diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
| commit | e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc (patch) | |
| tree | 68cb5ef9081156392f1dd62a00c6ccc1451b93df /test/baseline | |
| parent | Initial commit. (diff) | |
| download | wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.tar.xz wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.zip | |
Adding upstream version 4.2.2.upstream/4.2.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rw-r--r-- | test/baseline/communityid-filtered.txt | 2 | ||||
| -rw-r--r-- | test/baseline/communityid.txt | 105 | ||||
| -rw-r--r-- | test/baseline/dhcp-filter.ek | 8 | ||||
| -rw-r--r-- | test/baseline/dhcp-raw.ek | 8 | ||||
| -rw-r--r-- | test/baseline/dhcp.ek | 8 | ||||
| -rw-r--r-- | test/baseline/dhcp.json | 644 | ||||
| -rw-r--r-- | test/baseline/dhcp.jsonraw | 3592 | ||||
| -rw-r--r-- | test/baseline/elastic-mapping-ip-subset.json | 306 | ||||
| -rw-r--r-- | test/baseline/ff-ts-usec-pcap-direct.txt | 4 | ||||
| -rw-r--r-- | test/baseline/io-rawshark-dhcp-pcap.txt | 5 |
10 files changed, 4682 insertions, 0 deletions
diff --git a/test/baseline/communityid-filtered.txt b/test/baseline/communityid-filtered.txt new file mode 100644 index 00000000..0b79470b --- /dev/null +++ b/test/baseline/communityid-filtered.txt @@ -0,0 +1,2 @@ +1:d/FP5EW3wiY1vCndhwleRRKHowQ= +1:d/FP5EW3wiY1vCndhwleRRKHowQ= diff --git a/test/baseline/communityid.txt b/test/baseline/communityid.txt new file mode 100644 index 00000000..a5caa808 --- /dev/null +++ b/test/baseline/communityid.txt @@ -0,0 +1,105 @@ + + + + + + +1:dGHyGvjMfljg6Bppwm3bg0LO8TY= +1:dGHyGvjMfljg6Bppwm3bg0LO8TY= +1:BtEUCMYecYjJ7spEkVZDiCFaMTY= +1:BtEUCMYecYjJ7spEkVZDiCFaMTY= +1:ORxAZfN3ld7Sv73/HQTNnvgxbpY= +1:ORxAZfN3ld7Sv73/HQTNnvgxbpY= +1:zavyT/cezQr1fmImYCwYnMXbgck= +1:zavyT/cezQr1fmImYCwYnMXbgck= +1:dGHyGvjMfljg6Bppwm3bg0LO8TY= +1:dGHyGvjMfljg6Bppwm3bg0LO8TY= +1:NdobDX8PQNJbAyfkWxhtL2Pqp5w= +1:NdobDX8PQNJbAyfkWxhtL2Pqp5w= +1:NdobDX8PQNJbAyfkWxhtL2Pqp5w= +1:bnQKq8A2r//dWnkRW2EYcMhShjc= +1:bnQKq8A2r//dWnkRW2EYcMhShjc= +1:bnQKq8A2r//dWnkRW2EYcMhShjc= +1:2ObVBgIn28oZvibYZhZMBgh7WdQ= +1:2ObVBgIn28oZvibYZhZMBgh7WdQ= +1:2ObVBgIn28oZvibYZhZMBgh7WdQ= +1:hLZd0XGWojozrvxqE0dWB1iM6R0= +1:hLZd0XGWojozrvxqE0dWB1iM6R0= +1:hLZd0XGWojozrvxqE0dWB1iM6R0= +1:+TW+HtLHvV1xnGhV1lv7XoJrqQg= +1:+TW+HtLHvV1xnGhV1lv7XoJrqQg= +1:+TW+HtLHvV1xnGhV1lv7XoJrqQg= +1:+TW+HtLHvV1xnGhV1lv7XoJrqQg= +1:+TW+HtLHvV1xnGhV1lv7XoJrqQg= +1:+TW+HtLHvV1xnGhV1lv7XoJrqQg= +1:BtEUCMYecYjJ7spEkVZDiCFaMTY= +1:BtEUCMYecYjJ7spEkVZDiCFaMTY= +1:hO+sN4H+MG5MY/8hIrXPqc4ZQz0= +1:pkvHqCL88/tg1k4cPigmZXUtL00= +1:dGHyGvjMfljg6Bppwm3bg0LO8TY= +1:dGHyGvjMfljg6Bppwm3bg0LO8TY= +1:jwuBy9UWZK1KUFqJV5cHdVpfrlY= +1:MEixa66kuz0OMvlQqnAIzP3n2xg= +1:ORxAZfN3ld7Sv73/HQTNnvgxbpY= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:GpbEQrKqfWtsfsFiqg8fufoZe5Y= +1:zavyT/cezQr1fmImYCwYnMXbgck= +1:zavyT/cezQr1fmImYCwYnMXbgck= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:X0snYXpgwiv9TZtqg64sgzUn6Dk= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:/qFaeAR+gFe1KYjMzVDsMv+wgU4= +1:MP2EtRCAUIZvTw6MxJHLV7N7JDs= +1:MP2EtRCAUIZvTw6MxJHLV7N7JDs= +1:MP2EtRCAUIZvTw6MxJHLV7N7JDs= +1:MP2EtRCAUIZvTw6MxJHLV7N7JDs= +1:MP2EtRCAUIZvTw6MxJHLV7N7JDs= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:LQU9qZlK+B5F3KDmev6m5PMibrg= +1:d/FP5EW3wiY1vCndhwleRRKHowQ= +1:d/FP5EW3wiY1vCndhwleRRKHowQ= +1:KHlLkgoJW7ifUTyTSgyVfkFHzKw= +1:KHlLkgoJW7ifUTyTSgyVfkFHzKw= diff --git a/test/baseline/dhcp-filter.ek b/test/baseline/dhcp-filter.ek new file mode 100644 index 00000000..49d0a197 --- /dev/null +++ b/test/baseline/dhcp-filter.ek @@ -0,0 +1,8 @@ +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184317","layers":{"frame":{"filtered":"frame"},"eth":{"filtered":"eth"},"ip":{"filtered":"ip"},"udp":{"filtered":"udp"},"dhcp":{"dhcp_dhcp_type":{"filtered":"dhcp.type"},"dhcp_dhcp_hw_type":{"filtered":"dhcp.hw.type"},"dhcp_dhcp_hw_len":{"filtered":"dhcp.hw.len"},"dhcp_dhcp_hops":{"filtered":"dhcp.hops"},"dhcp_dhcp_id":{"filtered":"dhcp.id"},"dhcp_dhcp_secs":{"filtered":"dhcp.secs"},"dhcp_dhcp_flags":{"filtered":"dhcp.flags"},"dhcp_dhcp_ip_client":{"filtered":"dhcp.ip.client"},"dhcp_dhcp_ip_your":{"filtered":"dhcp.ip.your"},"dhcp_dhcp_ip_server":{"filtered":"dhcp.ip.server"},"dhcp_dhcp_ip_relay":{"filtered":"dhcp.ip.relay"},"dhcp_dhcp_hw_mac_addr":{"filtered":"dhcp.hw.mac_addr"},"dhcp_dhcp_hw_addr_padding":{"filtered":"dhcp.hw.addr_padding"},"dhcp_dhcp_server":{"filtered":"dhcp.server"},"dhcp_dhcp_file":{"filtered":"dhcp.file"},"dhcp_dhcp_cookie":{"filtered":"dhcp.cookie"},"dhcp_dhcp_option_type":[{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"}],"dhcp_dhcp_option_padding":{"filtered":"dhcp.option.padding"}}}} +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184317","layers":{"frame":{"filtered":"frame"},"eth":{"filtered":"eth"},"ip":{"filtered":"ip"},"udp":{"filtered":"udp"},"dhcp":{"dhcp_dhcp_type":{"filtered":"dhcp.type"},"dhcp_dhcp_hw_type":{"filtered":"dhcp.hw.type"},"dhcp_dhcp_hw_len":{"filtered":"dhcp.hw.len"},"dhcp_dhcp_hops":{"filtered":"dhcp.hops"},"dhcp_dhcp_id":{"filtered":"dhcp.id"},"dhcp_dhcp_secs":{"filtered":"dhcp.secs"},"dhcp_dhcp_flags":{"filtered":"dhcp.flags"},"dhcp_dhcp_ip_client":{"filtered":"dhcp.ip.client"},"dhcp_dhcp_ip_your":{"filtered":"dhcp.ip.your"},"dhcp_dhcp_ip_server":{"filtered":"dhcp.ip.server"},"dhcp_dhcp_ip_relay":{"filtered":"dhcp.ip.relay"},"dhcp_dhcp_hw_mac_addr":{"filtered":"dhcp.hw.mac_addr"},"dhcp_dhcp_hw_addr_padding":{"filtered":"dhcp.hw.addr_padding"},"dhcp_dhcp_server":{"filtered":"dhcp.server"},"dhcp_dhcp_file":{"filtered":"dhcp.file"},"dhcp_dhcp_cookie":{"filtered":"dhcp.cookie"},"dhcp_dhcp_option_type":[{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"}],"dhcp_dhcp_option_padding":{"filtered":"dhcp.option.padding"}}}} +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184387","layers":{"frame":{"filtered":"frame"},"eth":{"filtered":"eth"},"ip":{"filtered":"ip"},"udp":{"filtered":"udp"},"dhcp":{"dhcp_dhcp_type":{"filtered":"dhcp.type"},"dhcp_dhcp_hw_type":{"filtered":"dhcp.hw.type"},"dhcp_dhcp_hw_len":{"filtered":"dhcp.hw.len"},"dhcp_dhcp_hops":{"filtered":"dhcp.hops"},"dhcp_dhcp_id":{"filtered":"dhcp.id"},"dhcp_dhcp_secs":{"filtered":"dhcp.secs"},"dhcp_dhcp_flags":{"filtered":"dhcp.flags"},"dhcp_dhcp_ip_client":{"filtered":"dhcp.ip.client"},"dhcp_dhcp_ip_your":{"filtered":"dhcp.ip.your"},"dhcp_dhcp_ip_server":{"filtered":"dhcp.ip.server"},"dhcp_dhcp_ip_relay":{"filtered":"dhcp.ip.relay"},"dhcp_dhcp_hw_mac_addr":{"filtered":"dhcp.hw.mac_addr"},"dhcp_dhcp_hw_addr_padding":{"filtered":"dhcp.hw.addr_padding"},"dhcp_dhcp_server":{"filtered":"dhcp.server"},"dhcp_dhcp_file":{"filtered":"dhcp.file"},"dhcp_dhcp_cookie":{"filtered":"dhcp.cookie"},"dhcp_dhcp_option_type":[{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"}],"dhcp_dhcp_option_padding":{"filtered":"dhcp.option.padding"}}}} +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184387","layers":{"frame":{"filtered":"frame"},"eth":{"filtered":"eth"},"ip":{"filtered":"ip"},"udp":{"filtered":"udp"},"dhcp":{"dhcp_dhcp_type":{"filtered":"dhcp.type"},"dhcp_dhcp_hw_type":{"filtered":"dhcp.hw.type"},"dhcp_dhcp_hw_len":{"filtered":"dhcp.hw.len"},"dhcp_dhcp_hops":{"filtered":"dhcp.hops"},"dhcp_dhcp_id":{"filtered":"dhcp.id"},"dhcp_dhcp_secs":{"filtered":"dhcp.secs"},"dhcp_dhcp_flags":{"filtered":"dhcp.flags"},"dhcp_dhcp_ip_client":{"filtered":"dhcp.ip.client"},"dhcp_dhcp_ip_your":{"filtered":"dhcp.ip.your"},"dhcp_dhcp_ip_server":{"filtered":"dhcp.ip.server"},"dhcp_dhcp_ip_relay":{"filtered":"dhcp.ip.relay"},"dhcp_dhcp_hw_mac_addr":{"filtered":"dhcp.hw.mac_addr"},"dhcp_dhcp_hw_addr_padding":{"filtered":"dhcp.hw.addr_padding"},"dhcp_dhcp_server":{"filtered":"dhcp.server"},"dhcp_dhcp_file":{"filtered":"dhcp.file"},"dhcp_dhcp_cookie":{"filtered":"dhcp.cookie"},"dhcp_dhcp_option_type":[{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"},{"filtered":"dhcp.option.type"}],"dhcp_dhcp_option_padding":{"filtered":"dhcp.option.padding"}}}} diff --git a/test/baseline/dhcp-raw.ek b/test/baseline/dhcp-raw.ek new file mode 100644 index 00000000..df063df4 --- /dev/null +++ b/test/baseline/dhcp-raw.ek @@ -0,0 +1,8 @@ +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184317","layers":{"dhcp_raw":"0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000","dhcp":{"dhcp_dhcp_option_requested_ip_address_raw":"00000000","dhcp_dhcp_option_requested_ip_address":"0.0.0.0","dhcp_dhcp_hw_type_raw":["01","01"],"dhcp_dhcp_hw_type":["0x01","0x01"],"dhcp_dhcp_ip_your_raw":"00000000","dhcp_dhcp_ip_your":"0.0.0.0","dhcp_dhcp_flags_raw":"0000","dhcp_dhcp_flags":"0x0000","dhcp_dhcp_option_value_raw":["01","01000b8201fc42","00000000","0103062a"],"dhcp_dhcp_option_value":["01","01:00:0b:82:01:fc:42","00:00:00:00","01:03:06:2a"],"dhcp_dhcp_hw_len_raw":"06","dhcp_dhcp_hw_len":"6","dhcp_dhcp_option_length_raw":["01","07","04","04"],"dhcp_dhcp_option_length":["1","7","4","4"],"dhcp_dhcp_flags_bc_raw":"0","dhcp_dhcp_flags_bc":false,"dhcp_dhcp_id_raw":"00003d1d","dhcp_dhcp_id":"0x00003d1d","dhcp_dhcp_hw_mac_addr_raw":["000b8201fc42","000b8201fc42"],"dhcp_dhcp_hw_mac_addr":["00:0b:82:01:fc:42","00:0b:82:01:fc:42"],"dhcp_dhcp_ip_client_raw":"00000000","dhcp_dhcp_ip_client":"0.0.0.0","dhcp_dhcp_secs_raw":"0000","dhcp_dhcp_secs":"0","dhcp_dhcp_server_raw":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","dhcp_dhcp_server":"","dhcp_dhcp_hw_addr_padding_raw":"00000000000000000000","dhcp_dhcp_hw_addr_padding":"00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_type_raw":["350101","3d0701000b8201fc42","320400000000","37040103062a","ff"],"dhcp_dhcp_option_type":["53","61","50","55","0"],"dhcp_dhcp_hops_raw":"00","dhcp_dhcp_hops":"0","dhcp_dhcp_file_raw":"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","dhcp_dhcp_file":"","dhcp_dhcp_ip_server_raw":"00000000","dhcp_dhcp_ip_server":"0.0.0.0","dhcp_dhcp_option_dhcp_raw":"01","dhcp_dhcp_option_dhcp":"1","dhcp_dhcp_option_request_list_item_raw":["01","03","06","2a"],"dhcp_dhcp_option_request_list_item":["1","3","6","42"],"dhcp_dhcp_cookie_raw":"63825363","dhcp_dhcp_cookie":"99.130.83.99","dhcp_dhcp_option_padding_raw":"00000000000000","dhcp_dhcp_option_padding":"00:00:00:00:00:00:00","dhcp_dhcp_ip_relay_raw":"00000000","dhcp_dhcp_ip_relay":"0.0.0.0","dhcp_dhcp_type_raw":"01","dhcp_dhcp_type":"1","dhcp_dhcp_flags_reserved_raw":"0","dhcp_dhcp_flags_reserved":"0x0000","dhcp_dhcp_option_end_raw":"ff","dhcp_dhcp_option_end":"255"},"udp_raw":"004400430118591f","udp":{"udp_udp_time_delta":"0.000000000","udp_udp_dstport_raw":"0043","udp_udp_dstport":"67","udp_udp_checksum_raw":"591f","udp_udp_checksum":"0x591f","udp_udp_port_raw":["0044","0043"],"udp_udp_port":["68","67"],"udp_udp_checksum_status":"2","udp_udp_stream":"0","udp_udp_length_raw":"0118","udp_udp_length":"280","text":"Timestamps","udp_udp_srcport_raw":"0044","udp_udp_srcport":"68","udp_udp_payload_raw":"0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000","udp_udp_payload":"01:01:06:00:00:00:3d:1d:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:01:3d:07:01:00:0b:82:01:fc:42:32:04:00:00:00:00:37:04:01:03:06:2a:ff:00:00:00:00:00:00:00","udp_udp_time_relative":"0.000000000"},"ip_raw":"4500012ca8360000fa11178b00000000ffffffff","ip":{"ip_ip_flags_rb_raw":"0","ip_ip_flags_rb":false,"ip_ip_addr_raw":["00000000","ffffffff"],"ip_ip_addr":["0.0.0.0","255.255.255.255"],"ip_ip_dsfield_ecn_raw":"0","ip_ip_dsfield_ecn":"0","ip_ip_frag_offset_raw":"0","ip_ip_frag_offset":"0","ip_ip_hdr_len_raw":"45","ip_ip_hdr_len":"20","ip_ip_id_raw":"a836","ip_ip_id":"0xa836","ip_ip_version_raw":"45","ip_ip_version":"4","ip_ip_dst_raw":"ffffffff","ip_ip_dst":"255.255.255.255","ip_ip_host_raw":["00000000","ffffffff"],"ip_ip_host":["0.0.0.0","255.255.255.255"],"ip_ip_flags_raw":"0","ip_ip_flags":"0x00","ip_ip_src_host_raw":"00000000","ip_ip_src_host":"0.0.0.0","ip_ip_flags_df_raw":"0","ip_ip_flags_df":false,"ip_ip_len_raw":"012c","ip_ip_len":"300","ip_ip_checksum_status":"2","ip_ip_dst_host_raw":"ffffffff","ip_ip_dst_host":"255.255.255.255","ip_ip_src_raw":"00000000","ip_ip_src":"0.0.0.0","ip_ip_ttl_raw":"fa","ip_ip_ttl":"250","ip_ip_flags_mf_raw":"0","ip_ip_flags_mf":false,"ip_ip_checksum_raw":"178b","ip_ip_checksum":"0x178b","ip_ip_proto_raw":"11","ip_ip_proto":"17","ip_ip_dsfield_dscp_raw":"0","ip_ip_dsfield_dscp":"0","ip_ip_dsfield_raw":"00","ip_ip_dsfield":"0x00"},"frame_raw":"ffffffffffff000b8201fc4208004500012ca8360000fa11178b00000000ffffffff004400430118591f0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000","frame":{"frame_frame_len":"314","frame_frame_marked":false,"frame_frame_number":"1","frame_frame_time_epoch":"2004-12-05T19:16:24.317453000Z","frame_frame_time":"2004-12-05T19:16:24.317453000Z","frame_frame_time_relative":"0.000000000","frame_frame_encap_type":"1","frame_frame_offset_shift":"0.000000000","frame_frame_time_delta_displayed":"0.000000000","frame_frame_time_utc":"2004-12-05T19:16:24.317453000Z","frame_frame_ignored":false,"frame_frame_cap_len":"314","frame_frame_time_delta":"0.000000000","frame_frame_protocols":"eth:ethertype:ip:udp:dhcp"},"eth_raw":"ffffffffffff000b8201fc420800","eth":{"eth_eth_src_lg_raw":"0","eth_eth_src_lg":false,"eth_eth_dst_raw":"ffffffffffff","eth_eth_dst":"ff:ff:ff:ff:ff:ff","eth_eth_lg_raw":["1","0"],"eth_eth_lg":[true,false],"eth_eth_dst_oui_raw":"ffffff","eth_eth_dst_oui":"16777215","eth_eth_addr_oui_raw":["ffffff","000b82"],"eth_eth_addr_oui":["16777215","2946"],"eth_eth_src_resolved_raw":"000b8201fc42","eth_eth_src_resolved":"GrandstreamN_01:fc:42","eth_eth_addr_oui_resolved_raw":"000b8201fc42","eth_eth_addr_oui_resolved":"Grandstream