Common fields:
~~~~~~~~~~~~~~
-* "transaction_id" (string): the unique id of the transaction, generated by node making the request (a.k.a the querying node). Same transaction_id is echoed back by responding nodes. Usually a short string of binary numbers.
-* "client_version" (string): string which identifies the type and version of the bittorrent-dht client. Some implementations may be missing this field.
+* "transaction_id" (hex): the unique id of the transaction, generated by node making the request (a.k.a the querying node). Same transaction_id is echoed back by responding nodes.
+* "client_version" (hex): identifies the type and version of the bittorrent-dht client. Some implementations may be missing this field.
Extra fields:
~~~~~~~~~~~~~
* "request_type" (string): the type of the request (a.k.a. the query). Included if this packet was a request
* "request": a request (a.k.a. a query) sent by the bittorrent-dht client
- * "request.id" (string): the node ID of the node which sent the request (20-byte string in network byte order)
- * "request.target" (string): the target node ID. Used by the find_node request_type
- * "request.info_hash" (string): info hash of target torrent (20-byte string). Used by the get_peers and announce_peer request_types
- * "request.token" (string): token key received from previous get_peers request. Used by the announce_peer request type
+ * "request.id" (hex): the node ID of the node which sent the request (20 bytes in network byte order)
+ * "request.target" (hex): the target node ID. Used by the find_node request_type
+ * "request.info_hash" (hex): info hash of target torrent (20 bytes). Used by the get_peers and announce_peer request_types
+ * "request.token" (hex): token key received from previous get_peers request. Used by the announce_peer request type
* "request.implied_port" (num): 0 or 1, if 1 ignore provided port and use source port of UDP packet. Used by the announce_peer request_type
* "request.port" (num): port on which peer will download torrent. Used by the announce_peer request_type
| response
* "response": a response to the client's request
- * "response.id" (string): the node ID of the node which sent the response (20-byte string in network byte order)
- * "response.nodes" (string): find_node/get_peers - compact node info for target node or K(8) closest good nodes in routing table
+ * "response.id" (hex): the node ID of the node which sent the response (20 bytes in network byte order)
+ * "response.nodes" (array): find_node/get_peers - a list of info objects for target node or K(8) closest good nodes in routing table
+ * "response.nodes6" (array): find_node/get_peers - a list of info objects for target node or K(8) closest good nodes in routing table (ipv6)
* "response.values" (array): list of compact peer info strings. Used by the get_peers request_type
- * "response.token" (string): token key required for sender's future announce_peer query
+ * "response.token" (hex): token key required for sender's future announce_peer query
+
+| node object
+
+* "id" (hex): node ID
+* "ip" (string): IPv4 or IPv6 address of node
+* "port" (integer): node port
+
+| peer object (values array)
+
+* "ip" (string): IPv6 or IPv6 address of node
+* "port" (integer): node port
Examples:
~~~~~~~~~
Ping and response::
"bittorrent_dht": {
- "transaction_id": "aa",
+ "transaction_id": "0c17",
+ "client_version": "4c540126",
"request_type": "ping",
"request": {
- "id": "abcdefghij0123456789"
+ "id": "41aff1580119f074e2f537f231f12adf684f0d1f"
}
}
+
"bittorrent_dht": {
- "transaction_id": "aa",
+ "transaction_id": "0c17",
+ "client_version": "5554b50c",
"response": {
- "id": "mnopqrstuvwxyz123456"
+ "id": "42aeb304a0845b3b9ee089327b48967b8e87b2e2"
}
}
Find_node and response::
"bittorrent_dht": {
- "transaction_id": "aa",
- "client_version": "UT01",
+ "transaction_id": "420f0000",
+ "client_version": "5554b50c",
"request_type": "find_node",
"request": {
- "id": "abcdefghij0123456789",
- "target": "mnopqrstuvwxyz123456"
- }
- }
- "bittorrent_dht": {
- "transaction_id": "aa",
- "client_version": "UT01",
- "response": {
- "id": "0123456789abcdefghij",
- "nodes": "def456..."
