Hi,
I totally run out of ideas, so any comments are welcome! :)
Hop-by-Hop
----------
--total number Total length of the Hop-by-Hop option
--restriction type Information for the unknown options
(OptType & 0xC0)
type:
low (00)the option can be discarded
medium (01)the packet can be discarded
high (10)the packet can be discarded with response
nomulti (11)the packet can be discarded with unicast
response
--route [y|n] The option changes(y) the routing
(OptType & 0x20)
--type type Type of the option
(OptType & 0x1F)
--length number Length of the option
My problem is that the options are concatenated into one large bitstream
in the HbH header, and the this structure describes one of them.
How can We handle the chains 'gracefully'?
(The PAD1 and PADN support is clear :))
Destination
-----------
Same as the Hop-by-Hop (in case of packet filter), with the same
problems.
Routing
-------
--total number Total length of the Hop-by-Hop option
--type type Type of the option
--left number Segments left
How can We handle the address list?
Ex:
--addr1, --addr2, ... --addr16; but it can be very large (>90)
Fragment
--------
--total number Total length of the Hop-by-Hop option
--more [y|n] There are more fragment? (y=more)
--first This is the 1st fragment? (offset=0)
--id number(hex) ID of the fragment
The ID can be an interval, or something ... (max - min)
AH
--
--total number Total length of the Hop-by-Hop option
--spi number(hex) SPI
--seq number(hex) Sequence nr
ESP
---
--total number Total length of the Hop-by-Hop option
--spi number(hex) SPI
--seq number(hex) Sequence nr
Regards & thx,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-------------------------/ Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /---------------------------------------------->
signature.asc
Description: This is a digitally signed message part