Networks, Inc.","eth_eth_src_oui_resolved_raw":"000b8201fc42","eth_eth_src_oui_resolved":"Grandstream Networks, Inc.","eth_eth_src_oui_raw":"000b82","eth_eth_src_oui":"2946","eth_eth_addr_resolved_raw":["ffffffffffff","000b8201fc42"],"eth_eth_addr_resolved":["Broadcast","GrandstreamN_01:fc:42"],"eth_eth_type_raw":"0800","eth_eth_type":"0x0800","eth_eth_src_raw":"000b8201fc42","eth_eth_src":"00:0b:82:01:fc:42","eth_eth_addr_raw":["ffffffffffff","000b8201fc42"],"eth_eth_addr":["ff:ff:ff:ff:ff:ff","00:0b:82:01:fc:42"],"eth_eth_dst_ig_raw":"1","eth_eth_dst_ig":true,"eth_eth_dst_lg_raw":"1","eth_eth_dst_lg":true,"eth_eth_src_ig_raw":"0","eth_eth_src_ig":false,"eth_eth_ig_raw":["1","0"],"eth_eth_ig":[true,false],"eth_eth_dst_resolved_raw":"ffffffffffff","eth_eth_dst_resolved":"Broadcast"}}} +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184317","layers":{"dhcp_raw":"0201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000","dhcp":{"dhcp_dhcp_option_dhcp_server_id_raw":"c0a80001","dhcp_dhcp_option_dhcp_server_id":"192.168.0.1","dhcp_dhcp_hw_type_raw":"01","dhcp_dhcp_hw_type":"0x01","dhcp_dhcp_ip_your_raw":"c0a8000a","dhcp_dhcp_ip_your":"192.168.0.10","dhcp_dhcp_flags_raw":"0000","dhcp_dhcp_flags":"0x0000","dhcp_dhcp_option_ip_address_lease_time_raw":"00000e10","dhcp_dhcp_option_ip_address_lease_time":"3600","dhcp_dhcp_option_value_raw":["02","ffffff00","00000708","00000c4e","00000e10","c0a80001"],"dhcp_dhcp_option_value":["02","ff:ff:ff:00","00:00:07:08","00:00:0c:4e","00:00:0e:10","c0:a8:00:01"],"dhcp_dhcp_hw_len_raw":"06","dhcp_dhcp_hw_len":"6","dhcp_dhcp_option_length_raw":["01","04","04","04","04","04"],"dhcp_dhcp_option_length":["1","4","4","4","4","4"],"dhcp_dhcp_flags_bc_raw":"0","dhcp_dhcp_flags_bc":false,"dhcp_dhcp_id_raw":"00003d1d","dhcp_dhcp_id":"0x00003d1d","dhcp_dhcp_hw_mac_addr_raw":"000b8201fc42","dhcp_dhcp_hw_mac_addr":"00:0b:82:01:fc:42","dhcp_dhcp_ip_client_raw":"00000000","dhcp_dhcp_ip_client":"0.0.0.0","dhcp_dhcp_secs_raw":"0000","dhcp_dhcp_secs":"0","dhcp_dhcp_server_raw":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","dhcp_dhcp_server":"","dhcp_dhcp_option_end_raw":"ff","dhcp_dhcp_option_end":"255","dhcp_dhcp_hw_addr_padding_raw":"00000000000000000000","dhcp_dhcp_hw_addr_padding":"00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_type_raw":["350102","0104ffffff00","3a0400000708","3b0400000c4e","330400000e10","3604c0a80001","ff"],"dhcp_dhcp_option_type":["53","1","58","59","51","54","0"],"dhcp_dhcp_hops_raw":"00","dhcp_dhcp_hops":"0","dhcp_dhcp_file_raw":"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","dhcp_dhcp_file":"","dhcp_dhcp_ip_server_raw":"c0a80001","dhcp_dhcp_ip_server":"192.168.0.1","dhcp_dhcp_option_dhcp_raw":"02","dhcp_dhcp_option_dhcp":"2","dhcp_dhcp_option_subnet_mask_raw":"ffffff00","dhcp_dhcp_option_subnet_mask":"255.255.255.0","dhcp_dhcp_cookie_raw":"63825363","dhcp_dhcp_cookie":"99.130.83.99","dhcp_dhcp_option_renewal_time_value_raw":"00000708","dhcp_dhcp_option_renewal_time_value":"1800","dhcp_dhcp_ip_relay_raw":"00000000","dhcp_dhcp_ip_relay":"0.0.0.0","dhcp_dhcp_type_raw":"02","dhcp_dhcp_type":"2","dhcp_dhcp_flags_reserved_raw":"0","dhcp_dhcp_flags_reserved":"0x0000","dhcp_dhcp_option_padding_raw":"0000000000000000000000000000000000000000000000000000","dhcp_dhcp_option_padding":"00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_rebinding_time_value_raw":"00000c4e","dhcp_dhcp_option_rebinding_time_value":"3150"},"udp_raw":"0043004401342233","udp":{"udp_udp_time_delta":"0.000000000","udp_udp_dstport_raw":"0044","udp_udp_dstport":"68","udp_udp_checksum_raw":"2233","udp_udp_checksum":"0x2233","udp_udp_port_raw":["0043","0044"],"udp_udp_port":["67","68"],"udp_udp_checksum_status":"2","udp_udp_stream":"1","udp_udp_length_raw":"0134","udp_udp_length":"308","text":"Timestamps","udp_udp_srcport_raw":"0043","udp_udp_srcport":"67","udp_udp_payload_raw":"0201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000","udp_udp_payload":"02:01:06:00:00:00:3d:1d:00:00:00:00:00:00:00:00:c0:a8:00:0a:c0:a8:00:01:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:02:01:04:ff:ff:ff:00:3a:04:00:00:07:08:3b:04:00:00:0c:4e:33:04:00:00:0e:10:36:04:c0:a8:00:01:ff:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00","udp_udp_time_relative":"0.000000000"},"ip_raw":"450001480445000080110000c0a80001c0a8000a","ip":{"ip_ip_flags_rb_raw":"0","ip_ip_flags_rb":false,"ip_ip_addr_raw":["c0a80001","c0a8000a"],"ip_ip_addr":["192.168.0.1","192.168.0.10"],"ip_ip_dsfield_ecn_raw":"0","ip_ip_dsfield_ecn":"0","ip_ip_frag_offset_raw":"0","ip_ip_frag_offset":"0","ip_ip_hdr_len_raw":"45","ip_ip_hdr_len":"20","ip_ip_id_raw":"0445","ip_ip_id":"0x0445","ip_ip_version_raw":"45","ip_ip_version":"4","ip_ip_dst_raw":"c0a8000a","ip_ip_dst":"192.168.0.10","ip_ip_host_raw":["c0a80001","c0a8000a"],"ip_ip_host":["192.168.0.1","192.168.0.10"],"ip_ip_flags_raw":"0","ip_ip_flags":"0x00","ip_ip_src_host_raw":"c0a80001","ip_ip_src_host":"192.168.0.1","ip_ip_flags_df_raw":"0","ip_ip_flags_df":false,"ip_ip_len_raw":"0148","ip_ip_len":"328","ip_ip_checksum_status":"2","ip_ip_dst_host_raw":"c0a8000a","ip_ip_dst_host":"192.168.0.10","ip_ip_src_raw":"c0a80001","ip_ip_src":"192.168.0.1","ip_ip_ttl_raw":"80","ip_ip_ttl":"128","ip_ip_flags_mf_raw":"0","ip_ip_flags_mf":false,"ip_ip_checksum_raw":"0000","ip_ip_checksum":"0x0000","ip_ip_proto_raw":"11","ip_ip_proto":"17","ip_ip_dsfield_dscp_raw":"0","ip_ip_dsfield_dscp":"0","ip_ip_dsfield_raw":"00","ip_ip_dsfield":"0x00"},"frame_raw":"000b8201fc42000874adf19b0800450001480445000080110000c0a80001c0a8000a00430044013422330201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000","frame":{"frame_frame_len":"342","frame_frame_marked":false,"frame_frame_number":"2","frame_frame_time_epoch":"2004-12-05T19:16:24.317748000Z","frame_frame_time":"2004-12-05T19:16:24.317748000Z","frame_frame_time_relative":"0.000295000","frame_frame_encap_type":"1","frame_frame_offset_shift":"0.000000000","frame_frame_time_delta_displayed":"0.000295000","frame_frame_time_utc":"2004-12-05T19:16:24.317748000Z","frame_frame_ignored":false,"frame_frame_cap_len":"342","frame_frame_time_delta":"0.000295000","frame_frame_protocols":"eth:ethertype:ip:udp:dhcp"},"eth_raw":"000b8201fc42000874adf19b0800","eth":{"eth_eth_src_lg_raw":"0","eth_eth_src_lg":false,"eth_eth_dst_raw":"000b8201fc42","eth_eth_dst":"00:0b:82:01:fc:42","eth_eth_lg_raw":["0","0"],"eth_eth_lg":[false,false],"eth_eth_dst_resolved_raw":"000b8201fc42","eth_eth_dst_resolved":"GrandstreamN_01:fc:42","eth_eth_addr_oui_raw":["000b82","000874"],"eth_eth_addr_oui":["2946","2164"],"eth_eth_src_ig_raw":"0","eth_eth_src_ig":false,"eth_eth_src_resolved_raw":"000874adf19b","eth_eth_src_resolved":"Dell_ad:f1:9b","eth_eth_addr_oui_resolved_raw":["000b8201fc42","000874adf19b"],"eth_eth_addr_oui_resolved":["Grandstream Networks, Inc.","Dell Inc."],"eth_eth_src_oui_raw":"000874","eth_eth_src_oui":"2164","eth_eth_src_oui_resolved_raw":"000874adf19b","eth_eth_src_oui_resolved":"Dell Inc.","eth_eth_addr_resolved_raw":["000b8201fc42","000874adf19b"],"eth_eth_addr_resolved":["GrandstreamN_01:fc:42","Dell_ad:f1:9b"],"eth_eth_type_raw":"0800","eth_eth_type":"0x0800","eth_eth_src_raw":"000874adf19b","eth_eth_src":"00:08:74:ad:f1:9b","eth_eth_addr_raw":["000b8201fc42","000874adf19b"],"eth_eth_addr":["00:0b:82:01:fc:42","00:08:74:ad:f1:9b"],"eth_eth_dst_ig_raw":"0","eth_eth_dst_ig":false,"eth_eth_dst_oui_resolved_raw":"000b8201fc42","eth_eth_dst_oui_resolved":"Grandstream Networks, Inc.","eth_eth_dst_lg_raw":"0","eth_eth_dst_lg":false,"eth_eth_ig_raw":["0","0"],"eth_eth_ig":[false,false],"eth_eth_dst_oui_raw":"000b82","eth_eth_dst_oui":"2946"}}} +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184387","layers":{"dhcp_raw":"0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00","dhcp":{"dhcp_dhcp_option_requested_ip_address_raw":"c0a8000a","dhcp_dhcp_option_requested_ip_address":"192.168.0.10","dhcp_dhcp_hw_type_raw":["01","01"],"dhcp_dhcp_hw_type":["0x01","0x01"],"dhcp_dhcp_ip_your_raw":"00000000","dhcp_dhcp_ip_your":"0.0.0.0","dhcp_dhcp_flags_raw":"0000","dhcp_dhcp_flags":"0x0000","dhcp_dhcp_option_value_raw":["03","01000b8201fc42","c0a8000a","c0a80001","0103062a"],"dhcp_dhcp_option_value":["03","01:00:0b:82:01:fc:42","c0:a8:00:0a","c0:a8:00:01","01:03:06:2a"],"dhcp_dhcp_hw_len_raw":"06","dhcp_dhcp_hw_len":"6","dhcp_dhcp_option_length_raw":["01","07","04","04","04"],"dhcp_dhcp_option_length":["1","7","4","4","4"],"dhcp_dhcp_flags_bc_raw":"0","dhcp_dhcp_flags_bc":false,"dhcp_dhcp_id_raw":"00003d1e","dhcp_dhcp_id":"0x00003d1e","dhcp_dhcp_option_dhcp_server_id_raw":"c0a80001","dhcp_dhcp_option_dhcp_server_id":"192.168.0.1","dhcp_dhcp_hw_mac_addr_raw":["000b8201fc42","000b8201fc42"],"dhcp_dhcp_hw_mac_addr":["00:0b:82:01:fc:42","00:0b:82:01:fc:42"],"dhcp_dhcp_ip_client_raw":"00000000","dhcp_dhcp_ip_client":"0.0.0.0","dhcp_dhcp_secs_raw":"0000","dhcp_dhcp_secs":"0","dhcp_dhcp_server_raw":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","dhcp_dhcp_server":"","dhcp_dhcp_hw_addr_padding_raw":"00000000000000000000","dhcp_dhcp_hw_addr_padding":"00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_type_raw":["350103","3d0701000b8201fc42","3204c0a8000a","3604c0a80001","37040103062a","ff"],"dhcp_dhcp_option_type":["53","61","50","54","55","0"],"dhcp_dhcp_hops_raw":"00","dhcp_dhcp_hops":"0","dhcp_dhcp_file_raw":"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","dhcp_dhcp_file":"","dhcp_dhcp_ip_server_raw":"00000000","dhcp_dhcp_ip_server":"0.0.0.0","dhcp_dhcp_option_dhcp_raw":"03","dhcp_dhcp_option_dhcp":"3","dhcp_dhcp_option_request_list_item_raw":["01","03","06","2a"],"dhcp_dhcp_option_request_list_item":["1","3","6","42"],"dhcp_dhcp_cookie_raw":"63825363","dhcp_dhcp_cookie":"99.130.83.99","dhcp_dhcp_option_padding_raw":"00","dhcp_dhcp_option_padding":"00","dhcp_dhcp_ip_relay_raw":"00000000","dhcp_dhcp_ip_relay":"0.0.0.0","dhcp_dhcp_type_raw":"01","dhcp_dhcp_type":"1","dhcp_dhcp_flags_reserved_raw":"0","dhcp_dhcp_flags_reserved":"0x0000","dhcp_dhcp_option_end_raw":"ff","dhcp_dhcp_option_end":"255"},"udp_raw":"0044004301189fbd","udp":{"udp_udp_time_delta":"0.070031000","udp_udp_dstport_raw":"0043","udp_udp_dstport":"67","udp_udp_checksum_raw":"9fbd","udp_udp_checksum":"0x9fbd","udp_udp_port_raw":["0044","0043"],"udp_udp_port":["68","67"],"udp_udp_checksum_status":"2","udp_udp_stream":"0","udp_udp_length_raw":"0118","udp_udp_length":"280","text":"Timestamps","udp_udp_srcport_raw":"0044","udp_udp_srcport":"68","udp_udp_payload_raw":"0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00","udp_udp_payload":"01:01:06:00:00:00:3d:1e:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:03:3d:07:01:00:0b:82:01:fc:42:32:04:c0:a8:00:0a:36:04:c0:a8:00:01:37:04:01:03:06:2a:ff:00","udp_udp_time_relative":"0.070031000"},"ip_raw":"4500012ca8370000fa11178a00000000ffffffff","ip":{"ip_ip_flags_rb_raw":"0","ip_ip_flags_rb":false,"ip_ip_addr_raw":["00000000","ffffffff"],"ip_ip_addr":["0.0.0.0","255.255.255.255"],"ip_ip_dsfield_ecn_raw":"0","ip_ip_dsfield_ecn":"0","ip_ip_frag_offset_raw":"0","ip_ip_frag_offset":"0","ip_ip_hdr_len_raw":"45","ip_ip_hdr_len":"20","ip_ip_id_raw":"a837","ip_ip_id":"0xa837","ip_ip_version_raw":"45","ip_ip_version":"4","ip_ip_dst_raw":"ffffffff","ip_ip_dst":"255.255.255.255","ip_ip_host_raw":["00000000","ffffffff"],"ip_ip_host":["0.0.0.0","255.255.255.255"],"ip_ip_flags_raw":"0","ip_ip_flags":"0x00","ip_ip_src_host_raw":"00000000","ip_ip_src_host":"0.0.0.0","ip_ip_flags_df_raw":"0","ip_ip_flags_df":false,"ip_ip_len_raw":"012c","ip_ip_len":"300","ip_ip_checksum_status":"2","ip_ip_dst_host_raw":"ffffffff","ip_ip_dst_host":"255.255.255.255","ip_ip_src_raw":"00000000","ip_ip_src":"0.0.0.0","ip_ip_ttl_raw":"fa","ip_ip_ttl":"250","ip_ip_flags_mf_raw":"0","ip_ip_flags_mf":false,"ip_ip_checksum_raw":"178a","ip_ip_checksum":"0x178a","ip_ip_proto_raw":"11","ip_ip_proto":"17","ip_ip_dsfield_dscp_raw":"0","ip_ip_dsfield_dscp":"0","ip_ip_dsfield_raw":"00","ip_ip_dsfield":"0x00"},"frame_raw":"ffffffffffff000b8201fc4208004500012ca8370000fa11178a00000000ffffffff0044004301189fbd0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00","frame":{"frame_frame_len":"314","frame_frame_marked":false,"frame_frame_number":"3","frame_frame_time_epoch":"2004-12-05T19:16:24.387484000Z","frame_frame_time":"2004-12-05T19:16:24.387484000Z","frame_frame_time_relative":"0.070031000","frame_frame_encap_type":"1","frame_frame_offset_shift":"0.000000000","frame_frame_time_delta_displayed":"0.069736000","frame_frame_time_utc":"2004-12-05T19:16:24.387484000Z","frame_frame_ignored":false,"frame_frame_cap_len":"314","frame_frame_time_delta":"0.069736000","frame_frame_protocols":"eth:ethertype:ip:udp:dhcp"},"eth_raw":"ffffffffffff000b8201fc420800","eth":{"eth_eth_src_lg_raw":"0","eth_eth_src_lg":false,"eth_eth_dst_raw":"ffffffffffff","eth_eth_dst":"ff:ff:ff:ff:ff:ff","eth_eth_lg_raw":["1","0"],"eth_eth_lg":[true,false],"eth_eth_dst_oui_raw":"ffffff","eth_eth_dst_oui":"16777215","eth_eth_addr_oui_raw":["ffffff","000b82"],"eth_eth_addr_oui":["16777215","2946"],"eth_eth_src_resolved_raw":"000b8201fc42","eth_eth_src_resolved":"GrandstreamN_01:fc:42","eth_eth_addr_oui_resolved_raw":"000b8201fc42","eth_eth_addr_oui_resolved":"Grandstream