+ "id": "37579bad1bad166af4329508096fae8c553c6cf4",
+ "target": "37579bad1bad166af4329508096fae8c553c6cf4"
}
}
Get_peers and response with values param::
"bittorrent_dht": {
- "transaction_id": "aa",
+ "transaction_id": "05e4",
+ "client_version": "4c540126",
"request_type": "get_peers",
"request": {
- "id": "abcdefghij0123456789",
- "info_hash": "mnopqrstuvwxyz123456"
+ "id": "41aff1580119f074e2f537f231f12adf684f0d1f",
+ "info_hash": "19a6fcfcba6cc2c6d371eb754074d095adb5d291"
}
}
"bittorrent_dht": {
- "transaction_id": "aa",
- "client_version": "UT12",
+ "transaction_id": "05e4",
+ "client_version": "555462d6",
"response": {
- "id": "abcdefghij0123456789",
+ "id": "19a6f98be177e32e7b5bd77276d529f03e3ba8a9",
"values": [
- "axje.u",
- "idhtnm"
+ {
+ "ip": "45.238.190.2",
+ "port": 6881
+ },
+ {
+ "ip": "185.70.52.245",
+ "port": 51215
+ },
+ {
+ "ip": "45.21.238.247",
+ "port": 55909
+ },
+ {
+ "ip": "62.28.248.195",
+ "port": 6881
+ }
],
- "token": "aoeusnth"
+ "token": "c17094641ca8844d711120baecb2b5cf25435614"
}
}
Get_peers and response with nodes param::
- "bittorrent_dht": {
- "transaction_id": "aa",
+ "bittorrent_dht": {
+ "transaction_id": "44e6",
+ "client_version": "4c540126",
"request_type": "get_peers",
"request": {
- "id": "abcdefghij0123456789",
- "info_hash": "mnopqrstuvwxyz123456"
+ "id": "41aff1580119f074e2f537f231f12adf684f0d1f",
+ "info_hash": "19a6fcfcba6cc2c6d371eb754074d095adb5d291"
}
}
+
"bittorrent_dht": {
- "transaction_id": "aa",
+ "transaction_id": "44e6",
"response": {
- "id": "abcdefghij0123456789",
- "nodes": "def456...",
- "token": "aoeusnth"
+ "id": "19a7c8f4f6d14d9f87a67671720633e551f30cb7",
+ "values": [
+ {
+ "ip": "45.22.252.153",
+ "port": 36798
+ },
+ {
+ "ip": "94.41.206.37",
+ "port": 30850
+ },
+ {
+ "ip": "84.228.120.50",
+ "port": 6881
+ },
+ {
+ "ip": "178.81.206.84",
+ "port": 12373
+ },
+ {
+ "ip": "110.188.93.186",
+ "port": 22223
+ }
+ ],
+ "token": "c897ee539e02a54595b4d7cfb6319ad48e71b282"
}
}
Announce_peer with implied_port param and response::
"bittorrent_dht": {
- "transaction_id": "aa",
+ "transaction_id": "7fe9",
+ "client_version": "4c540126",
"request_type": "announce_peer",
"request": {
- "id": "abcdefghij0123456789",
- "info_hash": "mnopqrstuvwxyz123456",
- "token": "aoeusnth",
+ "id": "51bc83f53417a62a40e8a48170cad369a13fef3c",
+ "info_hash": "19a6fcfcba6cc2c6d371eb754074d095adb5d291",
+ "token": "cacbef35",
"implied_port": 1,
- "port": 6881
+ "port": 54892
}
}
+
"bittorrent_dht": {
- "transaction_id": "aa",
+ "transaction_id": "7fe9",
+ "client_version": "4c54012f",
"response": {
- "id": "mnopqrstuvwxyz123456"
+ "id": "19a66dece45e0288ab75d141e0255738a1ce8508"
}
}
projects / thirdparty / suricata.git / commitdiff
