forked from Nisalon/IntWars
-
Notifications
You must be signed in to change notification settings - Fork 44
PacketAnalysis
lightwind edited this page Jul 19, 2012
·
12 revisions
Packet analysis based on trace analysis. Currently incomplete as performed on a single trace which is not enough to get all the possible opcodes and packet variations.
Op code | Peer | Channel | Flag | Size | * Nb seens * | *Shape* |
00 | C | 0 | 1 | 47 | 2 | 00 00 00 00 00 00 00 00 9C A4 0E 02 00 00 00 00 |
07 | C | 3 | 1 | 26 | 11 | 07 XX XX 00 40 XX 00 00 XX |
08 | S | 2 | 0 | 47 | 74 | 08 00 00 00 00 00 00 00 00 XX XX XX XX XX XX XX |
09 | S | 1 | 0 | 17 | 1 | 09 19 00 00 40 80 |
0B | C | 3 | 1 | 20 | 1 | 0B 19 00 00 40 00 00 |
0D | C | 3 | 1 | 44 | 123 | 0D XX 00 00 40 XX XX 00 40 XX XX XX 00 40 XX |
17 | S | 1 | 0 | 14 | 23 | 17 00 00 00 00 |
18 | C | 3 | 1 | 23 | 3 | 18 19 00 00 40 XX 01 00 |
19 | S | 1 | 1 | 47 | 27 | 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
1D | C | 3 | 1 | 47 | 1322 | 1D XX XX 00 40 XX XX 00 40 XX XX XX 00 40 XX XX |
1F | C | 3 | 1 | 47 | 3 | 1F XX XX 00 40 01 01 80 66 06 40 00 00 00 00 19 |
24 | C | 3 | 1 | 47 | 2 | 24 19 00 00 40 1A 00 00 40 XX XX XX 40 00 XX XX |
2C | C | 3 | 1 | 47 | 6 | 2C XX 00 00 40 XX XX XX XX XX XX XX XX XX XX XX |
2E | C | 3 | 0 | 17 | 466 | 2E 00 00 00 00 XX |
30 | S | 1 | 1 | 47 | 466 | 30 00 00 00 00 XX XX XX XX 90 88 BA 44 XX XX XX |
31 | C | 3 | 1 | 47 | 3 | 31 19 00 00 40 DC 38 CF 41 74 E8 53 43 A5 C6 83 |
38 | C | 3 | 1 | 26 | 1 | 38 00 00 00 00 95 1A 00 40 |
39 | C | 3 | 1 | 17 | 466 | 39 XX XX 00 40 XX |
3A | C | 3 | 1 | 14 | 106 | 3A XX XX XX XX |
3D | C | 3 | 1 | 26 | 1 | 3D 00 00 00 00 39 1A 00 40 |
3E | S | 1 | 0 | 17 | 4 | 3E 19 00 00 40 XX |
41 | C | 3 | 1 | 47 | 11 | 41 XX XX 00 40 XX XX XX 46 XX XX XX 42 XX XX XX |
47 | C | 3 | 1 | 47 | 1 | 47 00 00 00 00 0C F3 7A 45 A0 00 2B 42 E1 AB FD |
4C | C | 3 | 1 | 47 | 3 | 4C 00 00 00 00 XX 00 00 00 00 00 00 00 00 01 00 |
52 | C | 3 | 1 | 47 | 2 | 52 00 00 00 00 1A 00 00 40 FF FF FF FF 40 00 00 |
56 | S | 1 | 0 | 47 | 2 | 56 XX 00 00 40 XX XX XX XX XX XX XX BD XX XX XX |
56 | C | 3 | 1 | 47 | 2 | 56 1A 00 00 40 XX XX XX BF XX XX XX BB XX XX XX |
57 | C | 3 | 1 | 14 | 15 | 57 XX XX 00 40 |
58 | S | 1 | 0 | 38 | 2 | 58 00 00 00 00 XX XX XX XX XX XX XX XX |
5A | C | 3 | 1 | 47 | 2 | 5A 00 00 00 00 01 01 00 00 00 9C A4 0E 02 00 00 |
5D | S | 1 | 0 | 47 | 1 | 5D 00 00 00 00 0C F3 7A 45 A0 00 2B 42 E1 AB FD |
63 | S | 1 | 0 | 14 | 2 | 63 00 00 00 00 |
64 | S | 6 | 0 | 35 | 2 | 64 82 A9 00 00 00 00 00 64 00 00 00 |
65 | C | 6 | 1 | 47 | 2 | 65 00 00 00 00 00 00 00 9C A4 0E 02 00 00 00 00 |
66 | C | 6 | 1 | 47 | 2 | 66 00 00 00 00 00 00 00 9C A4 0E 02 00 00 00 00 |
67 | C | 4 | 2 | 47 | 3194 | 67 00 00 00 00 XX XX XX 00 XX 00 XX XX XX 00 40 |
67 | C | 6 | 1 | 47 | 2 | 67 F0 3A 03 06 00 00 00 06 00 00 00 83 B8 58 00 |
6A | C | 4 | 2 | 47 | 2 | 6A 00 00 00 00 XX XX 00 00 01 00 04 1A 00 00 40 |
6B | C | 3 | 1 | 47 | 73 | 6B XX XX 00 40 XX XX XX 00 40 XX XX 00 40 XX XX |
6E | C | 3 | 1 | 47 | 2 | 6E 00 00 00 00 01 43 AC D4 0C XX XX XX 42 XX XX |
70 | C | 3 | 1 | 26 | 9 | 70 XX 00 00 40 XX XX 00 40 |
71 | C | 3 | 1 | 17 | 2 | 71 XX 00 00 40 00 |
75 | C | 3 | 1 | 35 | 2 | 75 19 00 00 40 XX 04 00 00 00 01 01 |
78 | S | 1 | 0 | 47 | 500 | 78 19 00 00 40 XX XX XX XX XX XX XX XX XX XX XX |
7C | C | 2 | 1 | 47 | 74 | 7C 00 00 00 00 XX XX XX XX XX XX XX XX XX XX XX |
7D | S | 1 | 2 | 29 <> 44 | 3196 | 7D 00 00 00 00 XX XX XX 00 XX 19 00 00 40 00 |
82 | C | 3 | 1 | 41 | 20 | 82 XX XX 00 40 XX XX XX XX XX 00 00 00 00 |
86 | C | 3 | 1 | 47 | 10 | 86 00 00 00 00 XX 00 XX XX 00 40 XX XX XX XX XX |
88 | S | 1 | 0 | 29 | 2 | 88 00 00 00 00 00 00 00 00 00 |
89 | S | 1 | 0 | 26 | 2 | 89 19 00 00 40 XX 04 00 00 |
8E | C | 3 | 1 | 47 | 21 | 8E 00 00 00 00 XX XX XX XX XX 20 00 00 00 00 00 |
96 | S | 1 | 0 | 14 | 2 | 96 00 00 00 00 |
9A | C | 3 | 1 | 47 | 2 | 9A 00 00 00 00 XX XX XX 1A 00 00 00 00 4E 69 67 |
9D | C | 3 | 1 | 47 | 1 | 9D 00 00 00 00 A8 C9 32 0C 02 0F 04 00 40 00 00 |
9F | C | 4 | 0 | 47 | 27 | 9F 00 00 00 00 00 00 00 00 9C A4 0E 02 00 00 00 |
A4 | S | 1 | 0 | 47 | 14 | A4 19 00 00 40 XX XX XX XX XX XX XX XX XX XX XX |
A6 | S | 1 | 0 | 17 | 2 | A6 00 00 00 00 01 |
B2 | S | 1 | 2 | 26 | 2016 | B2 00 00 00 00 XX XX XX 00 |
B9 | C | 3 | 1 | 20 <> 44 | 120 | B9 XX XX XX XX 00 00 00 XX XX XX XX XX XX XX |
BB | S | 1 | 0 | 38 | 230 | BB 00 00 00 00 00 00 00 00 XX XX 00 XX |
C1 | C | 3 | 1 | 47 | 5 | C1 XX 00 00 40 XX XX 00 00 00 XX 00 XX XX XX XX |
C3 | C | 3 | 1 | 47 | 18 | C3 XX XX 00 40 XX XX 01 00 XX XX XX XX XX XX XX |
C6 | C | 3 | 1 | 23 <> 47 | 146 | C6 XX XX XX XX XX XX XX XX XX XX 00 00 XX XX 00 |
C9 | S | 1 | 0 | 47 | 2 | C9 00 00 00 00 00 00 00 00 00 00 00 00 56 65 72 |
CA | S | 1 | 0 | 14 | 2 | CA 00 00 00 00 |
CB | C | 3 | 1 | 47 | 1 | CB 00 00 00 00 80 66 06 40 00 00 00 00 03 8C 07 |
CC | C | 3 | 1 | 26 | 16 | CC XX XX 00 40 XX 00 00 XX |
CD | C | 3 | 1 | 26 | 39 | CD 00 00 00 00 XX XX XX XX |
D0 | C | 4 | 2 | 47 | 2034 | D0 00 00 00 00 XX XX XX 00 XX XX XX XX XX XX XX |
F7 | C | 3 | 1 | 47 | 1 | F7 00 00 00 00 14 CE 13 46 00 00 70 42 3D 08 83 |
FF | C | 3 | 1 | 29 <> 47 | 2314 | FF XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX |
Size: if size contains a single number, the size appears constant. Otherwise the min <> max is reported Shape: Fixed octet are reported. the ‘XX’ symbole indicates an octet which change from one packet to another.