Networks, Inc.","eth_eth_src_oui_resolved_raw":"000b8201fc42","eth_eth_src_oui_resolved":"Grandstream Networks, Inc.","eth_eth_src_oui_raw":"000b82","eth_eth_src_oui":"2946","eth_eth_addr_resolved_raw":["ffffffffffff","000b8201fc42"],"eth_eth_addr_resolved":["Broadcast","GrandstreamN_01:fc:42"],"eth_eth_type_raw":"0800","eth_eth_type":"0x0800","eth_eth_src_raw":"000b8201fc42","eth_eth_src":"00:0b:82:01:fc:42","eth_eth_addr_raw":["ffffffffffff","000b8201fc42"],"eth_eth_addr":["ff:ff:ff:ff:ff:ff","00:0b:82:01:fc:42"],"eth_eth_dst_ig_raw":"1","eth_eth_dst_ig":true,"eth_eth_dst_lg_raw":"1","eth_eth_dst_lg":true,"eth_eth_src_ig_raw":"0","eth_eth_src_ig":false,"eth_eth_ig_raw":["1","0"],"eth_eth_ig":[true,false],"eth_eth_dst_resolved_raw":"ffffffffffff","eth_eth_dst_resolved":"Broadcast"}}} +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184387","layers":{"dhcp_raw":"0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000","dhcp":{"dhcp_dhcp_option_dhcp_server_id_raw":"c0a80001","dhcp_dhcp_option_dhcp_server_id":"192.168.0.1","dhcp_dhcp_hw_type_raw":"01","dhcp_dhcp_hw_type":"0x01","dhcp_dhcp_ip_your_raw":"c0a8000a","dhcp_dhcp_ip_your":"192.168.0.10","dhcp_dhcp_flags_raw":"0000","dhcp_dhcp_flags":"0x0000","dhcp_dhcp_option_ip_address_lease_time_raw":"00000e10","dhcp_dhcp_option_ip_address_lease_time":"3600","dhcp_dhcp_option_value_raw":["05","00000708","00000c4e","00000e10","c0a80001","ffffff00"],"dhcp_dhcp_option_value":["05","00:00:07:08","00:00:0c:4e","00:00:0e:10","c0:a8:00:01","ff:ff:ff:00"],"dhcp_dhcp_hw_len_raw":"06","dhcp_dhcp_hw_len":"6","dhcp_dhcp_option_length_raw":["01","04","04","04","04","04"],"dhcp_dhcp_option_length":["1","4","4","4","4","4"],"dhcp_dhcp_flags_bc_raw":"0","dhcp_dhcp_flags_bc":false,"dhcp_dhcp_id_raw":"00003d1e","dhcp_dhcp_id":"0x00003d1e","dhcp_dhcp_hw_mac_addr_raw":"000b8201fc42","dhcp_dhcp_hw_mac_addr":"00:0b:82:01:fc:42","dhcp_dhcp_ip_client_raw":"00000000","dhcp_dhcp_ip_client":"0.0.0.0","dhcp_dhcp_secs_raw":"0000","dhcp_dhcp_secs":"0","dhcp_dhcp_server_raw":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","dhcp_dhcp_server":"","dhcp_dhcp_option_end_raw":"ff","dhcp_dhcp_option_end":"255","dhcp_dhcp_hw_addr_padding_raw":"00000000000000000000","dhcp_dhcp_hw_addr_padding":"00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_type_raw":["350105","3a0400000708","3b0400000c4e","330400000e10","3604c0a80001","0104ffffff00","ff"],"dhcp_dhcp_option_type":["53","58","59","51","54","1","0"],"dhcp_dhcp_hops_raw":"00","dhcp_dhcp_hops":"0","dhcp_dhcp_file_raw":"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","dhcp_dhcp_file":"","dhcp_dhcp_ip_server_raw":"00000000","dhcp_dhcp_ip_server":"0.0.0.0","dhcp_dhcp_option_dhcp_raw":"05","dhcp_dhcp_option_dhcp":"5","dhcp_dhcp_option_subnet_mask_raw":"ffffff00","dhcp_dhcp_option_subnet_mask":"255.255.255.0","dhcp_dhcp_cookie_raw":"63825363","dhcp_dhcp_cookie":"99.130.83.99","dhcp_dhcp_option_renewal_time_value_raw":"00000708","dhcp_dhcp_option_renewal_time_value":"1800","dhcp_dhcp_ip_relay_raw":"00000000","dhcp_dhcp_ip_relay":"0.0.0.0","dhcp_dhcp_type_raw":"02","dhcp_dhcp_type":"2","dhcp_dhcp_flags_reserved_raw":"0","dhcp_dhcp_flags_reserved":"0x0000","dhcp_dhcp_option_padding_raw":"0000000000000000000000000000000000000000000000000000","dhcp_dhcp_option_padding":"00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_rebinding_time_value_raw":"00000c4e","dhcp_dhcp_option_rebinding_time_value":"3150"},"udp_raw":"004300440134dfdb","udp":{"udp_udp_time_delta":"0.070050000","udp_udp_dstport_raw":"0044","udp_udp_dstport":"68","udp_udp_checksum_raw":"dfdb","udp_udp_checksum":"0xdfdb","udp_udp_port_raw":["0043","0044"],"udp_udp_port":["67","68"],"udp_udp_checksum_status":"2","udp_udp_stream":"1","udp_udp_length_raw":"0134","udp_udp_length":"308","text":"Timestamps","udp_udp_srcport_raw":"0043","udp_udp_srcport":"67","udp_udp_payload_raw":"0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000","udp_udp_payload":"02:01:06:00:00:00:3d:1e:00:00:00:00:00:00:00:00:c0:a8:00:0a:00:00:00:00:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:05:3a:04:00:00:07:08:3b:04:00:00:0c:4e:33:04:00:00:0e:10:36:04:c0:a8:00:01:01:04:ff:ff:ff:00:ff:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00","udp_udp_time_relative":"0.070050000"},"ip_raw":"450001480446000080110000c0a80001c0a8000a","ip":{"ip_ip_flags_rb_raw":"0","ip_ip_flags_rb":false,"ip_ip_addr_raw":["c0a80001","c0a8000a"],"ip_ip_addr":["192.168.0.1","192.168.0.10"],"ip_ip_dsfield_ecn_raw":"0","ip_ip_dsfield_ecn":"0","ip_ip_frag_offset_raw":"0","ip_ip_frag_offset":"0","ip_ip_hdr_len_raw":"45","ip_ip_hdr_len":"20","ip_ip_id_raw":"0446","ip_ip_id":"0x0446","ip_ip_version_raw":"45","ip_ip_version":"4","ip_ip_dst_raw":"c0a8000a","ip_ip_dst":"192.168.0.10","ip_ip_host_raw":["c0a80001","c0a8000a"],"ip_ip_host":["192.168.0.1","192.168.0.10"],"ip_ip_flags_raw":"0","ip_ip_flags":"0x00","ip_ip_src_host_raw":"c0a80001","ip_ip_src_host":"192.168.0.1","ip_ip_flags_df_raw":"0","ip_ip_flags_df":false,"ip_ip_len_raw":"0148","ip_ip_len":"328","ip_ip_checksum_status":"2","ip_ip_dst_host_raw":"c0a8000a","ip_ip_dst_host":"192.168.0.10","ip_ip_src_raw":"c0a80001","ip_ip_src":"192.168.0.1","ip_ip_ttl_raw":"80","ip_ip_ttl":"128","ip_ip_flags_mf_raw":"0","ip_ip_flags_mf":false,"ip_ip_checksum_raw":"0000","ip_ip_checksum":"0x0000","ip_ip_proto_raw":"11","ip_ip_proto":"17","ip_ip_dsfield_dscp_raw":"0","ip_ip_dsfield_dscp":"0","ip_ip_dsfield_raw":"00","ip_ip_dsfield":"0x00"},"frame_raw":"000b8201fc42000874adf19b0800450001480446000080110000c0a80001c0a8000a004300440134dfdb0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000","frame":{"frame_frame_len":"342","frame_frame_marked":false,"frame_frame_number":"4","frame_frame_time_epoch":"2004-12-05T19:16:24.387798000Z","frame_frame_time":"2004-12-05T19:16:24.387798000Z","frame_frame_time_relative":"0.070345000","frame_frame_encap_type":"1","frame_frame_offset_shift":"0.000000000","frame_frame_time_delta_displayed":"0.000314000","frame_frame_time_utc":"2004-12-05T19:16:24.387798000Z","frame_frame_ignored":false,"frame_frame_cap_len":"342","frame_frame_time_delta":"0.000314000","frame_frame_protocols":"eth:ethertype:ip:udp:dhcp"},"eth_raw":"000b8201fc42000874adf19b0800","eth":{"eth_eth_src_lg_raw":"0","eth_eth_src_lg":false,"eth_eth_dst_raw":"000b8201fc42","eth_eth_dst":"00:0b:82:01:fc:42","eth_eth_lg_raw":["0","0"],"eth_eth_lg":[false,false],"eth_eth_dst_resolved_raw":"000b8201fc42","eth_eth_dst_resolved":"GrandstreamN_01:fc:42","eth_eth_addr_oui_raw":["000b82","000874"],"eth_eth_addr_oui":["2946","2164"],"eth_eth_src_ig_raw":"0","eth_eth_src_ig":false,"eth_eth_src_resolved_raw":"000874adf19b","eth_eth_src_resolved":"Dell_ad:f1:9b","eth_eth_addr_oui_resolved_raw":["000b8201fc42","000874adf19b"],"eth_eth_addr_oui_resolved":["Grandstream Networks, Inc.","Dell Inc."],"eth_eth_src_oui_raw":"000874","eth_eth_src_oui":"2164","eth_eth_src_oui_resolved_raw":"000874adf19b","eth_eth_src_oui_resolved":"Dell Inc.","eth_eth_addr_resolved_raw":["000b8201fc42","000874adf19b"],"eth_eth_addr_resolved":["GrandstreamN_01:fc:42","Dell_ad:f1:9b"],"eth_eth_type_raw":"0800","eth_eth_type":"0x0800","eth_eth_src_raw":"000874adf19b","eth_eth_src":"00:08:74:ad:f1:9b","eth_eth_addr_raw":["000b8201fc42","000874adf19b"],"eth_eth_addr":["00:0b:82:01:fc:42","00:08:74:ad:f1:9b"],"eth_eth_dst_ig_raw":"0","eth_eth_dst_ig":false,"eth_eth_dst_oui_resolved_raw":"000b8201fc42","eth_eth_dst_oui_resolved":"Grandstream Networks, Inc.","eth_eth_dst_lg_raw":"0","eth_eth_dst_lg":false,"eth_eth_ig_raw":["0","0"],"eth_eth_ig":[false,false],"eth_eth_dst_oui_raw":"000b82","eth_eth_dst_oui":"2946"}}} diff --git a/test/baseline/dhcp.ek b/test/baseline/dhcp.ek new file mode 100644 index 00000000..56066182 --- /dev/null +++ b/test/baseline/dhcp.ek @@ -0,0 +1,8 @@ +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184317","layers":{"dhcp":{"dhcp_dhcp_option_requested_ip_address":"0.0.0.0","dhcp_dhcp_hw_type":["0x01","0x01"],"dhcp_dhcp_ip_your":"0.0.0.0","dhcp_dhcp_flags":"0x0000","dhcp_dhcp_option_value":["01","01:00:0b:82:01:fc:42","00:00:00:00","01:03:06:2a"],"dhcp_dhcp_hw_len":"6","dhcp_dhcp_option_length":["1","7","4","4"],"dhcp_dhcp_flags_bc":false,"dhcp_dhcp_id":"0x00003d1d","dhcp_dhcp_hw_mac_addr":["00:0b:82:01:fc:42","00:0b:82:01:fc:42"],"dhcp_dhcp_ip_client":"0.0.0.0","dhcp_dhcp_secs":"0","dhcp_dhcp_server":"","dhcp_dhcp_hw_addr_padding":"00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_type":["53","61","50","55","0"],"dhcp_dhcp_hops":"0","dhcp_dhcp_file":"","dhcp_dhcp_ip_server":"0.0.0.0","dhcp_dhcp_option_dhcp":"1","dhcp_dhcp_option_request_list_item":["1","3","6","42"],"dhcp_dhcp_cookie":"99.130.83.99","dhcp_dhcp_option_padding":"00:00:00:00:00:00:00","dhcp_dhcp_ip_relay":"0.0.0.0","dhcp_dhcp_type":"1","dhcp_dhcp_flags_reserved":"0x0000","dhcp_dhcp_option_end":"255"},"udp":{"udp_udp_time_delta":"0.000000000","udp_udp_dstport":"67","udp_udp_checksum":"0x591f","udp_udp_port":["68","67"],"udp_udp_checksum_status":"2","udp_udp_stream":"0","udp_udp_length":"280","text":"Timestamps","udp_udp_srcport":"68","udp_udp_payload":"01:01:06:00:00:00:3d:1d:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:01:3d:07:01:00:0b:82:01:fc:42:32:04:00:00:00:00:37:04:01:03:06:2a:ff:00:00:00:00:00:00:00","udp_udp_time_relative":"0.000000000"},"ip":{"ip_ip_flags_rb":false,"ip_ip_addr":["0.0.0.0","255.255.255.255"],"ip_ip_dsfield_ecn":"0","ip_ip_frag_offset":"0","ip_ip_hdr_len":"20","ip_ip_id":"0xa836","ip_ip_version":"4","ip_ip_dst":"255.255.255.255","ip_ip_host":["0.0.0.0","255.255.255.255"],"ip_ip_flags":"0x00","ip_ip_src_host":"0.0.0.0","ip_ip_flags_df":false,"ip_ip_len":"300","ip_ip_checksum_status":"2","ip_ip_dst_host":"255.255.255.255","ip_ip_src":"0.0.0.0","ip_ip_ttl":"250","ip_ip_flags_mf":false,"ip_ip_checksum":"0x178b","ip_ip_proto":"17","ip_ip_dsfield_dscp":"0","ip_ip_dsfield":"0x00"},"frame":{"frame_frame_len":"314","frame_frame_marked":false,"frame_frame_number":"1","frame_frame_time_epoch":"2004-12-05T19:16:24.317453000Z","frame_frame_time":"2004-12-05T19:16:24.317453000Z","frame_frame_time_relative":"0.000000000","frame_frame_encap_type":"1","frame_frame_offset_shift":"0.000000000","frame_frame_time_delta_displayed":"0.000000000","frame_frame_time_utc":"2004-12-05T19:16:24.317453000Z","frame_frame_ignored":false,"frame_frame_cap_len":"314","frame_frame_time_delta":"0.000000000","frame_frame_protocols":"eth:ethertype:ip:udp:dhcp"},"eth":{"eth_eth_src_lg":false,"eth_eth_dst":"ff:ff:ff:ff:ff:ff","eth_eth_lg":[true,false],"eth_eth_dst_oui":"16777215","eth_eth_addr_oui":["16777215","2946"],"eth_eth_src_resolved":"GrandstreamN_01:fc:42","eth_eth_addr_oui_resolved":"Grandstream Networks, Inc.","eth_eth_src_oui_resolved":"Grandstream