The headers Task

map ethernet holds Ethernet header fields.

string src is the source MAC address.

string dst is the destination MAC address.

string ethtype is the EthType.

map ipv4 holds IPv4 header fields.

uint8 IP version, should always be 4.

uint8 The Internet Header Length field contains the size of the IPv4 header.

uint8 The Type of Service is field has changed purposes over the years and is also called the Differentiated Services Code Point.

uint16 Th Length field defines the entire packet size in bytes, including header and data.

uint16 The ID field is an identification field and is primarily used for uniquely identifying the group of fragments of a single IP datagram.

string A three-bit field follows and is used to control or identify fragments. They are (in order, from most significant to least significant): +

uint16 The fragment offset field is measured in units of eight-byte blocks. It is 13 bits long and specifies the offset of a particular fragment relative to the beginning of the original unfragmented IP datagram.

uint8 An eight-bit time to live field helps prevent datagrams from persisting (e.g. going in circles) on an internet.

string This field defines the protocol used in the data portion of the IP datagram.

uint16 The 16-bit IPv4 header checksum field is used for error-checking of the header.

string This field is the IPv4 address of the sender of the packet.

string This field is the IPv4 address of the receiver of the packet.

array of strings A rare number of optional parameters that may be present in an Internet Protocol version 4 datagram.

map ipv6 holds IPv6 header fields.

uint8 IP version, should always be 6.

uint8 The bits of this field hold two values. The six most-significant bits hold the differentiated services field (DS field), which is used to classify packets. Currently, all standard DS fields end with a '0' bit. Any DS field that ends with two '1' bits is intended for local or experimental use. The remaining two bits are used for Explicit Congestion Notification (ECN) ; priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic.

uint32 A high-entropy identifier of a flow of packets between a source and destination.

uint16 The size of the payload in octets, including any extension headers.

string Specifies the type of the next header.

uint8 Replaces the time to live field in IPv4. This value is decremented by one at each forwarding node and the packet is discarded if it becomes 0.

string The unicast IPv6 address of the sending node.

string The IPv6 unicast or multicast address of the destination node(s).

map tcp holds TCP header fields.

string Identifies the sending port.

string Identifies the receiving port.

uint32 The Sequence Number has a dual role: If the SYN flag is set (1), then this is the initial sequence number. The sequence number of the actual first data byte and the acknowledged number in the corresponding ACK are then this sequence number plus 1. If the SYN flag is clear (0), then this is the accumulated sequence number of the first data byte of this segment for the current session.

uint32 If the ACK flag is set then the value of this field is the next sequence number that the sender of the ACK is expecting. This acknowledges receipt of all prior bytes (if any). The first ACK sent by each end acknowledges the other end’s initial sequence number itself, but no data.

uint8 Specifies the size of the TCP header in 32-bit words.

bool Last packet from sender.

bool Synchronize sequence numbers.

bool Reset the connection.

bool Push function.

bool Indicates that the Acknowledgment field is significant.

bool Indicates that the Urgent pointer field is significant.

bool ECN-Echo has a dual role, depending on the value of the SYN flag.

bool Congestion window reduced (CWR) flag is set by the sending host to indicate that it received a TCP segment with the ECE flag set and had responded in congestion control mechanism.

bool ECN-nonce - concealment protection.

uint16 The size of the receive window, which specifies the number of window size units that the sender of this segment is currently willing to receive.

uint16 The 16-bit checksum field is used for error-checking of the TCP header, the payload and an IP pseudo-header.

uint16 If the URG flag is set, then this 16-bit field is an offset from the sequence number indicating the last urgent data byte.

array of strings A number of optional parameters that may be present.

map udp holds UDP header fields.

uint16 This field identifies the sender’s port.

uint16 This field identifies the receiver’s port.

uint16 This field specifies the length in bytes of the UDP header and UDP data.

uint16 The checksum field may be used for error-checking of the header and data.