package types

Mouse Melon logoGet desktop application:
View/edit binary Protocol Buffers messages

message ARP

netcap.proto:265

The Address Resolution Protocol (ARP) is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address.

message ASExternalLSA

netcap.proto:1319

Used in: LSA

message ASExternalLSAV2

netcap.proto:1344

Used in: LSA

message AVP

netcap.proto:1840

Attribute Value Pair

Used in: Diameter

message Alert

netcap.proto:1991

Alert models a user defined event with IP layer and meta information.

message BFD

netcap.proto:1403

BFD is a detection protocol designed to provide fast forwarding path failure detection times for all media types, encapsulations, topologies, and routing protocols. In addition to fast forwarding path failure detection, BFD provides a consistent failure detection method for network administrators.

message BFDAuthHeader

netcap.proto:1423

Used in: BFD

message Batch

netcap.proto:175

message CDPCapabilities

netcap.proto:1641

Used in: CiscoDiscoveryInfo

message CDPEnergyWise

netcap.proto:1622

Used in: CiscoDiscoveryInfo

message CDPHello

netcap.proto:1607

Used in: CiscoDiscoveryInfo

message CDPLocation

netcap.proto:1559

Used in: CiscoDiscoveryInfo

message CDPPowerDialogue

netcap.proto:1564

Used in: CiscoDiscoveryInfo

message CDPSparePairPoE

netcap.proto:1570

Used in: CiscoDiscoveryInfo

message CDPVLANDialogue

netcap.proto:1554

Used in: CiscoDiscoveryInfo

message CIP

netcap.proto:1676

The Common Industrial Protocol (CIP) is an industrial protocol for industrial automation applications. CIP encompasses a comprehensive suite of messages and services for the collection of manufacturing automation applications – control, safety, synchronization, motion, configuration and information. It allows users to integrate these manufacturing applications with enterprise-level Ethernet networks and the Internet.

message CiscoDiscovery

netcap.proto:1540

Cisco Discovery Protocol is a proprietary Data Link Layer protocol developed by Cisco Systems in 1994 by Keith McCloghrie and Dino Farinacci. It is used to share information about other directly connected Cisco equipment, such as the operating system version and IP address.

message CiscoDiscoveryInfo

netcap.proto:1577

message CiscoDiscoveryValue

netcap.proto:1548

Used in: CiscoDiscovery, CiscoDiscoveryInfo

message Connection

netcap.proto:202

a connection has the following attributes: Mac <-> Mac bidirectional Mac IP <-> IP bidirectional IP Port <-> Port bidirectional Port

message Credentials

netcap.proto:1945

message DHCPOption

netcap.proto:758

Used in: DHCPv4

message DHCPv4

netcap.proto:734

message DHCPv6

netcap.proto:764

message DHCPv6Option

netcap.proto:779

Used in: DHCPv6

message DNS

netcap.proto:654

The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. By providing a worldwide, distributed directory service, the Domain Name System has been an essential component of the functionality of the Internet since 1985.

message DNSMX

netcap.proto:722

DNSMX is a mail exchange record, defining a mail server for a recipient's domain.

Used in: DNSResourceRecord

message DNSQuestion

netcap.proto:728

DNSQuestion wraps a single request (question) within a DNS query.

Used in: DNS

message DNSResourceRecord

netcap.proto:681

Used in: DNS

message DNSSOA

netcap.proto:703

DNSSOA is a Start of Authority record. Each domain requires a SOA record at the cutover where a domain is delegated from its parent.

Used in: DNSResourceRecord

message DNSSRV

netcap.proto:714

DNSSRV is a Service record, defining a location (hostname/port) of a server/service.

Used in: DNSResourceRecord

message DbDescPkg

netcap.proto:1236

Used in: OSPFv2, OSPFv3

message DeviceProfile

netcap.proto:1718

Device Profiling

message Diameter

netcap.proto:1821

Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from the earlier RADIUS protocol. It belongs to the application layer protocols in the internet protocol suite.

message Dot11

netcap.proto:290

Dot11 provides an IEEE 802.11 base packet header. See http://standards.ieee.org/findstds/standard/802.11-2012.html for excruciating detail.