Networks, Inc.","eth_eth_src_oui":"2946","eth_eth_addr_resolved":["Broadcast","GrandstreamN_01:fc:42"],"eth_eth_type":"0x0800","eth_eth_src":"00:0b:82:01:fc:42","eth_eth_addr":["ff:ff:ff:ff:ff:ff","00:0b:82:01:fc:42"],"eth_eth_dst_ig":true,"eth_eth_dst_lg":true,"eth_eth_src_ig":false,"eth_eth_ig":[true,false],"eth_eth_dst_resolved":"Broadcast"}}} +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184317","layers":{"dhcp":{"dhcp_dhcp_option_dhcp_server_id":"192.168.0.1","dhcp_dhcp_hw_type":"0x01","dhcp_dhcp_ip_your":"192.168.0.10","dhcp_dhcp_flags":"0x0000","dhcp_dhcp_option_ip_address_lease_time":"3600","dhcp_dhcp_option_value":["02","ff:ff:ff:00","00:00:07:08","00:00:0c:4e","00:00:0e:10","c0:a8:00:01"],"dhcp_dhcp_hw_len":"6","dhcp_dhcp_option_length":["1","4","4","4","4","4"],"dhcp_dhcp_flags_bc":false,"dhcp_dhcp_id":"0x00003d1d","dhcp_dhcp_hw_mac_addr":"00:0b:82:01:fc:42","dhcp_dhcp_ip_client":"0.0.0.0","dhcp_dhcp_secs":"0","dhcp_dhcp_server":"","dhcp_dhcp_option_end":"255","dhcp_dhcp_hw_addr_padding":"00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_type":["53","1","58","59","51","54","0"],"dhcp_dhcp_hops":"0","dhcp_dhcp_file":"","dhcp_dhcp_ip_server":"192.168.0.1","dhcp_dhcp_option_dhcp":"2","dhcp_dhcp_option_subnet_mask":"255.255.255.0","dhcp_dhcp_cookie":"99.130.83.99","dhcp_dhcp_option_renewal_time_value":"1800","dhcp_dhcp_ip_relay":"0.0.0.0","dhcp_dhcp_type":"2","dhcp_dhcp_flags_reserved":"0x0000","dhcp_dhcp_option_padding":"00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_rebinding_time_value":"3150"},"udp":{"udp_udp_time_delta":"0.000000000","udp_udp_dstport":"68","udp_udp_checksum":"0x2233","udp_udp_port":["67","68"],"udp_udp_checksum_status":"2","udp_udp_stream":"1","udp_udp_length":"308","text":"Timestamps","udp_udp_srcport":"67","udp_udp_payload":"02:01:06:00:00:00:3d:1d:00:00:00:00:00:00:00:00:c0:a8:00:0a:c0:a8:00:01:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:02:01:04:ff:ff:ff:00:3a:04:00:00:07:08:3b:04:00:00:0c:4e:33:04:00:00:0e:10:36:04:c0:a8:00:01:ff:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00","udp_udp_time_relative":"0.000000000"},"ip":{"ip_ip_flags_rb":false,"ip_ip_addr":["192.168.0.1","192.168.0.10"],"ip_ip_dsfield_ecn":"0","ip_ip_frag_offset":"0","ip_ip_hdr_len":"20","ip_ip_id":"0x0445","ip_ip_version":"4","ip_ip_dst":"192.168.0.10","ip_ip_host":["192.168.0.1","192.168.0.10"],"ip_ip_flags":"0x00","ip_ip_src_host":"192.168.0.1","ip_ip_flags_df":false,"ip_ip_len":"328","ip_ip_checksum_status":"2","ip_ip_dst_host":"192.168.0.10","ip_ip_src":"192.168.0.1","ip_ip_ttl":"128","ip_ip_flags_mf":false,"ip_ip_checksum":"0x0000","ip_ip_proto":"17","ip_ip_dsfield_dscp":"0","ip_ip_dsfield":"0x00"},"frame":{"frame_frame_len":"342","frame_frame_marked":false,"frame_frame_number":"2","frame_frame_time_epoch":"2004-12-05T19:16:24.317748000Z","frame_frame_time":"2004-12-05T19:16:24.317748000Z","frame_frame_time_relative":"0.000295000","frame_frame_encap_type":"1","frame_frame_offset_shift":"0.000000000","frame_frame_time_delta_displayed":"0.000295000","frame_frame_time_utc":"2004-12-05T19:16:24.317748000Z","frame_frame_ignored":false,"frame_frame_cap_len":"342","frame_frame_time_delta":"0.000295000","frame_frame_protocols":"eth:ethertype:ip:udp:dhcp"},"eth":{"eth_eth_src_lg":false,"eth_eth_dst":"00:0b:82:01:fc:42","eth_eth_lg":[false,false],"eth_eth_dst_resolved":"GrandstreamN_01:fc:42","eth_eth_addr_oui":["2946","2164"],"eth_eth_src_ig":false,"eth_eth_src_resolved":"Dell_ad:f1:9b","eth_eth_addr_oui_resolved":["Grandstream Networks, Inc.","Dell Inc."],"eth_eth_src_oui":"2164","eth_eth_src_oui_resolved":"Dell Inc.","eth_eth_addr_resolved":["GrandstreamN_01:fc:42","Dell_ad:f1:9b"],"eth_eth_type":"0x0800","eth_eth_src":"00:08:74:ad:f1:9b","eth_eth_addr":["00:0b:82:01:fc:42","00:08:74:ad:f1:9b"],"eth_eth_dst_ig":false,"eth_eth_dst_oui_resolved":"Grandstream Networks, Inc.","eth_eth_dst_lg":false,"eth_eth_ig":[false,false],"eth_eth_dst_oui":"2946"}}} +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184387","layers":{"dhcp":{"dhcp_dhcp_option_requested_ip_address":"192.168.0.10","dhcp_dhcp_hw_type":["0x01","0x01"],"dhcp_dhcp_ip_your":"0.0.0.0","dhcp_dhcp_flags":"0x0000","dhcp_dhcp_option_value":["03","01:00:0b:82:01:fc:42","c0:a8:00:0a","c0:a8:00:01","01:03:06:2a"],"dhcp_dhcp_hw_len":"6","dhcp_dhcp_option_length":["1","7","4","4","4"],"dhcp_dhcp_flags_bc":false,"dhcp_dhcp_id":"0x00003d1e","dhcp_dhcp_option_dhcp_server_id":"192.168.0.1","dhcp_dhcp_hw_mac_addr":["00:0b:82:01:fc:42","00:0b:82:01:fc:42"],"dhcp_dhcp_ip_client":"0.0.0.0","dhcp_dhcp_secs":"0","dhcp_dhcp_server":"","dhcp_dhcp_hw_addr_padding":"00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_type":["53","61","50","54","55","0"],"dhcp_dhcp_hops":"0","dhcp_dhcp_file":"","dhcp_dhcp_ip_server":"0.0.0.0","dhcp_dhcp_option_dhcp":"3","dhcp_dhcp_option_request_list_item":["1","3","6","42"],"dhcp_dhcp_cookie":"99.130.83.99","dhcp_dhcp_option_padding":"00","dhcp_dhcp_ip_relay":"0.0.0.0","dhcp_dhcp_type":"1","dhcp_dhcp_flags_reserved":"0x0000","dhcp_dhcp_option_end":"255"},"udp":{"udp_udp_time_delta":"0.070031000","udp_udp_dstport":"67","udp_udp_checksum":"0x9fbd","udp_udp_port":["68","67"],"udp_udp_checksum_status":"2","udp_udp_stream":"0","udp_udp_length":"280","text":"Timestamps","udp_udp_srcport":"68","udp_udp_payload":"01:01:06:00:00:00:3d:1e:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:03:3d:07:01:00:0b:82:01:fc:42:32:04:c0:a8:00:0a:36:04:c0:a8:00:01:37:04:01:03:06:2a:ff:00","udp_udp_time_relative":"0.070031000"},"ip":{"ip_ip_flags_rb":false,"ip_ip_addr":["0.0.0.0","255.255.255.255"],"ip_ip_dsfield_ecn":"0","ip_ip_frag_offset":"0","ip_ip_hdr_len":"20","ip_ip_id":"0xa837","ip_ip_version":"4","ip_ip_dst":"255.255.255.255","ip_ip_host":["0.0.0.0","255.255.255.255"],"ip_ip_flags":"0x00","ip_ip_src_host":"0.0.0.0","ip_ip_flags_df":false,"ip_ip_len":"300","ip_ip_checksum_status":"2","ip_ip_dst_host":"255.255.255.255","ip_ip_src":"0.0.0.0","ip_ip_ttl":"250","ip_ip_flags_mf":false,"ip_ip_checksum":"0x178a","ip_ip_proto":"17","ip_ip_dsfield_dscp":"0","ip_ip_dsfield":"0x00"},"frame":{"frame_frame_len":"314","frame_frame_marked":false,"frame_frame_number":"3","frame_frame_time_epoch":"2004-12-05T19:16:24.387484000Z","frame_frame_time":"2004-12-05T19:16:24.387484000Z","frame_frame_time_relative":"0.070031000","frame_frame_encap_type":"1","frame_frame_offset_shift":"0.000000000","frame_frame_time_delta_displayed":"0.069736000","frame_frame_time_utc":"2004-12-05T19:16:24.387484000Z","frame_frame_ignored":false,"frame_frame_cap_len":"314","frame_frame_time_delta":"0.069736000","frame_frame_protocols":"eth:ethertype:ip:udp:dhcp"},"eth":{"eth_eth_src_lg":false,"eth_eth_dst":"ff:ff:ff:ff:ff:ff","eth_eth_lg":[true,false],"eth_eth_dst_oui":"16777215","eth_eth_addr_oui":["16777215","2946"],"eth_eth_src_resolved":"GrandstreamN_01:fc:42","eth_eth_addr_oui_resolved":"Grandstream Networks, Inc.","eth_eth_src_oui_resolved":"Grandstream Networks, Inc.","eth_eth_src_oui":"2946","eth_eth_addr_resolved":["Broadcast","GrandstreamN_01:fc:42"],"eth_eth_type":"0x0800","eth_eth_src":"00:0b:82:01:fc:42","eth_eth_addr":["ff:ff:ff:ff:ff:ff","00:0b:82:01:fc:42"],"eth_eth_dst_ig":true,"eth_eth_dst_lg":true,"eth_eth_src_ig":false,"eth_eth_ig":[true,false],"eth_eth_dst_resolved":"Broadcast"}}} +{"index":{"_index":"packets-2004-12-05","_type":"doc"}} +{"timestamp":"1102274184387","layers":{"dhcp":{"dhcp_dhcp_option_dhcp_server_id":"192.168.0.1","dhcp_dhcp_hw_type":"0x01","dhcp_dhcp_ip_your":"192.168.0.10","dhcp_dhcp_flags":"0x0000","dhcp_dhcp_option_ip_address_lease_time":"3600","dhcp_dhcp_option_value":["05","00:00:07:08","00:00:0c:4e","00:00:0e:10","c0:a8:00:01","ff:ff:ff:00"],"dhcp_dhcp_hw_len":"6","dhcp_dhcp_option_length":["1","4","4","4","4","4"],"dhcp_dhcp_flags_bc":false,"dhcp_dhcp_id":"0x00003d1e","dhcp_dhcp_hw_mac_addr":"00:0b:82:01:fc:42","dhcp_dhcp_ip_client":"0.0.0.0","dhcp_dhcp_secs":"0","dhcp_dhcp_server":"","dhcp_dhcp_option_end":"255","dhcp_dhcp_hw_addr_padding":"00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_type":["53","58","59","51","54","1","0"],"dhcp_dhcp_hops":"0","dhcp_dhcp_file":"","dhcp_dhcp_ip_server":"0.0.0.0","dhcp_dhcp_option_dhcp":"5","dhcp_dhcp_option_subnet_mask":"255.255.255.0","dhcp_dhcp_cookie":"99.130.83.99","dhcp_dhcp_option_renewal_time_value":"1800","dhcp_dhcp_ip_relay":"0.0.0.0","dhcp_dhcp_type":"2","dhcp_dhcp_flags_reserved":"0x0000","dhcp_dhcp_option_padding":"00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_option_rebinding_time_value":"3150"},"udp":{"udp_udp_time_delta":"0.070050000","udp_udp_dstport":"68","udp_udp_checksum":"0xdfdb","udp_udp_port":["67","68"],"udp_udp_checksum_status":"2","udp_udp_stream":"1","udp_udp_length":"308","text":"Timestamps","udp_udp_srcport":"67","udp_udp_payload":"02:01:06:00:00:00:3d:1e:00:00:00:00:00:00:00:00:c0:a8:00:0a:00:00:00:00:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:05:3a:04:00:00:07:08:3b:04:00:00:0c:4e:33:04:00:00:0e:10:36:04:c0:a8:00:01:01:04:ff:ff:ff:00:ff:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00","udp_udp_time_relative":"0.070050000"},"ip":{"ip_ip_flags_rb":false,"ip_ip_addr":["192.168.0.1","192.168.0.10"],"ip_ip_dsfield_ecn":"0","ip_ip_frag_offset":"0","ip_ip_hdr_len":"20","ip_ip_id":"0x0446","ip_ip_version":"4","ip_ip_dst":"192.168.0.10","ip_ip_host":["192.168.0.1","192.168.0.10"],"ip_ip_flags":"0x00","ip_ip_src_host":"192.168.0.1","ip_ip_flags_df":false,"ip_ip_len":"328","ip_ip_checksum_status":"2","ip_ip_dst_host":"192.168.0.10","ip_ip_src":"192.168.0.1","ip_ip_ttl":"128","ip_ip_flags_mf":false,"ip_ip_checksum":"0x0000","ip_ip_proto":"17","ip_ip_dsfield_dscp":"0","ip_ip_dsfield":"0x00"},"frame":{"frame_frame_len":"342","frame_frame_marked":false,"frame_frame_number":"4","frame_frame_time_epoch":"2004-12-05T19:16:24.387798000Z","frame_frame_time":"2004-12-05T19:16:24.387798000Z","frame_frame_time_relative":"0.070345000","frame_frame_encap_type":"1","frame_frame_offset_shift":"0.000000000","frame_frame_time_delta_displayed":"0.000314000","frame_frame_time_utc":"2004-12-05T19:16:24.387798000Z","frame_frame_ignored":false,"frame_frame_cap_len":"342","frame_frame_time_delta":"0.000314000","frame_frame_protocols":"eth:ethertype:ip:udp:dhcp"},"eth":{"eth_eth_src_lg":false,"eth_eth_dst":"00:0b:82:01:fc:42","eth_eth_lg":[false,false],"eth_eth_dst_resolved":"GrandstreamN_01:fc:42","eth_eth_addr_oui":["2946","2164"],"eth_eth_src_ig":false,"eth_eth_src_resolved":"Dell_ad:f1:9b","eth_eth_addr_oui_resolved":["Grandstream Networks, Inc.","Dell Inc."],"eth_eth_src_oui":"2164","eth_eth_src_oui_resolved":"Dell Inc.","eth_eth_addr_resolved":["GrandstreamN_01:fc:42","Dell_ad:f1:9b"],"eth_eth_type":"0x0800","eth_eth_src":"00:08:74:ad:f1:9b","eth_eth_addr":["00:0b:82:01:fc:42","00:08:74:ad:f1:9b"],"eth_eth_dst_ig":false,"eth_eth_dst_oui_resolved":"Grandstream Networks, Inc.","eth_eth_dst_lg":false,"eth_eth_ig":[false,false],"eth_eth_dst_oui":"2946"}}} diff --git a/test/baseline/dhcp.json b/test/baseline/dhcp.json new file mode 100644 index 00000000..4e61bf8a --- /dev/null +++ b/test/baseline/dhcp.json @@ -0,0 +1,644 @@ +[ + { + "_index": "packets-2004-12-05", + "_type": "doc", + "_score": null, + "_source": { + "layers": { + "frame": { + "frame.encap_type": "1", + "frame.time": "Dec 5, 2004 19:16:24.317453000 UTC", + "frame.time_utc": "Dec 5, 2004 19:16:24.317453000 UTC", + "frame.time_epoch": "1102274184.317453000", + "frame.offset_shift": "0.000000000", + "frame.time_delta": "0.000000000", + "frame.time_delta_displayed": "0.000000000", + "frame.time_relative": "0.000000000", + "frame.number": "1", + "frame.len": "314", + "frame.cap_len": "314", + "frame.marked": "0", + "frame.ignored": "0", + "frame.protocols": "eth:ethertype:ip:udp:dhcp" + }, + "eth": { + "eth.dst": "ff:ff:ff:ff:ff:ff", + "eth.dst_tree": { + "eth.dst_resolved": "Broadcast", + "eth.dst.oui": "16777215", + "eth.addr": "ff:ff:ff:ff:ff:ff", + "eth.addr_resolved": "Broadcast", + "eth.addr.oui": "16777215", + "eth.dst.lg": "1", + "eth.lg": "1", + "eth.dst.ig": "1", + "eth.ig": "1" + }, + "eth.src": "00:0b:82:01:fc:42", + "eth.src_tree": { + "eth.src_resolved": "GrandstreamN_01:fc:42", + "eth.src.oui": "2946", + "eth.src.oui_resolved": "Grandstream Networks, Inc.", + "eth.addr": "00:0b:82:01:fc:42", + "eth.addr_resolved": "GrandstreamN_01:fc:42", + "eth.addr.oui": "2946", + "eth.addr.oui_resolved": "Grandstream Networks, Inc.", + "eth.src.lg": "0", + "eth.lg": "0", + "eth.src.ig": "0", + "eth.ig": "0" + }, + "eth.type": "0x0800" + }, + "ip": { + "ip.version": "4", + "ip.hdr_len": "20", + "ip.dsfield": "0x00", + "ip.dsfield_tree": { + "ip.dsfield.dscp": "0", + "ip.dsfield.ecn": "0" + }, + "ip.len": "300", + "ip.id": "0xa836", + "ip.flags": "0x00", + "ip.flags_tree": { + "ip.flags.rb": "0", + "ip.flags.df": "0", + "ip.flags.mf": "0" + }, + "ip.frag_offset": "0", + "ip.ttl": "250", + "ip.proto": "17", + "ip.checksum": "0x178b", + "ip.checksum.status": "2", + "ip.src": "0.0.0.0", + "ip.addr": "0.0.0.0", + "ip.src_host": "0.0.0.0", + "ip.host": "0.0.0.0", + "ip.dst": "255.255.255.255", + "ip.addr": "255.255.255.255", + "ip.dst_host": "255.255.255.255", + "ip.host": "255.255.255.255" + }, + "udp": { + "udp.srcport": "68", + "udp.dstport": "67", + "udp.port": "68", + "udp.port": "67", + "udp.length": "280", + "udp.checksum": "0x591f", + "udp.checksum.status": "2", + "udp.stream": "0", + "Timestamps": { + "udp.time_relative": "0.000000000", + "udp.time_delta": "0.000000000" + }, + "udp.payload": "01:01:06:00:00:00:3d:1d:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:01:3d:07:01:00:0b:82:01:fc:42:32:04:00:00:00:00:37:04:01:03:06:2a:ff:00:00:00:00:00:00:00" + }, + "dhcp": { + "dhcp.type": "1", + "dhcp.hw.type": "0x01", + "dhcp.hw.len": "6", + "dhcp.hops": "0", + "dhcp.id": "0x00003d1d", + "dhcp.secs": "0", + "dhcp.flags": "0x0000", + "dhcp.flags_tree": { + "dhcp.flags.bc": "0", + "dhcp.flags.reserved": "0x0000" + }, + "dhcp.ip.client": "0.0.0.0", + "dhcp.ip.your": "0.0.0.0", + "dhcp.ip.server": "0.0.0.0", + "dhcp.ip.relay": "0.0.0.0", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42", + "dhcp.hw.addr_padding": "00:00:00:00:00:00:00:00:00:00", + "dhcp.server": "", + "dhcp.file": "", + "dhcp.cookie": "99.130.83.99", + "dhcp.option.type": "53", + "dhcp.option.type_tree": { + "dhcp.option.length": "1", + "dhcp.option.value": "01", + "dhcp.option.dhcp": "1" + }, + "dhcp.option.type": "61", + "dhcp.option.type_tree": { + "dhcp.option.length": "7", + "dhcp.option.value": "01:00:0b:82:01:fc:42", + "dhcp.hw.type": "0x01", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42" + }, + "dhcp.option.type": "50", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:00:00", + "dhcp.option.requested_ip_address": "0.0.0.0" + }, + "dhcp.option.type": "55", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "01:03:06:2a", + "dhcp.option.request_list_item": "1", + "dhcp.option.request_list_item": "3", + "dhcp.option.request_list_item": "6", + "dhcp.option.request_list_item": "42" + }, + "dhcp.option.type": "0", + "dhcp.option.type_tree": { + "dhcp.option.end": "255" + }, + "dhcp.option.padding": "00:00:00:00:00:00:00" + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "doc", + "_score": null, + "_source": { + "layers": { + "frame": { + "frame.encap_type": "1", + "frame.time": "Dec 