| 1 |
4ae45b10
|
Ermal Luçi
|
# SNMP - Simple Network Management Protocol - RFC 1157
|
| 2 |
|
|
# Pattern attributes: good veryfast fast superset
|
| 3 |
|
|
# Protocol groups: networking ietf_internet_standard
|
| 4 |
|
|
# Wiki: http://www.protocolinfo.org/wiki/SNMP
|
| 5 |
66f2dd0e
|
Ermal Lu?i
|
# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE
|
| 6 |
4ae45b10
|
Ermal Luçi
|
#
|
| 7 |
|
|
# Usually runs on UDP ports 161 (monitoring) and 162 (traps).
|
| 8 |
|
|
#
|
| 9 |
|
|
# These filters match SNMPv1 packets without fail, and are made as
|
| 10 |
|
|
# specific as possible not to match any ASN.1 encoded protocols. However
|
| 11 |
|
|
# these could still be matched by other protocols that use ASN.1 encoding
|
| 12 |
|
|
|
| 13 |
|
|
# Contributed by Goli SriSairam <goli_sai AT yahoo.com>
|
| 14 |
|
|
|
| 15 |
|
|
# This pattern has been tested and is believed to work well.
|
| 16 |
|
|
|
| 17 |
|
|
# All SNMPv1 traffic. See snmp-mon.pat and snmp-trap.pat for details.
|
| 18 |
|
|
snmp
|
| 19 |
|
|
^\x02\x01\x04.+([\xa0-\xa3]\x02[\x01-\x04].?.?.?.?\x02\x01.?\x02\x01.?\x30|\xa4\x06.+\x40\x04.?.?.?.?\x02\x01.?\x02\x01.?\x43)
|