message Dot11ASEL

netcap.proto:359

Used in: Dot11LinkAdapationControl

message Dot11HTControl

netcap.proto:314

Used in: Dot11

message Dot11HTControlHT

netcap.proto:334

Used in: Dot11HTControl

message Dot11HTControlMFB

netcap.proto:343

Used in: Dot11HTControlVHT

message Dot11HTControlVHT

netcap.proto:321

Used in: Dot11HTControl

message Dot11LinkAdapationControl

netcap.proto:350

Used in: Dot11HTControlHT

message Dot11QOS

netcap.proto:307

Used in: Dot11

message Dot1Q

netcap.proto:280

Dot1Q is the packet layer for 802.1Q VLAN headers.

message EAP

netcap.proto:1473

EAP defines an Extensible Authentication Protocol (rfc 3748) layer.

message EAPOL

netcap.proto:1483

EAPOL defines an EAP over LAN (802.1x) layer.

message EAPOLKey

netcap.proto:1491

EAPOLKey defines an EAPOL-Key frame for 802.1x authentication

message ENIP

netcap.proto:1695

ENIP implements decoding of EtherNet/IP, a protocol used to transport the Common Industrial Protocol over standard OSI networks. EtherNet/IP transports over both TCP and UDP. See the EtherNet/IP Developer's Guide for more information: https://www.odva.org/Portals/0/Library/Publications_Numbered/PUB00213R0_EtherNetIP_Developers_Guide.pdf

message ENIPCommandSpecificData

netcap.proto:1712

ENIPCommandSpecificData contains data specific to a command. This may include another EtherNet/IP packet embedded within the Data structure.

Used in: ENIP

message Ethernet

netcap.proto:254

Ethernet is a family of computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN). It was commercially introduced in 1980 and first standardized in 1983 as IEEE 802.3. Ethernet has since retained a good deal of backward compatibility and has been refined to support higher bit rates, a greater number of nodes, and longer link distances. Over time, Ethernet has largely replaced competing wired LAN technologies such as Token Ring, FDDI and ARCNET.

message EthernetCTP

netcap.proto:394

message EthernetCTPReply

netcap.proto:399

message Exploit

netcap.proto:1976

message FDDI

netcap.proto:1464

message File

netcap.proto:1767

message GRE

netcap.proto:1434

Generic Routing Encapsulation is a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network.

message GRERouting

netcap.proto:1456

Used in: GRE

message Geneve

netcap.proto:1066

The Generic Network Virtualization Encapsulation (Geneve) protocol offers a new approach to encapsulation designed to offer control-plane independence between tunnel endpoints. The protocol specifies only a data-plane schema using a number of variable length options.

message GeneveOption

netcap.proto:1077

Used in: Geneve

message HTTP

netcap.proto:930

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web.

message HTTPCookie

netcap.proto:965

Used in: HTTP

message HelloPkg

netcap.proto:1213

Used in: OSPFv3

message HelloPkgV2

netcap.proto:1224

Used in: OSPFv2

message ICMPv4

netcap.proto:524

message ICMPv6

netcap.proto:534

message ICMPv6Echo

netcap.proto:904

message ICMPv6NeighborAdvertisement

netcap.proto:542

message ICMPv6NeighborSolicitation

netcap.proto:912

message ICMPv6Option

netcap.proto:563

Used in: ICMPv6NeighborAdvertisement, ICMPv6NeighborSolicitation, ICMPv6RouterAdvertisement, ICMPv6RouterSolicitation

message ICMPv6RouterAdvertisement

netcap.proto:551

message ICMPv6RouterSolicitation

netcap.proto:920

message IGMP

netcap.proto:848

The Internet Group Management Protocol (IGMP) is a communications protocol used by hosts and adjacent routers on IPv4 networks to establish multicast group memberships. IGMP is an integral part of IP multicast. IGMP can be used for one-to-many networking applications such as online streaming video and gaming, and allows more efficient use of resources when supporting these types of applications. IGMP is used on IPv4 networks. Multicast management on IPv6 networks is handled by Multicast Listener Discovery (MLD) which is a part of ICMPv6 in contrast to IGMP's bare IP encapsulation.

message IGMPv3GroupRecord

netcap.proto:866

Used in: IGMP

message IPNet

netcap.proto:1653

Used in: CiscoDiscoveryInfo

message IPProfile

netcap.proto:1745

message IPSecAH

netcap.proto:1044

message IPSecESP

netcap.proto:1054

message IPv4

netcap.proto:460

Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version deployed for production in the ARPANET in 1983. It still routes most Internet traffic today, despite the ongoing deployment of a successor protocol, IPv6. IPv4 is described in IETF publication RFC 791 (September 1981), replacing an earlier definition (RFC 760, January 1980). IPv4 uses a 32-bit address space, which limits the number of unique hosts to 4,294,967,296 (232), but large blocks are reserved for special networking methods.