5, 2004 19:16:24.317748000 UTC", + "frame.time_utc": "Dec 5, 2004 19:16:24.317748000 UTC", + "frame.time_epoch": "1102274184.317748000", + "frame.offset_shift": "0.000000000", + "frame.time_delta": "0.000295000", + "frame.time_delta_displayed": "0.000295000", + "frame.time_relative": "0.000295000", + "frame.number": "2", + "frame.len": "342", + "frame.cap_len": "342", + "frame.marked": "0", + "frame.ignored": "0", + "frame.protocols": "eth:ethertype:ip:udp:dhcp" + }, + "eth": { + "eth.dst": "00:0b:82:01:fc:42", + "eth.dst_tree": { + "eth.dst_resolved": "GrandstreamN_01:fc:42", + "eth.dst.oui": "2946", + "eth.dst.oui_resolved": "Grandstream Networks, Inc.", + "eth.addr": "00:0b:82:01:fc:42", + "eth.addr_resolved": "GrandstreamN_01:fc:42", + "eth.addr.oui": "2946", + "eth.addr.oui_resolved": "Grandstream Networks, Inc.", + "eth.dst.lg": "0", + "eth.lg": "0", + "eth.dst.ig": "0", + "eth.ig": "0" + }, + "eth.src": "00:08:74:ad:f1:9b", + "eth.src_tree": { + "eth.src_resolved": "Dell_ad:f1:9b", + "eth.src.oui": "2164", + "eth.src.oui_resolved": "Dell Inc.", + "eth.addr": "00:08:74:ad:f1:9b", + "eth.addr_resolved": "Dell_ad:f1:9b", + "eth.addr.oui": "2164", + "eth.addr.oui_resolved": "Dell Inc.", + "eth.src.lg": "0", + "eth.lg": "0", + "eth.src.ig": "0", + "eth.ig": "0" + }, + "eth.type": "0x0800" + }, + "ip": { + "ip.version": "4", + "ip.hdr_len": "20", + "ip.dsfield": "0x00", + "ip.dsfield_tree": { + "ip.dsfield.dscp": "0", + "ip.dsfield.ecn": "0" + }, + "ip.len": "328", + "ip.id": "0x0445", + "ip.flags": "0x00", + "ip.flags_tree": { + "ip.flags.rb": "0", + "ip.flags.df": "0", + "ip.flags.mf": "0" + }, + "ip.frag_offset": "0", + "ip.ttl": "128", + "ip.proto": "17", + "ip.checksum": "0x0000", + "ip.checksum.status": "2", + "ip.src": "192.168.0.1", + "ip.addr": "192.168.0.1", + "ip.src_host": "192.168.0.1", + "ip.host": "192.168.0.1", + "ip.dst": "192.168.0.10", + "ip.addr": "192.168.0.10", + "ip.dst_host": "192.168.0.10", + "ip.host": "192.168.0.10" + }, + "udp": { + "udp.srcport": "67", + "udp.dstport": "68", + "udp.port": "67", + "udp.port": "68", + "udp.length": "308", + "udp.checksum": "0x2233", + "udp.checksum.status": "2", + "udp.stream": "1", + "Timestamps": { + "udp.time_relative": "0.000000000", + "udp.time_delta": "0.000000000" + }, + "udp.payload": "02:01:06:00:00:00:3d:1d:00:00:00:00:00:00:00:00:c0:a8:00:0a:c0:a8:00:01:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:02:01:04:ff:ff:ff:00:3a:04:00:00:07:08:3b:04:00:00:0c:4e:33:04:00:00:0e:10:36:04:c0:a8:00:01:ff:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" + }, + "dhcp": { + "dhcp.type": "2", + "dhcp.hw.type": "0x01", + "dhcp.hw.len": "6", + "dhcp.hops": "0", + "dhcp.id": "0x00003d1d", + "dhcp.secs": "0", + "dhcp.flags": "0x0000", + "dhcp.flags_tree": { + "dhcp.flags.bc": "0", + "dhcp.flags.reserved": "0x0000" + }, + "dhcp.ip.client": "0.0.0.0", + "dhcp.ip.your": "192.168.0.10", + "dhcp.ip.server": "192.168.0.1", + "dhcp.ip.relay": "0.0.0.0", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42", + "dhcp.hw.addr_padding": "00:00:00:00:00:00:00:00:00:00", + "dhcp.server": "", + "dhcp.file": "", + "dhcp.cookie": "99.130.83.99", + "dhcp.option.type": "53", + "dhcp.option.type_tree": { + "dhcp.option.length": "1", + "dhcp.option.value": "02", + "dhcp.option.dhcp": "2" + }, + "dhcp.option.type": "1", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "ff:ff:ff:00", + "dhcp.option.subnet_mask": "255.255.255.0" + }, + "dhcp.option.type": "58", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:07:08", + "dhcp.option.renewal_time_value": "1800" + }, + "dhcp.option.type": "59", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:0c:4e", + "dhcp.option.rebinding_time_value": "3150" + }, + "dhcp.option.type": "51", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:0e:10", + "dhcp.option.ip_address_lease_time": "3600" + }, + "dhcp.option.type": "54", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "c0:a8:00:01", + "dhcp.option.dhcp_server_id": "192.168.0.1" + }, + "dhcp.option.type": "0", + "dhcp.option.type_tree": { + "dhcp.option.end": "255" + }, + "dhcp.option.padding": "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "doc", + "_score": null, + "_source": { + "layers": { + "frame": { + "frame.encap_type": "1", + "frame.time": "Dec 5, 2004 19:16:24.387484000 UTC", + "frame.time_utc": "Dec 5, 2004 19:16:24.387484000 UTC", + "frame.time_epoch": "1102274184.387484000", + "frame.offset_shift": "0.000000000", + "frame.time_delta": "0.069736000", + "frame.time_delta_displayed": "0.069736000", + "frame.time_relative": "0.070031000", + "frame.number": "3", + "frame.len": "314", + "frame.cap_len": "314", + "frame.marked": "0", + "frame.ignored": "0", + "frame.protocols": "eth:ethertype:ip:udp:dhcp" + }, + "eth": { + "eth.dst": "ff:ff:ff:ff:ff:ff", + "eth.dst_tree": { + "eth.dst_resolved": "Broadcast", + "eth.dst.oui": "16777215", + "eth.addr": "ff:ff:ff:ff:ff:ff", + "eth.addr_resolved": "Broadcast", + "eth.addr.oui": "16777215", + "eth.dst.lg": "1", + "eth.lg": "1", + "eth.dst.ig": "1", + "eth.ig": "1" + }, + "eth.src": "00:0b:82:01:fc:42", + "eth.src_tree": { + "eth.src_resolved": "GrandstreamN_01:fc:42", + "eth.src.oui": "2946", + "eth.src.oui_resolved": "Grandstream Networks, Inc.", + "eth.addr": "00:0b:82:01:fc:42", + "eth.addr_resolved": "GrandstreamN_01:fc:42", + "eth.addr.oui": "2946", + "eth.addr.oui_resolved": "Grandstream Networks, Inc.", + "eth.src.lg": "0", + "eth.lg": "0", + "eth.src.ig": "0", + "eth.ig": "0" + }, + "eth.type": "0x0800" + }, + "ip": { + "ip.version": "4", + "ip.hdr_len": "20", + "ip.dsfield": "0x00", + "ip.dsfield_tree": { + "ip.dsfield.dscp": "0", + "ip.dsfield.ecn": "0" + }, + "ip.len": "300", + "ip.id": "0xa837", + "ip.flags": "0x00", + "ip.flags_tree": { + "ip.flags.rb": "0", + "ip.flags.df": "0", + "ip.flags.mf": "0" + }, + "ip.frag_offset": "0", + "ip.ttl": "250", + "ip.proto": "17", + "ip.checksum": "0x178a", + "ip.checksum.status": "2", + "ip.src": "0.0.0.0", + "ip.addr": "0.0.0.0", + "ip.src_host": "0.0.0.0", + "ip.host": "0.0.0.0", + "ip.dst": "255.255.255.255", + "ip.addr": "255.255.255.255", + "ip.dst_host": "255.255.255.255", + "ip.host": "255.255.255.255" + }, + "udp": { + "udp.srcport": "68", + "udp.dstport": "67", + "udp.port": "68", + "udp.port": "67", + "udp.length": "280", + "udp.checksum": "0x9fbd", + "udp.checksum.status": "2", + "udp.stream": "0", + "Timestamps": { + "udp.time_relative": "0.070031000", + "udp.time_delta": "0.070031000" + }, + "udp.payload": "01:01:06:00:00:00:3d:1e:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:03:3d:07:01:00:0b:82:01:fc:42:32:04:c0:a8:00:0a:36:04:c0:a8:00:01:37:04:01:03:06:2a:ff:00" + }, + "dhcp": { + "dhcp.type": "1", + "dhcp.hw.type": "0x01", + "dhcp.hw.len": "6", + "dhcp.hops": "0", + "dhcp.id": "0x00003d1e", + "dhcp.secs": "0", + "dhcp.flags": "0x0000", + "dhcp.flags_tree": { + "dhcp.flags.bc": "0", + "dhcp.flags.reserved": "0x0000" + }, + "dhcp.ip.client": "0.0.0.0", + "dhcp.ip.your": "0.0.0.0", + "dhcp.ip.server": "0.0.0.0", + "dhcp.ip.relay": "0.0.0.0", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42", + "dhcp.hw.addr_padding": "00:00:00:00:00:00:00:00:00:00", + "dhcp.server": "", + "dhcp.file": "", + "dhcp.cookie": "99.130.83.99", + "dhcp.option.type": "53", + "dhcp.option.type_tree": { + "dhcp.option.length": "1", + "dhcp.option.value": "03", + "dhcp.option.dhcp": "3" + }, + "dhcp.option.type": "61", + "dhcp.option.type_tree": { + "dhcp.option.length": "7", + "dhcp.option.value": "01:00:0b:82:01:fc:42", + "dhcp.hw.type": "0x01", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42" + }, + "dhcp.option.type": "50", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "c0:a8:00:0a", + "dhcp.option.requested_ip_address": "192.168.0.10" + }, + "dhcp.option.type": "54", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "c0:a8:00:01", + "dhcp.option.dhcp_server_id": "192.168.0.1" + }, + "dhcp.option.type": "55", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "01:03:06:2a", + "dhcp.option.request_list_item": "1", + "dhcp.option.request_list_item": "3", + "dhcp.option.request_list_item": "6", + "dhcp.option.request_list_item": "42" + }, + "dhcp.option.type": "0", + "dhcp.option.type_tree": { + "dhcp.option.end": "255" + }, + "dhcp.option.padding": "00" + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "doc", + "_score": null, + "_source": { + "layers": { + "frame": { + "frame.encap_type": "1", + "frame.time": "Dec 5, 2004 19:16:24.387798000 UTC", + "frame.time_utc": "Dec 5, 2004 19:16:24.387798000 UTC", + "frame.time_epoch": "1102274184.387798000", + "frame.offset_shift": "0.000000000", + "frame.time_delta": "0.000314000", + "frame.time_delta_displayed": "0.000314000", + "frame.time_relative": "0.070345000", + "frame.number": "4", + "frame.len": "342", + "frame.cap_len": "342", + "frame.marked": "0", + "frame.ignored": "0", + "frame.protocols": "eth:ethertype:ip:udp:dhcp" + }, + "eth": { + "eth.dst": "00:0b:82:01:fc:42", + "eth.dst_tree": { + "eth.dst_resolved": "GrandstreamN_01:fc:42", + "eth.dst.oui": "2946", + "eth.dst.oui_resolved": "Grandstream Networks, Inc.", + "eth.addr": "00:0b:82:01:fc:42", + "eth.addr_resolved": "GrandstreamN_01:fc:42", + "eth.addr.oui": "2946", + "eth.addr.oui_resolved": "Grandstream Networks, Inc.", + "eth.dst.lg": "0", + "eth.lg": "0", + "eth.dst.ig": "0", + "eth.ig": "0" + }, + "eth.src": "00:08:74:ad:f1:9b", + "eth.src_tree": { + "eth.src_resolved": "Dell_ad:f1:9b", + "eth.src.oui": "2164", + "eth.src.oui_resolved": "Dell Inc.", + "eth.addr": "00:08:74:ad:f1:9b", + "eth.addr_resolved": "Dell_ad:f1:9b", + "eth.addr.oui": "2164", + "eth.addr.oui_resolved": "Dell Inc.", + "eth.src.lg": "0", + "eth.lg": "0", + "eth.src.ig": "0", + "eth.ig": "0" + }, + "eth.type": "0x0800" + }, + "ip": { + "ip.version": "4", + "ip.hdr_len": "20", + "ip.dsfield": "0x00", + "ip.dsfield_tree": { + "ip.dsfield.dscp": "0", + "ip.dsfield.ecn": "0" + }, + "ip.len": "328", + "ip.id": "0x0446", + "ip.flags": "0x00", + "ip.flags_tree": { + "ip.flags.rb": "0", + "ip.flags.df": "0", + "ip.flags.mf": "0" + }, + "ip.frag_offset": "0", + "ip.ttl": "128", + "ip.proto": "17", + "ip.checksum": "0x0000", + "ip.checksum.status": "2", + "ip.src": "192.168.0.1", + "ip.addr": "192.168.0.1", + "ip.src_host": "192.168.0.1", + "ip.host": "192.168.0.1", + "ip.dst": "192.168.0.10", + "ip.addr": "192.168.0.10", + "ip.dst_host": "192.168.0.10", + "ip.host": "192.168.0.10" + }, + "udp": { + "udp.srcport": "67", + "udp.dstport": "68", + "udp.port": "67", + "udp.port": "68", + "udp.length": "308", + "udp.checksum": "0xdfdb", + "udp.checksum.status": "2", + "udp.stream": "1", + "Timestamps": { + "udp.time_relative": "0.070050000", + "udp.time_delta": "0.070050000" + }, + "udp.payload": "02:01:06:00:00:00:3d:1e:00:00:00:00:00:00:00:00:c0:a8:00:0a:00:00:00:00:00:00:00:00:00:0b:82:01:fc:42:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:05:3a:04:00:00:07:08:3b:04:00:00:0c:4e:33:04:00:00:0e:10:36:04:c0:a8:00:01:01:04:ff:ff:ff:00:ff:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" + }, + "dhcp": { + "dhcp.type": "2", + "dhcp.hw.type": "0x01", + "dhcp.hw.len": "6", + "dhcp.hops": "0", + "dhcp.id": "0x00003d1e", + "dhcp.secs": "0", + "dhcp.flags": "0x0000", + "dhcp.flags_tree": { + "dhcp.flags.bc": "0", + "dhcp.flags.reserved": "0x0000" + }, + "dhcp.ip.client": "0.0.0.0", + "dhcp.ip.your": "192.168.0.10", + "dhcp.ip.server": "0.0.0.0", + "dhcp.ip.relay": "0.0.0.0", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42", + "dhcp.hw.addr_padding": "00:00:00:00:00:00:00:00:00:00", + "dhcp.server": "", + "dhcp.file": "", + "dhcp.cookie": "99.130.83.99", + "dhcp.option.type": "53", + "dhcp.option.type_tree": { + "dhcp.option.length": "1", + "dhcp.option.value": "05", + "dhcp.option.dhcp": "5" + }, + "dhcp.option.type": "58", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:07:08", + "dhcp.option.renewal_time_value": "1800" + }, + "dhcp.option.type": "59", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:0c:4e", + "dhcp.option.rebinding_time_value": "3150" + }, + "dhcp.option.type": "51", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:0e:10", + "dhcp.option.ip_address_lease_time": "3600" + }, + "dhcp.option.type": "54", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "c0:a8:00:01", + "dhcp.option.dhcp_server_id": "192.168.0.1" + }, + "dhcp.option.type": "1", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "ff:ff:ff:00", + "dhcp.option.subnet_mask": "255.255.255.0" + }, + "dhcp.option.type": "0", + "dhcp.option.type_tree": { + "dhcp.option.end": "255" + }, + "dhcp.option.padding": "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" + } + } + } + } +] diff --git a/test/baseline/dhcp.jsonraw b/test/baseline/dhcp.jsonraw new file mode 100644 index 00000000..69a75262 --- /dev/null +++ b/test/baseline/dhcp.jsonraw @@ -0,0 +1,3592 @@ +[ + { + "_index": "packets-2004-12-05", + "_type": "doc", + "_score": null, + "_source": { + "layers": { + "frame_raw": [ + "ffffffffffff000b8201fc4208004500012ca8360000fa11178b00000000ffffffff004400430118591f0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000", + 0, + 314, + 0, + 1 + ], + "frame": { + "frame.encap_type_raw": [ + "", + 0, + 0, + 0, + 13 + ], + "frame.time_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.time_utc_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.time_epoch_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.offset_shift_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_displayed_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_relative_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.number_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.cap_len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.marked_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.ignored_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.protocols_raw": [ + "", + 0, + 0, + 0, + 26 + ] + }, + "eth_raw": [ + "ffffffffffff000b8201fc420800", + 0, + 14, + 0, + 1 + ], + "eth": { + "eth.dst_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 29 + ], + "eth.dst_tree": { + "eth.dst_resolved_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 26 + ], + "eth.dst.oui_raw": [ + "ffffff", + 0, + 3, + 0, + 6 + ], + "eth.addr_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 26 + ], + "eth.addr.oui_raw": [ + "ffffff", + 0, + 3, + 0, + 6 + ], + "eth.dst.lg_raw": [ + "1", + 0, + 3, + 131072, + 2 + ], + "eth.lg_raw": [ + "1", + 0, + 3, + 131072, + 2 + ], + "eth.dst.ig_raw": [ + "1", + 0, + 3, + 65536, + 2 + ], + "eth.ig_raw": [ + "1", + 0, + 3, + 65536, + 2 + ] + }, + "eth.src_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 29 + ], + "eth.src_tree": { + "eth.src_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.src.oui_raw": [ + "000b82", + 6, + 3, + 0, + 6 + ], + "eth.src.oui_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.addr.oui_raw": [ + "000b82", + 6, + 3, + 0, + 6 + ], + "eth.addr.oui_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.src.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.src.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ], + "eth.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ] + }, + "eth.type_raw": [ + "0800", + 12, + 2, + 0, + 5 + ] + }, + "ip_raw": [ + "4500012ca8360000fa11178b00000000ffffffff", + 14, + 20, + 0, + 1 + ], + "ip": { + "ip.version_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.hdr_len_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.dsfield_raw": [ + "00", + 15, + 1, + 0, + 4 + ], + "ip.dsfield_tree": { + "ip.dsfield.dscp_raw": [ + "0", + 15, + 1, + 252, + 4 + ], + "ip.dsfield.ecn_raw": [ + "0", + 15, + 1, + 3, + 4 + ] + }, + "ip.len_raw": [ + "012c", + 16, + 2, + 0, + 5 + ], + "ip.id_raw": [ + "a836", + 18, + 2, + 0, + 5 + ], + "ip.flags_raw": [ + "0", + 20, + 1, + 224, + 4 + ], + "ip.flags_tree": { + "ip.flags.rb_raw": [ + "0", + 20, + 1, + 128, + 2 + ], + "ip.flags.df_raw": [ + "0", + 20, + 1, + 64, + 2 + ], + "ip.flags.mf_raw": [ + "0", + 20, + 1, + 32, + 2 + ] + }, + "ip.frag_offset_raw": [ + "0", + 20, + 2, + 8191, + 5 + ], + "ip.ttl_raw": [ + "fa", + 22, + 1, + 0, + 4 + ], + "ip.proto_raw": [ + "11", + 23, + 1, + 0, + 4 + ], + "ip.checksum_raw": [ + "178b", + 24, + 2, + 0, + 5 + ], + "ip.checksum.status_raw": [ + "", + 24, + 0, + 0, + 4 + ], + "ip.src_raw": [ + "00000000", + 26, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "00000000", + 26, + 4, + 0, + 32 + ], + "ip.src_host_raw": [ + "00000000", + 26, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "00000000", + 26, + 4, + 0, + 26 + ], + "ip.dst_raw": [ + "ffffffff", + 30, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "ffffffff", + 30, + 4, + 0, + 32 + ], + "ip.dst_host_raw": [ + "ffffffff", + 30, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "ffffffff", + 30, + 4, + 0, + 26 + ] + }, + "udp_raw": [ + "004400430118591f", + 34, + 8, + 0, + 1 + ], + "udp": { + "udp.srcport_raw": [ + "0044", + 34, + 2, + 0, + 5 + ], + "udp.dstport_raw": [ + "0043", + 36, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0044", + 34, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0043", + 36, + 2, + 0, + 5 + ], + "udp.length_raw": [ + "0118", + 38, + 2, + 0, + 5 + ], + "udp.checksum_raw": [ + "591f", + 40, + 2, + 0, + 5 + ], + "udp.checksum.status_raw": [ + "", + 40, + 0, + 0, + 4 + ], + "udp.stream_raw": [ + "", + 42, + 0, + 0, + 7 + ], + "Timestamps": { + "udp.time_relative_raw": [ + "", + 34, + 0, + 0, + 25 + ], + "udp.time_delta_raw": [ + "", + 34, + 0, + 0, + 25 + ] + }, + "udp.payload_raw": [ + "0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000", + 42, + 272, + 0, + 30 + ] + }, + "dhcp_raw": [ + "0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000", + 42, + 272, + 0, + 1 + ], + "dhcp": { + "dhcp.type_raw": [ + "01", + 42, + 1, + 0, + 4 + ], + "dhcp.hw.type_raw": [ + "01", + 43, + 1, + 0, + 4 + ], + "dhcp.hw.len_raw": [ + "06", + 44, + 1, + 0, + 4 + ], + "dhcp.hops_raw": [ + "00", + 45, + 1, + 0, + 4 + ], + "dhcp.id_raw": [ + "00003d1d", + 46, + 4, + 0, + 7 + ], + "dhcp.secs_raw": [ + "0000", + 50, + 2, + 0, + 5 + ], + "dhcp.flags_raw": [ + "0000", + 52, + 2, + 0, + 5 + ], + "dhcp.flags_tree": { + "dhcp.flags.bc_raw": [ + "0", + 52, + 2, + 32768, + 2 + ], + "dhcp.flags.reserved_raw": [ + "0", + 52, + 2, + 32767, + 5 + ] + }, + "dhcp.ip.client_raw": [ + "00000000", + 54, + 4, + 0, + 32 + ], + "dhcp.ip.your_raw": [ + "00000000", + 58, + 4, + 0, + 32 + ], + "dhcp.ip.server_raw": [ + "00000000", + 62, + 4, + 0, + 32 + ], + "dhcp.ip.relay_raw": [ + "00000000", + 66, + 4, + 0, + 32 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 70, + 6, + 0, + 29 + ], + "dhcp.hw.addr_padding_raw": [ + "00000000000000000000", + 76, + 10, + 0, + 30 + ], + "dhcp.server_raw": [ + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 86, + 64, + 0, + 26 + ], + "dhcp.file_raw": [ + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 150, + 128, + 0, + 26 + ], + "dhcp.cookie_raw": [ + "63825363", + 278, + 4, + 0, + 32 + ], + "dhcp.option.type_raw": [ + "350101", + 282, + 3, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "01", + 283, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "01", + 284, + 1, + 0, + 30 + ], + "dhcp.option.dhcp_raw": [ + "01", + 284, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "3d0701000b8201fc42", + 285, + 9, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "07", + 286, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "01000b8201fc42", + 287, + 7, + 0, + 30 + ], + "dhcp.hw.type_raw": [ + "01", + 287, + 1, + 0, + 4 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 288, + 6, + 0, + 29 + ] + }, + "dhcp.option.type_raw": [ + "320400000000", + 294, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 295, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000000", + 296, + 4, + 0, + 30 + ], + "dhcp.option.requested_ip_address_raw": [ + "00000000", + 296, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "37040103062a", + 300, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 301, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "0103062a", + 302, + 4, + 0, + 30 + ], + "dhcp.option.request_list_item_raw": [ + "01", + 302, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "03", + 303, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "06", + 304, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "2a", + 305, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "ff", + 306, + 1, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.end_raw": [ + "ff", + 306, + 1, + 0, + 4 + ] + }, + "dhcp.option.padding_raw": [ + "00000000000000", + 307, + 7, + 0, + 30 + ] + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "doc", + "_score": null, + "_source": { + "layers": { + "frame_raw": [ + "000b8201fc42000874adf19b0800450001480445000080110000c0a80001c0a8000a00430044013422330201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000", + 0, + 342, + 0, + 1 + ], + "frame": { + "frame.encap_type_raw": [ + "", + 0, + 0, + 0, + 13 + ], + "frame.time_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.time_utc_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.time_epoch_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.offset_shift_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_displayed_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_relative_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.number_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.cap_len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.marked_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.ignored_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.protocols_raw": [ + "", + 0, + 0, + 0, + 26 + ] + }, + "eth_raw": [ + "000b8201fc42000874adf19b0800", + 0, + 14, + 0, + 1 + ], + "eth": { + "eth.dst_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 29 + ], + "eth.dst_tree": { + "eth.dst_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.dst.oui_raw": [ + "000b82", + 0, + 3, + 0, + 6 + ], + "eth.dst.oui_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.addr.oui_raw": [ + "000b82", + 0, + 3, + 0, + 6 + ], + "eth.addr.oui_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.dst.lg_raw": [ + "0", + 0, + 3, + 131072, + 2 + ], + "eth.lg_raw": [ + "0", + 0, + 3, + 131072, + 2 + ], + "eth.dst.ig_raw": [ + "0", + 0, + 3, + 65536, + 2 + ], + "eth.ig_raw": [ + "0", + 0, + 3, + 65536, + 2 + ] + }, + "eth.src_raw": [ + "000874adf19b", + 6, + 6, + 0, + 29 + ], + "eth.src_tree": { + "eth.src_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.src.oui_raw": [ + "000874", + 6, + 3, + 0, + 6 + ], + "eth.src.oui_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000874adf19b", + 6, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.addr.oui_raw": [ + "000874", + 6, + 3, + 0, + 6 + ], + "eth.addr.oui_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.src.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.src.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ], + "eth.