2019-01-11 16:48:25 +01:00
|
|
|
# D4 encapsulation protocol version 1 (DRAFT)
|
2018-11-26 14:09:35 +01:00
|
|
|
|
|
|
|
|
## Headers
|
|
|
|
|
|
|
|
|
|
| Name | bit size | Description |
|
|
|
|
|
|---------------|-----------|:----------------------------------------------------------------------:|
|
2018-11-26 16:55:16 +01:00
|
|
|
| version | uint 8 | Version of the header |
|
2019-01-11 16:48:25 +01:00
|
|
|
| type | uint 8 | Data encapsulated type |
|
2018-11-26 14:09:35 +01:00
|
|
|
| uuid | uint 128 | Sensor uuid |
|
|
|
|
|
| timestamp | uint 64 | Encapsulation time |
|
|
|
|
|
| hmac | uint 256 | Header authenticated header (HMAC-SHA-256-128) |
|
|
|
|
|
| size | uint 32 | Payload size |
|
|
|
|
|
|
|
|
|
|
## Type
|
|
|
|
|
|
|
|
|
|
|Type| Description |
|
2019-01-11 16:48:25 +01:00
|
|
|
|----|:-----------------------------------|
|
|
|
|
|
| 0 | Reserved |
|
|
|
|
|
| 1 | pcap (libpcap 2.4) |
|
|
|
|
|
| 2 | meta header (JSON) |
|
|
|
|
|
| 3 | generic log line |
|
|
|
|
|
| 4 | dnscap output |
|
|
|
|
|
| 5 | pcapng |
|
|
|
|
|
| 6 | generic NDJSON or JSON Lines |
|
|
|
|
|
| 7 | generic YAF (Yet Another Flowmeter)|
|
2018-11-26 14:09:35 +01:00
|
|
|
|