message IPv4Option

netcap.proto:482

Used in: IPv4

message IPv6

netcap.proto:493

Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion. IPv6 is intended to replace IPv4.

message IPv6Fragment

netcap.proto:510

message IPv6HopByHop

netcap.proto:874

Used in: IPv6

message IPv6HopByHopOption

netcap.proto:881

Used in: IPv6HopByHop

message IPv6HopByHopOptionAlignment

netcap.proto:889

Used in: IPv6HopByHopOption

message InterAreaPrefixLSA

netcap.proto:1331

Used in: LSA

message InterAreaRouterLSA

netcap.proto:1338

Used in: LSA

message IntraAreaPrefixLSA

netcap.proto:1311

Used in: LSA

message LCM

netcap.proto:1140

LCM (Lightweight Communications and Marshalling) is a set of libraries and tools for message passing and data marshalling, targeted at real-time systems where high-bandwidth and low latency are critical. It provides a publish/subscribe message passing model and automatic marshalling/unmarshalling code generation with bindings for applications in a variety of programming languages. References https://lcm-proj.github.io/ https://github.com/lcm-proj/lcm

message LLC

netcap.proto:787

LLC is the layer used for 802.2 Logical Link Control headers. See http://standards.ieee.org/getieee802/download/802.2-1998.pdf

message LLDPCapabilities

netcap.proto:422

Used in: LLDPSysCapabilities

message LLDPChassisID

netcap.proto:378

Used in: LinkLayerDiscovery

message LLDPMgmtAddress

netcap.proto:436

Used in: LinkLayerDiscoveryInfo

message LLDPOrgSpecificTLV

netcap.proto:444

Used in: LinkLayerDiscoveryInfo

message LLDPPortID

netcap.proto:383

Used in: LinkLayerDiscovery

message LLDPSysCapabilities

netcap.proto:417

Used in: LinkLayerDiscoveryInfo

message LSA

netcap.proto:1284

The link-state advertisement (LSA) is a basic communication means of the OSPF routing protocol for the Internet Protocol (IP). It communicates the router's local routing topology to all other local routers in the same OSPF area. OSPF is designed for scalability, so some LSAs are not flooded out on all interfaces, but only on those that belong to the appropriate area. In this way detailed information can be kept localized, while summary information is flooded to the rest of the network. The original IPv4-only OSPFv2 and the newer IPv6-compatible OSPFv3 have broadly similar LSA types.

Used in: LSUpdate

message LSAPrefix

netcap.proto:1392

Used in: IntraAreaPrefixLSA, LinkLSA

message LSAheader

netcap.proto:1268

Used in: DbDescPkg, LSA, OSPFv2, OSPFv3

message LSReq

netcap.proto:1300

Used in: OSPFv2, OSPFv3

message LSUpdate

netcap.proto:1306

Used in: OSPFv2, OSPFv3

message LinkLSA

netcap.proto:1384

Used in: LSA

message LinkLayerDiscovery

netcap.proto:370

The Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol used by network devices for advertising their identity, capabilities, and neighbors on a local area network based on IEEE 802 technology, principally wired Ethernet. The protocol is formally referred to by the IEEE as Station and Media Access Control Connectivity Discovery specified in IEEE 802.1AB and IEEE 802.3 section 6 clause 79. LLDP performs functions similar to several proprietary protocols, such as Cisco Discovery Protocol, Foundry Discovery Protocol, Nortel Discovery Protocol and Link Layer Topology Discovery.

message LinkLayerDiscoveryInfo

netcap.proto:406

message LinkLayerDiscoveryValue

netcap.proto:388

Used in: LinkLayerDiscovery, LinkLayerDiscoveryInfo

message MPLS

netcap.proto:1156

message Mail

netcap.proto:1869

message MailPart

netcap.proto:1893

Used in: Mail

message Modbus

netcap.proto:1173

Modbus is a serial communications protocol originally published by Modicon (now Schneider Electric) in 1979 for use with its programmable logic controllers (PLCs). Modbus has become a de facto standard communication protocol and is now a commonly available means of connecting industrial electronic devices. Modbus is popular in industrial environments because it is openly published and royalty-free. It was developed for industrial applications, is relatively easy to deploy and maintain compared to other standards, and places few restrictions other than the size on the format of the data to be transmitted. The Modbus uses the RS485 as its physical layer. It is possible to use the DC-BUS as power line communication physical layer to save wires.