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ] + }, + "eth.type_raw": [ + "0800", + 12, + 2, + 0, + 5 + ] + }, + "ip_raw": [ + "450001480445000080110000c0a80001c0a8000a", + 14, + 20, + 0, + 1 + ], + "ip": { + "ip.version_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.hdr_len_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.dsfield_raw": [ + "00", + 15, + 1, + 0, + 4 + ], + "ip.dsfield_tree": { + "ip.dsfield.dscp_raw": [ + "0", + 15, + 1, + 252, + 4 + ], + "ip.dsfield.ecn_raw": [ + "0", + 15, + 1, + 3, + 4 + ] + }, + "ip.len_raw": [ + "0148", + 16, + 2, + 0, + 5 + ], + "ip.id_raw": [ + "0445", + 18, + 2, + 0, + 5 + ], + "ip.flags_raw": [ + "0", + 20, + 1, + 224, + 4 + ], + "ip.flags_tree": { + "ip.flags.rb_raw": [ + "0", + 20, + 1, + 128, + 2 + ], + "ip.flags.df_raw": [ + "0", + 20, + 1, + 64, + 2 + ], + "ip.flags.mf_raw": [ + "0", + 20, + 1, + 32, + 2 + ] + }, + "ip.frag_offset_raw": [ + "0", + 20, + 2, + 8191, + 5 + ], + "ip.ttl_raw": [ + "80", + 22, + 1, + 0, + 4 + ], + "ip.proto_raw": [ + "11", + 23, + 1, + 0, + 4 + ], + "ip.checksum_raw": [ + "0000", + 24, + 2, + 0, + 5 + ], + "ip.checksum.status_raw": [ + "", + 24, + 0, + 0, + 4 + ], + "ip.src_raw": [ + "c0a80001", + 26, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "c0a80001", + 26, + 4, + 0, + 32 + ], + "ip.src_host_raw": [ + "c0a80001", + 26, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "c0a80001", + 26, + 4, + 0, + 26 + ], + "ip.dst_raw": [ + "c0a8000a", + 30, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "c0a8000a", + 30, + 4, + 0, + 32 + ], + "ip.dst_host_raw": [ + "c0a8000a", + 30, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "c0a8000a", + 30, + 4, + 0, + 26 + ] + }, + "udp_raw": [ + "0043004401342233", + 34, + 8, + 0, + 1 + ], + "udp": { + "udp.srcport_raw": [ + "0043", + 34, + 2, + 0, + 5 + ], + "udp.dstport_raw": [ + "0044", + 36, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0043", + 34, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0044", + 36, + 2, + 0, + 5 + ], + "udp.length_raw": [ + "0134", + 38, + 2, + 0, + 5 + ], + "udp.checksum_raw": [ + "2233", + 40, + 2, + 0, + 5 + ], + "udp.checksum.status_raw": [ + "", + 40, + 0, + 0, + 4 + ], + "udp.stream_raw": [ + "", + 42, + 0, + 0, + 7 + ], + "Timestamps": { + "udp.time_relative_raw": [ + "", + 34, + 0, + 0, + 25 + ], + "udp.time_delta_raw": [ + "", + 34, + 0, + 0, + 25 + ] + }, + "udp.payload_raw": [ + "0201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000", + 42, + 300, + 0, + 30 + ] + }, + "dhcp_raw": [ + "0201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000", + 42, + 300, + 0, + 1 + ], + "dhcp": { + "dhcp.type_raw": [ + "02", + 42, + 1, + 0, + 4 + ], + "dhcp.hw.type_raw": [ + "01", + 43, + 1, + 0, + 4 + ], + "dhcp.hw.len_raw": [ + "06", + 44, + 1, + 0, + 4 + ], + "dhcp.hops_raw": [ + "00", + 45, + 1, + 0, + 4 + ], + "dhcp.id_raw": [ + "00003d1d", + 46, + 4, + 0, + 7 + ], + "dhcp.secs_raw": [ + "0000", + 50, + 2, + 0, + 5 + ], + "dhcp.flags_raw": [ + "0000", + 52, + 2, + 0, + 5 + ], + "dhcp.flags_tree": { + "dhcp.flags.bc_raw": [ + "0", + 52, + 2, + 32768, + 2 + ], + "dhcp.flags.reserved_raw": [ + "0", + 52, + 2, + 32767, + 5 + ] + }, + "dhcp.ip.client_raw": [ + "00000000", + 54, + 4, + 0, + 32 + ], + "dhcp.ip.your_raw": [ + "c0a8000a", + 58, + 4, + 0, + 32 + ], + "dhcp.ip.server_raw": [ + "c0a80001", + 62, + 4, + 0, + 32 + ], + "dhcp.ip.relay_raw": [ + "00000000", + 66, + 4, + 0, + 32 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 70, + 6, + 0, + 29 + ], + "dhcp.hw.addr_padding_raw": [ + "00000000000000000000", + 76, + 10, + 0, + 30 + ], + "dhcp.server_raw": [ + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 86, + 64, + 0, + 26 + ], + "dhcp.file_raw": [ + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 150, + 128, + 0, + 26 + ], + "dhcp.cookie_raw": [ + "63825363", + 278, + 4, + 0, + 32 + ], + "dhcp.option.type_raw": [ + "350102", + 282, + 3, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "01", + 283, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "02", + 284, + 1, + 0, + 30 + ], + "dhcp.option.dhcp_raw": [ + "02", + 284, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "0104ffffff00", + 285, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 286, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "ffffff00", + 287, + 4, + 0, + 30 + ], + "dhcp.option.subnet_mask_raw": [ + "ffffff00", + 287, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "3a0400000708", + 291, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 292, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000708", + 293, + 4, + 0, + 30 + ], + "dhcp.option.renewal_time_value_raw": [ + "00000708", + 293, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "3b0400000c4e", + 297, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 298, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000c4e", + 299, + 4, + 0, + 30 + ], + "dhcp.option.rebinding_time_value_raw": [ + "00000c4e", + 299, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "330400000e10", + 303, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 304, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000e10", + 305, + 4, + 0, + 30 + ], + "dhcp.option.ip_address_lease_time_raw": [ + "00000e10", + 305, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "3604c0a80001", + 309, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 310, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "c0a80001", + 311, + 4, + 0, + 30 + ], + "dhcp.option.dhcp_server_id_raw": [ + "c0a80001", + 311, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "ff", + 315, + 1, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.end_raw": [ + "ff", + 315, + 1, + 0, + 4 + ] + }, + "dhcp.option.padding_raw": [ + "0000000000000000000000000000000000000000000000000000", + 316, + 26, + 0, + 30 + ] + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "doc", + "_score": null, + "_source": { + "layers": { + "frame_raw": [ + "ffffffffffff000b8201fc4208004500012ca8370000fa11178a00000000ffffffff0044004301189fbd0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00", + 0, + 314, + 0, + 1 + ], + "frame": { + "frame.encap_type_raw": [ + "", + 0, + 0, + 0, + 13 + ], + "frame.time_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.time_utc_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.time_epoch_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.offset_shift_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_displayed_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_relative_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.number_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.cap_len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.marked_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.ignored_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.protocols_raw": [ + "", + 0, + 0, + 0, + 26 + ] + }, + "eth_raw": [ + "ffffffffffff000b8201fc420800", + 0, + 14, + 0, + 1 + ], + "eth": { + "eth.dst_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 29 + ], + "eth.dst_tree": { + "eth.dst_resolved_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 26 + ], + "eth.dst.oui_raw": [ + "ffffff", + 0, + 3, + 0, + 6 + ], + "eth.addr_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 26 + ], + "eth.addr.oui_raw": [ + "ffffff", + 0, + 3, + 0, + 6 + ], + "eth.dst.lg_raw": [ + "1", + 0, + 3, + 131072, + 2 + ], + "eth.lg_raw": [ + "1", + 0, + 3, + 131072, + 2 + ], + "eth.dst.ig_raw": [ + "1", + 0, + 3, + 65536, + 2 + ], + "eth.ig_raw": [ + "1", + 0, + 3, + 65536, + 2 + ] + }, + "eth.src_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 29 + ], + "eth.src_tree": { + "eth.src_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.src.oui_raw": [ + "000b82", + 6, + 3, + 0, + 6 + ], + "eth.src.oui_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.addr.oui_raw": [ + "000b82", + 6, + 3, + 0, + 6 + ], + "eth.addr.oui_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.src.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.src.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ], + "eth.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ] + }, + "eth.type_raw": [ + "0800", + 12, + 2, + 0, + 5 + ] + }, + "ip_raw": [ + "4500012ca8370000fa11178a00000000ffffffff", + 14, + 20, + 0, + 1 + ], + "ip": { + "ip.version_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.hdr_len_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.dsfield_raw": [ + "00", + 15, + 1, + 0, + 4 + ], + "ip.dsfield_tree": { + "ip.dsfield.dscp_raw": [ + "0", + 15, + 1, + 252, + 4 + ], + "ip.dsfield.ecn_raw": [ + "0", + 15, + 1, + 3, + 4 + ] + }, + "ip.len_raw": [ + "012c", + 16, + 2, + 0, + 5 + ], + "ip.id_raw": [ + "a837", + 18, + 2, + 0, + 5 + ], + "ip.flags_raw": [ + "0", + 20, + 1, + 224, + 4 + ], + "ip.flags_tree": { + "ip.flags.rb_raw": [ + "0", + 20, + 1, + 128, + 2 + ], + "ip.flags.df_raw": [ + "0", + 20, + 1, + 64, + 2 + ], + "ip.flags.mf_raw": [ + "0", + 20, + 1, + 32, + 2 + ] + }, + "ip.frag_offset_raw": [ + "0", + 20, + 2, + 8191, + 5 + ], + "ip.ttl_raw": [ + "fa", + 22, + 1, + 0, + 4 + ], + "ip.proto_raw": [ + "11", + 23, + 1, + 0, + 4 + ], + "ip.checksum_raw": [ + "178a", + 24, + 2, + 0, + 5 + ], + "ip.checksum.status_raw": [ + "", + 24, + 0, + 0, + 4 + ], + "ip.src_raw": [ + "00000000", + 26, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "00000000", + 26, + 4, + 0, + 32 + ], + "ip.src_host_raw": [ + "00000000", + 26, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "00000000", + 26, + 4, + 0, + 26 + ], + "ip.dst_raw": [ + "ffffffff", + 30, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "ffffffff", + 30, + 4, + 0, + 32 + ], + "ip.dst_host_raw": [ + "ffffffff", + 30, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "ffffffff", + 30, + 4, + 0, + 26 + ] + }, + "udp_raw": [ + "0044004301189fbd", + 34, + 8, + 0, + 1 + ], + "udp": { + "udp.srcport_raw": [ + "0044", + 34, + 2, + 0, + 5 + ], + "udp.dstport_raw": [ + "0043", + 36, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0044", + 34, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0043", + 36, + 2, + 0, + 5 + ], + "udp.length_raw": [ + "0118", + 38, + 2, + 0, + 5 + ], + "udp.checksum_raw": [ + "9fbd", + 40, + 2, + 0, + 5 + ], + "udp.checksum.status_raw": [ + "", + 40, + 0, + 0, + 4 + ], + "udp.stream_raw": [ + "", + 42, + 0, + 0, + 7 + ], + "Timestamps": { + "udp.time_relative_raw": [ + "", + 34, + 0, + 0, + 25 + ], + "udp.time_delta_raw": [ + "", + 34, + 0, + 0, + 25 + ] + }, + "udp.payload_raw": [ + "0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00", + 42, + 272, + 0, + 30 + ] + }, + "dhcp_raw": [ + "0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00", + 42, + 272, + 0, + 1 + ], + "dhcp": { + "dhcp.type_raw": [ + "01", + 42, + 1, + 0, + 4 + ], + "dhcp.hw.type_raw": [ + "01", + 43, + 1, + 0, + 4 + ], + "dhcp.hw.len_raw": [ + "06", + 44, + 1, + 0, + 4 + ], + "dhcp.hops_raw": [ + "00", + 45, + 1, + 0, + 4 + ], + "dhcp.id_raw": [ + "00003d1e", + 46, + 4, + 0, + 7 + ], + "dhcp.secs_raw": [ + "0000", + 50, + 2, + 0, + 5 + ], + "dhcp.flags_raw": [ + "0000", + 52, + 2, + 0, + 5 + ], + "dhcp.flags_tree": { + "dhcp.flags.bc_raw": [ + "0", + 52, + 2, + 32768, + 2 + ], + "dhcp.flags.reserved_raw": [ + "0", + 52, + 2, + 32767, + 5 + ] + }, + "dhcp.ip.client_raw": [ + "00000000", + 54, + 4, + 0, + 32 + ], + "dhcp.ip.your_raw": [ + "00000000", + 58, + 4, + 0, + 32 + ], + "dhcp.ip.server_raw": [ + "00000000", + 62, + 4, + 0, + 32 + ], + "dhcp.ip.relay_raw": [ + "00000000", + 66, + 4, + 0, + 32 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 70, + 6, + 0, + 29 + ], + "dhcp.hw.addr_padding_raw": [ + "00000000000000000000", + 76, + 10, + 0, + 30 + ], + "dhcp.server_raw": [ + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 86, + 64, + 0, + 26 + ], + "dhcp.file_raw": [ + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 150, + 128, + 0, + 26 + ], + "dhcp.cookie_raw": [ + "63825363", + 278, + 4, + 0, + 32 + ], + "dhcp.option.type_raw": [ + "350103", + 282, + 3, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "01", + 283, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "03", + 284, + 1, + 0, + 30 + ], + "dhcp.option.dhcp_raw": [ + "03", + 284, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "3d0701000b8201fc42", + 285, + 9, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "07", + 286, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "01000b8201fc42", + 287, + 7, + 0, + 30 + ], + "dhcp.hw.type_raw": [ + "01", + 287, + 1, + 0, + 4 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 288, + 6, + 0, + 29 + ] + }, + "dhcp.option.type_raw": [ + "3204c0a8000a", + 294, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 295, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "c0a8000a", + 296, + 4, + 0, + 30 + ], + "dhcp.option.requested_ip_address_raw": [ + "c0a8000a", + 296, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "3604c0a80001", + 300, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 301, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "c0a80001", + 302, + 4, + 0, + 30 + ], + "dhcp.option.dhcp_server_id_raw": [ + "c0a80001", + 302, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "37040103062a", + 306, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 307, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "0103062a", + 308, + 4, + 0, + 30 + ], + "dhcp.option.request_list_item_raw": [ + "01", + 308, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "03", + 309, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "06", + 310, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "2a", + 311, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "ff", + 312, + 1, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.end_raw": [ + "ff", + 312, + 1, + 0, + 4 + ] + }, + "dhcp.option.padding_raw": [ + "00", + 313, + 1, + 0, + 30 + ] + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "doc", + "_score": null, + "_source": { + "layers": { + "frame_raw": [ + "000b8201fc42000874adf19b0800450001480446000080110000c0a80001c0a8000a004300440134dfdb0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000", + 0, + 342, + 0, + 1 + ], + "frame": { + "frame.encap_type_raw": [ + "", + 0, + 0, + 0, + 13 + ], + "frame.time_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.time_utc_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.time_epoch_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.offset_shift_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_displayed_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_relative_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.number_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.cap_len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.marked_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.ignored_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.protocols_raw": [ + "", + 0, + 0, + 0, + 26 + ] + }, + "eth_raw": [ + "000b8201fc42000874adf19b0800", + 0, + 14, + 0, + 1 + ], + "eth": { + "eth.dst_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 29 + ], + "eth.dst_tree": { + "eth.dst_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.dst.oui_raw": [ + "000b82", + 0, + 3, + 0, + 6 + ], + "eth.dst.oui_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.addr.oui_raw": [ + "000b82", + 0, + 3, + 0, + 6 + ], + "eth.addr.oui_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.dst.lg_raw": [ + "0", + 0, + 3, + 131072, + 2 + ], + "eth.lg_raw": [ + "0", + 0, + 3, + 131072, + 2 + ], + "eth.dst.ig_raw": [ + "0", + 0, + 3, + 65536, + 2 + ], + "eth.ig_raw": [ + "0", + 0, + 3, + 65536, + 2 + ] + }, + "eth.src_raw": [ + "000874adf19b", + 6, + 6, + 0, + 29 + ], + "eth.src_tree": { + "eth.src_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.src.oui_raw": [ + "000874", + 6, + 3, + 0, + 6 + ], + "eth.src.oui_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000874adf19b", + 6, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.addr.oui_raw": [ + "000874", + 6, + 3, + 0, + 6 + ], + "eth.addr.oui_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.src.