn u16 tcp+12 0x01C00 6
- # Individual TCP flags (0|1) (6 bits in total)
- tcp.flag.urg u8 tcp+13 0x20 5
- tcp.flag.ack u8 tcp+13 0x10 4
- tcp.flag.psh u8 tcp+13 0x08 3
- tcp.flag.rst u8 tcp+13 0x04 2
- tcp.flag.syn u8 tcp+13 0x02 1
- tcp.flag.fin u8 tcp+13 0x01
- tcp.win u16 tcp+14
- tcp.csum u16 tcp+16
- tcp.urg u16 tcp+18
- tcp.opts u32 tcp+20
- #
- # User Datagram Protocol (UDP)
- #
- # name alignment offset mask shift
- udp.sport u16 tcp+0
- udp.dport u16 tcp+2
- udp.length u16 tcp+4
- udp.csum u16 tcp+6
|
