Hi, What you’re looking at is the SNMP encoding according to the Basic Encoding Rules[2] (BER). These octets define the BER structure.
For example a 64 octet SNMPv3 message starts as such: SNMPv3Message ::= SEQUENCE { 30 3E msgVersion INTEGER ( 0 .. 2147483647 ), 02 01 03 Where 30 defines a sequence, 3E the length, 02 an integer, 01 length of one and 03 the version number. [1] https://datatracker.ietf.org/doc/html/rfc3412#section-6 <https://datatracker.ietf.org/doc/html/rfc3412#section-6> [2] https://www.oss.com/asn1/resources/asn1-made-simple/asn1-quick-reference/basic-encoding-rules.html <https://www.oss.com/asn1/resources/asn1-made-simple/asn1-quick-reference/basic-encoding-rules.html> Regards, Jaap > On 3 Mar 2022, at 06:33, Chandra Japan <chandra.japan2...@gmail.com> wrote: > > Hi Wireshark Team, > > Please let me know > > what does first 4 bytes in SNMP Data indicate > > because I could see from 5th byte I see version and other things > > Regards > Chandramohan > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe