Attachment 'Arv_Coloring_Rules.txt'
Download 1 # DO NOT EDIT THIS FILE! It was created by Ethereal
2 @HSRP state change@hsrp.state != 8 && hsrp.state != 16@[0,0,0][65535,63222,0]
3 @SpanningTree Topology Change@stp.type == 0x80@[0,0,0][65535,63222,0]
4 @ospf state change@ospf.msg != 1@[0,0,0][65535,63222,0]
5 @TCP Analysis@tcp.analysis.flags@[37008,0,0][65535,65535,65535]
6 @Low TTL@ip.ttl < 5@[37008,0,0][65535,65535,65535]
7 @Bad IP CRC@ip.checksum_bad@[37008,0,0][65535,65535,65535]
8 @Bad UDP CRC@udp.checksum_bad@[37008,0,0][65535,65535,65535]
9 @Bad TCP CRC@tcp.checksum_bad@[37008,0,0][65535,65535,65535]
10 @TCP Seg Conflict@tcp.segment.overlap.conflict@[37008,0,0][65535,65535,65535]
11 @TCP Long Frag Seg@tcp.segment.toolongfragment@[37008,0,0][65535,65535,65535]
12 @TCP Seg Overlap@tcp.segment.overlap@[37008,0,0][65535,65535,65535]
13 @TCP Seg Error@tcp.segment.error@[37008,0,0][65535,65535,65535]
14 @ICMP Destination Unreachable@icmp.type == 3@[65535,26214,26214][65535,65535,65535]
15 @ICMP Source Quench@icmp.type == 4@[65535,26214,26214][65535,65535,65535]
16 @ICMP Time Exceeded@icmp.type == 11@[65535,26214,26214][65535,65535,65535]
17 @ICMP Parameter Problem@icmp.type == 12@[65535,26214,26214][65535,65535,65535]
18 @HTTP Server error@http.response.code >= 500 and http.response.code < 600@[65535,43690,43690][514,0,27756]
19 @HTTP Client error@http.response.code >= 400 and http.response.code < 500@[65535,65535,43690][514,0,27756]
20 @FTP error@ftp.response.code >= 500 and ftp.response.code < 600@[65535,43690,43690][514,0,27756]
21 @FTP error@ftp.response.code >= 400 and ftp.response.code < 500@[65535,65535,43690][514,0,27756]
22 @SMTP error@smtp.response.code >= 500 and smtp.response.code < 600@[65535,43690,43690][514,0,27756]
23 @SMTP error@smtp.response.code >= 400 and smtp.response.code < 500@[65535,65535,43690][514,0,27756]
24 @DNS error@dns.flags.rcode > 0@[64250,43690,43690][514,0,27756]
25 @LDAP error@ldap.result.code > 0x0@[64250,43690,43690][514,0,27756]
26 @SSL error@pct.msg_error_code@[64250,43690,43690][0,0,0]
27 @Tcp.RST@tcp.flags.reset==1@[65021,56797,56797][0,0,0]
28 @Unwanted Protocols@spx || ipx || aarp || aim@[65535,65535,65535][65535,0,0]
29 @from my PC@eth.src == Yo:ur:MA:C_:ad:dr@[62194,65535,65535][36739,2963,0]
30 @to my PC@eth.dst == Yo:ur:MA:C_:ad:dr@[62194,65535,65535][457,0,27802]
31 @http request@http.request@[65535,65535,65535][36751,3084,0]
32 @http response@http.response@[65535,65535,65535][514,0,27756]
33 @TCP General Client@tcp.srcport >= 1024 && tcp.dstport <= 1024@[65535,65535,65535][36751,3084,0]
34 @TCP General Server@tcp.srcport <= 1024 && tcp.dstport >=1024@[65535,65535,65535][514,0,27756]
35 @ICMP request@icmp && icmp.type == 8 || icmp.type == 13 || icmp.type == 15 || icmp.type == 17 || icmp.type == 35 || icmp.type == 37@[65535,65535,65535][36751,3084,0]
36 @ICMP response@icmp && icmp.type == 0 || icmp.type == 14 || icmp.type == 16 || icmp.type == 18 || icmp.type == 36 || icmp.type == 38@[65535,65535,65535][514,0,27756]
37 @DNS query@dns.flags.response == 0@[65535,65535,65535][36751,3084,0]
38 @DNS response@dns.flags.response == 1@[65535,65535,65535][514,0,27756]
39 @BOOTP/DHCP request@bootp.type == 1@[65535,65535,65535][36751,3084,0]
40 @BOOTP/DHCP response@bootp.type == 2@[65535,65535,65535][514,0,27756]
41 @NW Traf@stp.protocol || cdp || hsrp || vrrp || ospf || bgp || eigrp || rip || rtmp || eth.addr == 01:00:0c:cc:cc:cc@[65535,65535,65535][21845,21845,21845]
Attached Files
To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.You are not allowed to attach a file to this page.