message NTP

netcap.proto:800

The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use. NTP was designed by David L. Mills of the University of Delaware.

message NetworkLSA

netcap.proto:1379

Used in: LSA

message NortelDiscovery

netcap.proto:1660

The Nortel Discovery Protocol (NDP) is a Data Link Layer (OSI Layer 2) network protocol for discovery of Nortel networking devices and certain products from Avaya and Ciena. The device and topology information may be graphically displayed network management software.

message OSPFv2

netcap.proto:1193

Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS). OSPFv2 is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4.

message OSPFv3

netcap.proto:1248

Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS). The updates for IPv6 are specified as OSPF Version 3 in RFC 5340 (2008).

message POP3

netcap.proto:1858

message POP3Request

netcap.proto:1900

message POP3Response

netcap.proto:1905

message PacketContext

netcap.proto:191

message Port

netcap.proto:1730

Port models a transport layer port and basic stats such as the number of packets, bytes transferred and protocol type.

Used in: IPProfile

message PortStats

netcap.proto:1740

Workaround for Go issue with ARM: On both ARM and x86-32, it is the caller's responsibility to arrange for 64-bit alignment of 64-bit words accessed atomically. The first word in a variable or in an allocated struct, array, or slice can be relied upon to be 64-bit aligned. Since we currently dont have control over the generated field order, lets move the counters that are accessed atomically into a dedicated structure

Used in: Port

message Protocol

netcap.proto:1762

Used in: IPProfile

message Router

netcap.proto:1358

Used in: RouterLSA

message RouterLSA

netcap.proto:1352

Used in: LSA

message RouterLSAV2

netcap.proto:1366

Used in: LSA

message RouterV2

netcap.proto:1372

Used in: RouterLSAV2

message SCTP

netcap.proto:632

message SIP

netcap.proto:823

The Session Initiation Protocol (SIP) is a signalling protocol used for initiating, maintaining, and terminating real-time sessions that include voice, video and messaging applications

message SMTP

netcap.proto:1806

Simple Mail Transfer Protocol

message SMTPCommand

netcap.proto:1800

SMTPCommand represents a SMTP command

message SMTPRequest

netcap.proto:1793

SMTPRequest

message SMTPResponse

netcap.proto:1786

SMTPResponse SMTP response type with status code and parameter

message SNAP

netcap.proto:898

SNAP is used inside LLC. See http://standards.ieee.org/getieee802/download/802-2001.pdf. From http://en.wikipedia.org/wiki/Subnetwork_Access_Protocol: "[T]he Subnetwork Access Protocol (SNAP) is a mechanism for multiplexing, on networks using IEEE 802.2 LLC, more protocols than can be distinguished by the 8-bit 802.2 Service Access Point (SAP) fields."

message SSH

netcap.proto:1954

message Service

netcap.proto:1926

message Software

netcap.proto:1910

Used in: Exploit, Vulnerability

message TCP

netcap.proto:598

The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network. Major internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP, which is part of the Transport Layer of the TCP/IP suite. SSL/TLS often runs on top of TCP.

message TCPOption

netcap.proto:626

Used in: TCP

message TLSClientHello

netcap.proto:979

message TLSServerHello

netcap.proto:1012

enum Type

netcap.proto:53

Used in: Batch, Header

message UDP

netcap.proto:577

The User Datagram Protocol (UDP) is one of the core members of the Internet protocol suite. The protocol was designed by David P. Reed in 1980 and formally defined in RFC 768. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol (IP) network. Prior communications are not required in order to set up communication channels or data paths.

message USB

netcap.proto:1101

Universal Serial Bus (USB) is an industry standard that establishes specifications for cables and connectors and protocols for connection, communication and power supply between computers, peripheral devices and other computers. Released in 1996, the USB standard is currently maintained by the USB Implementers Forum (USB-IF). There have been four generations of USB specifications: USB 1.x, USB 2.0, USB 3.x and USB4.

message USBRequestBlockSetup

netcap.proto:1124

message VRRPv2

netcap.proto:1521

The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available Internet Protocol (IP) routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.

message VXLAN

netcap.proto:1086

VXLAN is a VXLAN packet header

message Vulnerability

netcap.proto:1964