Ethereal-dev: Re : Re: [Ethereal-dev] particular snoop output

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date: Tue, 19 Oct 2004 19:16:59 +0200
Hi Guy,

Thanks for your response

Unfortunately the format of netscreen snoop is something other than the standard
one (rfc 1761).

Please find attach both sunOS 5.8 and netscreen snoop output for your review
(same packet captured).

Florent



13301.0: 0(i):0003ba0f9adf->0010db621640/0800
              10.0.33.254->10.0.33.35/1, tlen=84
              vhl=45, tos=00, id=59119, frag=4000, ttl=255
              icmp:type=8, code=0
              00 10 db 62 16 40 00 03 ba 0f 9a df 08 00 45 00     ...b.@........E.
              00 54 e6 ef 40 00 ff 01 3d 98 0a 00 21 fe 0a 00     .T..@...=...!...
              21 23 08 00 30 d1 14 f2 00 00 41 75 40 c1 00 07     !#..0.....Au@...
              44 fc 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15     D...............
              16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25     ...........!"#$%
              26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35     &'()*+,-./012345
              36 37                                               67

13301.0: 0(o):0010db621640->0003ba0f9adf/0800
              10.0.33.35->10.0.33.254/1, tlen=84
              vhl=45, tos=00, id=3662, frag=0000, ttl=64
              icmp:type=0, code=0
              00 03 ba 0f 9a df 00 10 db 62 16 40 08 00 45 00     .........b.@..E.
              00 54 0e 4e 00 00 40 01 15 3b 0a 00 21 23 0a 00     .T.N..@..;..!#..
              21 fe 00 00 38 d1 14 f2 00 00 41 75 40 c1 00 07     !...8.....Au@...
              44 fc 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15     D...............
              16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25     ...........!"#$%
              26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35     &'()*+,-./012345
              36 37                                               67
ETHER:  ----- Ether Header -----
ETHER:
ETHER:  Packet 1 arrived at 9:28:49.47
ETHER:  Packet size = 98 bytes
ETHER:  Destination = 0:10:db:62:16:40,
ETHER:  Source      = 0:3:ba:f:9a:df,
ETHER:  Ethertype = 0800 (IP)
ETHER:
IP:   ----- IP Header -----
IP:
IP:   Version = 4
IP:   Header length = 20 bytes
IP:   Type of service = 0x00
IP:         xxx. .... = 0 (precedence)
IP:         ...0 .... = normal delay
IP:         .... 0... = normal throughput
IP:         .... .0.. = normal reliability
IP:   Total length = 84 bytes
IP:   Identification = 59119
IP:   Flags = 0x4
IP:         .1.. .... = do not fragment
IP:         ..0. .... = last fragment
IP:   Fragment offset = 0 bytes
IP:   Time to live = 255 seconds/hops
IP:   Protocol = 1 (ICMP)
IP:   Header checksum = 3d98
IP:   Source address = 10.0.33.254, 10.0.33.254
IP:   Destination address = 10.0.33.35, 10.0.33.35
IP:   No options
IP:
ICMP:  ----- ICMP Header -----
ICMP:
ICMP:  Type = 8 (Echo request)
ICMP:  Code = 0 (ID: 5362 Sequence number: 0)
ICMP:  Checksum = 30d1
ICMP:


           0: 0010 db62 1640 0003 ba0f 9adf 0800 4500    ...b.@........E.
          16: 0054 e6ef 4000 ff01 3d98 0a00 21fe 0a00    .T..@...=...!þ..
          32: 2123 0800 30d1 14f2 0000 4175 40c1 0007    !#..0.....Au@...
          48: 44fc 0809 0a0b 0c0d 0e0f 1011 1213 1415    Dü..............
          64: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425    .......... !"#$%
          80: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435    &'()*+,-./012345
          96: 3637                                       67

ETHER:  ----- Ether Header -----
ETHER:
ETHER:  Packet 2 arrived at 9:28:49.47
ETHER:  Packet size = 98 bytes
ETHER:  Destination = 0:3:ba:f:9a:df,
ETHER:  Source      = 0:10:db:62:16:40,
ETHER:  Ethertype = 0800 (IP)
ETHER:
IP:   ----- IP Header -----
IP:
IP:   Version = 4
IP:   Header length = 20 bytes
IP:   Type of service = 0x00
IP:         xxx. .... = 0 (precedence)
IP:         ...0 .... = normal delay
IP:         .... 0... = normal throughput
IP:         .... .0.. = normal reliability
IP:   Total length = 84 bytes
IP:   Identification = 3662
IP:   Flags = 0x0
IP:         .0.. .... = may fragment
IP:         ..0. .... = last fragment
IP:   Fragment offset = 0 bytes
IP:   Time to live = 64 seconds/hops
IP:   Protocol = 1 (ICMP)
IP:   Header checksum = 153b
IP:   Source address = 10.0.33.35, 10.0.33.35
IP:   Destination address = 10.0.33.254, 10.0.33.254
IP:   No options
IP:
ICMP:  ----- ICMP Header -----
ICMP:
ICMP:  Type = 0 (Echo reply)
ICMP:  Code = 0 (ID: 5362 Sequence number: 0)
ICMP:  Checksum = 38d1
ICMP:


           0: 0003 ba0f 9adf 0010 db62 1640 0800 4500    .........b.@..E.
          16: 0054 0e4e 0000 4001 153b 0a00 2123 0a00    .T.N..@..;..!#..
          32: 21fe 0000 38d1 14f2 0000 4175 40c1 0007    !þ..8.....Au@...
          48: 44fc 0809 0a0b 0c0d 0e0f 1011 1213 1415    Dü..............
          64: 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425    .......... !"#$%
          80: 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435    &'()*+,-./012345
          96: 3637                                       67