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.src.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ], + "eth.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ] + }, + "eth.type_raw": [ + "0800", + 12, + 2, + 0, + 5 + ] + }, + "ip_raw": [ + "450001480446000080110000c0a80001c0a8000a", + 14, + 20, + 0, + 1 + ], + "ip": { + "ip.version_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.hdr_len_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.dsfield_raw": [ + "00", + 15, + 1, + 0, + 4 + ], + "ip.dsfield_tree": { + "ip.dsfield.dscp_raw": [ + "0", + 15, + 1, + 252, + 4 + ], + "ip.dsfield.ecn_raw": [ + "0", + 15, + 1, + 3, + 4 + ] + }, + "ip.len_raw": [ + "0148", + 16, + 2, + 0, + 5 + ], + "ip.id_raw": [ + "0446", + 18, + 2, + 0, + 5 + ], + "ip.flags_raw": [ + "0", + 20, + 1, + 224, + 4 + ], + "ip.flags_tree": { + "ip.flags.rb_raw": [ + "0", + 20, + 1, + 128, + 2 + ], + "ip.flags.df_raw": [ + "0", + 20, + 1, + 64, + 2 + ], + "ip.flags.mf_raw": [ + "0", + 20, + 1, + 32, + 2 + ] + }, + "ip.frag_offset_raw": [ + "0", + 20, + 2, + 8191, + 5 + ], + "ip.ttl_raw": [ + "80", + 22, + 1, + 0, + 4 + ], + "ip.proto_raw": [ + "11", + 23, + 1, + 0, + 4 + ], + "ip.checksum_raw": [ + "0000", + 24, + 2, + 0, + 5 + ], + "ip.checksum.status_raw": [ + "", + 24, + 0, + 0, + 4 + ], + "ip.src_raw": [ + "c0a80001", + 26, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "c0a80001", + 26, + 4, + 0, + 32 + ], + "ip.src_host_raw": [ + "c0a80001", + 26, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "c0a80001", + 26, + 4, + 0, + 26 + ], + "ip.dst_raw": [ + "c0a8000a", + 30, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "c0a8000a", + 30, + 4, + 0, + 32 + ], + "ip.dst_host_raw": [ + "c0a8000a", + 30, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "c0a8000a", + 30, + 4, + 0, + 26 + ] + }, + "udp_raw": [ + "004300440134dfdb", + 34, + 8, + 0, + 1 + ], + "udp": { + "udp.srcport_raw": [ + "0043", + 34, + 2, + 0, + 5 + ], + "udp.dstport_raw": [ + "0044", + 36, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0043", + 34, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0044", + 36, + 2, + 0, + 5 + ], + "udp.length_raw": [ + "0134", + 38, + 2, + 0, + 5 + ], + "udp.checksum_raw": [ + "dfdb", + 40, + 2, + 0, + 5 + ], + "udp.checksum.status_raw": [ + "", + 40, + 0, + 0, + 4 + ], + "udp.stream_raw": [ + "", + 42, + 0, + 0, + 7 + ], + "Timestamps": { + "udp.time_relative_raw": [ + "", + 34, + 0, + 0, + 25 + ], + "udp.time_delta_raw": [ + "", + 34, + 0, + 0, + 25 + ] + }, + "udp.payload_raw": [ + "0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000", + 42, + 300, + 0, + 30 + ] + }, + "dhcp_raw": [ + "0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000", + 42, + 300, + 0, + 1 + ], + "dhcp": { + "dhcp.type_raw": [ + "02", + 42, + 1, + 0, + 4 + ], + "dhcp.hw.type_raw": [ + "01", + 43, + 1, + 0, + 4 + ], + "dhcp.hw.len_raw": [ + "06", + 44, + 1, + 0, + 4 + ], + "dhcp.hops_raw": [ + "00", + 45, + 1, + 0, + 4 + ], + "dhcp.id_raw": [ + "00003d1e", + 46, + 4, + 0, + 7 + ], + "dhcp.secs_raw": [ + "0000", + 50, + 2, + 0, + 5 + ], + "dhcp.flags_raw": [ + "0000", + 52, + 2, + 0, + 5 + ], + "dhcp.flags_tree": { + "dhcp.flags.bc_raw": [ + "0", + 52, + 2, + 32768, + 2 + ], + "dhcp.flags.reserved_raw": [ + "0", + 52, + 2, + 32767, + 5 + ] + }, + "dhcp.ip.client_raw": [ + "00000000", + 54, + 4, + 0, + 32 + ], + "dhcp.ip.your_raw": [ + "c0a8000a", + 58, + 4, + 0, + 32 + ], + "dhcp.ip.server_raw": [ + "00000000", + 62, + 4, + 0, + 32 + ], + "dhcp.ip.relay_raw": [ + "00000000", + 66, + 4, + 0, + 32 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 70, + 6, + 0, + 29 + ], + "dhcp.hw.addr_padding_raw": [ + "00000000000000000000", + 76, + 10, + 0, + 30 + ], + "dhcp.server_raw": [ + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 86, + 64, + 0, + 26 + ], + "dhcp.file_raw": [ + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 150, + 128, + 0, + 26 + ], + "dhcp.cookie_raw": [ + "63825363", + 278, + 4, + 0, + 32 + ], + "dhcp.option.type_raw": [ + "350105", + 282, + 3, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "01", + 283, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "05", + 284, + 1, + 0, + 30 + ], + "dhcp.option.dhcp_raw": [ + "05", + 284, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "3a0400000708", + 285, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 286, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000708", + 287, + 4, + 0, + 30 + ], + "dhcp.option.renewal_time_value_raw": [ + "00000708", + 287, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "3b0400000c4e", + 291, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 292, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000c4e", + 293, + 4, + 0, + 30 + ], + "dhcp.option.rebinding_time_value_raw": [ + "00000c4e", + 293, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "330400000e10", + 297, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 298, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000e10", + 299, + 4, + 0, + 30 + ], + "dhcp.option.ip_address_lease_time_raw": [ + "00000e10", + 299, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "3604c0a80001", + 303, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 304, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "c0a80001", + 305, + 4, + 0, + 30 + ], + "dhcp.option.dhcp_server_id_raw": [ + "c0a80001", + 305, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "0104ffffff00", + 309, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 310, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "ffffff00", + 311, + 4, + 0, + 30 + ], + "dhcp.option.subnet_mask_raw": [ + "ffffff00", + 311, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "ff", + 315, + 1, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.end_raw": [ + "ff", + 315, + 1, + 0, + 4 + ] + }, + "dhcp.option.padding_raw": [ + "0000000000000000000000000000000000000000000000000000", + 316, + 26, + 0, + 30 + ] + } + } + } + } +] diff --git a/test/baseline/elastic-mapping-ip-subset.json b/test/baseline/elastic-mapping-ip-subset.json new file mode 100644 index 00000000..d1a85d25 --- /dev/null +++ b/test/baseline/elastic-mapping-ip-subset.json @@ -0,0 +1,306 @@ +{ + "settings": { + "index.mapping.total_fields.limit": 1000000 + }, + "mappings": { + "dynamic": false, + "properties": { + "timestamp": { + "type": "date" + }, + "layers": { + "properties": { + "ip": { + "properties": { + "ip_ip_version": { + "type": "short" + }, + "ip_ip_hdr_len": { + "type": "short" + }, + "ip_ip_dsfield": { + "type": "short" + }, + "ip_ip_dsfield_dscp": { + "type": "short" + }, + "ip_ip_dsfield_ecn": { + "type": "short" + }, + "ip_ip_tos": { + "type": "short" + }, + "ip_ip_tos_precedence": { + "type": "short" + }, + "ip_ip_tos_delay": { + "type": "boolean" + }, + "ip_ip_tos_throughput": { + "type": "boolean" + }, + "ip_ip_tos_reliability": { + "type": "boolean" + }, + "ip_ip_tos_cost": { + "type": "boolean" + }, + "ip_ip_len": { + "type": "integer" + }, + "ip_ip_id": { + "type": "integer" + }, + "ip_ip_dst": { + "type": "ip" + }, + "ip_ip_src": { + "type": "ip" + }, + "ip_ip_addr": { + "type": "ip" + }, + "ip_ip_geoip_asnum": { + "type": "long" + }, + "ip_ip_geoip_lat": { + "type": "float" + }, + "ip_ip_geoip_lon": { + "type": "float" + }, + "ip_ip_geoip_src_asnum": { + "type": "long" + }, + "ip_ip_geoip_src_lat": { + "type": "float" + }, + "ip_ip_geoip_src_lon": { + "type": "float" + }, + "ip_ip_geoip_dst_asnum": { + "type": "long" + }, + "ip_ip_geoip_dst_lat": { + "type": "float" + }, + "ip_ip_geoip_dst_lon": { + "type": "float" + }, + "ip_ip_flags": { + "type": "short" + }, + "ip_ip_flags_sf": { + "type": "boolean" + }, + "ip_ip_flags_rb": { + "type": "boolean" + }, + "ip_ip_flags_df": { + "type": "boolean" + }, + "ip_ip_flags_mf": { + "type": "boolean" + }, + "ip_ip_frag_offset": { + "type": "integer" + }, + "ip_ip_ttl": { + "type": "short" + }, + "ip_ip_proto": { + "type": "short" + }, + "ip_ip_checksum": { + "type": "integer" + }, + "ip_ip_checksum_calculated": { + "type": "integer" + }, + "ip_ip_checksum_status": { + "type": "short" + }, + "ip_ip_opt_type": { + "type": "short" + }, + "ip_ip_opt_type_copy": { + "type": "boolean" + }, + "ip_ip_opt_type_class": { + "type": "short" + }, + "ip_ip_opt_type_number": { + "type": "short" + }, + "ip_ip_opt_len": { + "type": "short" + }, + "ip_ip_opt_ptr": { + "type": "short" + }, + "ip_ip_opt_sid": { + "type": "integer" + }, + "ip_ip_opt_mtu": { + "type": "integer" + }, + "ip_ip_opt_id_number": { + "type": "integer" + }, + "ip_ip_opt_ohc": { + "type": "integer" + }, + "ip_ip_opt_rhc": { + "type": "integer" + }, + "ip_ip_opt_originator": { + "type": "ip" + }, + "ip_ip_opt_ra": { + "type": "integer" + }, + "ip_ip_opt_addr": { + "type": "ip" + }, + "ip_ip_opt_padding": { + "type": "byte" + }, + "ip_ip_opt_qs_func": { + "type": "short" + }, + "ip_ip_opt_qs_rate": { + "type": "short" + }, + "ip_ip_opt_qs_ttl": { + "type": "short" + }, + "ip_ip_opt_qs_ttl_diff": { + "type": "short" + }, + "ip_ip_opt_qs_unused": { + "type": "short" + }, + "ip_ip_opt_qs_nonce": { + "type": "long" + }, + "ip_ip_opt_qs_reserved": { + "type": "long" + }, + "ip_ip_opt_sec_rfc791_sec": { + "type": "integer" + }, + "ip_ip_opt_sec_rfc791_comp": { + "type": "integer" + }, + "ip_ip_opt_sec_cl": { + "type": "short" + }, + "ip_ip_opt_sec_prot_auth_flags": { + "type": "short" + }, + "ip_ip_opt_sec_prot_auth_genser": { + "type": "boolean" + }, + "ip_ip_opt_sec_prot_auth_siop_esi": { + "type": "boolean" + }, + "ip_ip_opt_sec_prot_auth_sci": { + "type": "boolean" + }, + "ip_ip_opt_sec_prot_auth_nsa": { + "type": "boolean" + }, + "ip_ip_opt_sec_prot_auth_doe": { + "type": "boolean" + }, + "ip_ip_opt_sec_prot_auth_unassigned": { + "type": "short" + }, + "ip_ip_opt_sec_prot_auth_unassigned": { + "type": "short" + }, + "ip_ip_opt_sec_prot_auth_fti": { + "type": "boolean" + }, + "ip_ip_opt_ext_sec_add_sec_info_format_code": { + "type": "short" + }, + "ip_ip_opt_ext_sec_add_sec_info": { + "type": "byte" + }, + "ip_ip_rec_rt": { + "type": "ip" + }, + "ip_ip_cur_rt": { + "type": "ip" + }, + "ip_ip_src_rt": { + "type": "ip" + }, + "ip_ip_empty_rt": { + "type": "ip" + }, + "ip_ip_cipso_tag_type": { + "type": "short" + }, + "ip_ip_fragment_overlap": { + "type": "boolean" + }, + "ip_ip_fragment_overlap_conflict": { + "type": "boolean" + }, + "ip_ip_fragment_multipletails": { + "type": "boolean" + }, + "ip_ip_fragment_toolongfragment": { + "type": "boolean" + }, + "ip_ip_fragment_error": { + "type": "long" + }, + "ip_ip_fragment_count": { + "type": "long" + }, + "ip_ip_fragment": { + "type": "long" + }, + "ip_ip_fragments": { + "type": "byte" + }, + "ip_ip_reassembled_in": { + "type": "long" + }, + "ip_ip_reassembled_length": { + "type": "long" + }, + "ip_ip_reassembled_data": { + "type": "byte" + }, + "ip_ip_cipso_doi": { + "type": "long" + }, + "ip_ip_cipso_sensitivity_level": { + "type": "short" + }, + "ip_ip_cipso_tag_data": { + "type": "byte" + }, + "ip_ip_opt_overflow": { + "type": "short" + }, + "ip_ip_opt_flag": { + "type": "short" + }, + "ip_ip_opt_time_stamp": { + "type": "long" + }, + "ip_ip_opt_time_stamp_addr": { + "type": "ip" + } + } + } + } + } + } + } +} diff --git a/test/baseline/ff-ts-usec-pcap-direct.txt b/test/baseline/ff-ts-usec-pcap-direct.txt new file mode 100644 index 00000000..f4ac417f --- /dev/null +++ b/test/baseline/ff-ts-usec-pcap-direct.txt @@ -0,0 +1,4 @@ +1 1102274184.317453000 0.000000000 +2 1102274184.317748000 0.000295000 +3 1102274184.387484000 0.069736000 +4 1102274184.387798000 0.000314000 diff --git a/test/baseline/io-rawshark-dhcp-pcap.txt b/test/baseline/io-rawshark-dhcp-pcap.txt new file mode 100644 index 00000000..c6fd0208 --- /dev/null +++ b/test/baseline/io-rawshark-dhcp-pcap.txt @@ -0,0 +1,5 @@ + +1 1 - +2 1 - +3 1 - +4 1 - |