"call_id": 2
}
+Event type: BITTORRENT-DHT
+--------------------------
+
+Common fields:
+~~~~~~~~~~~~~~
+
+* "transaction_id" (string): the unique id of the transaction, generated by node making the request (a.k.a the querying node). Same transaction_id is echoed back by responding nodes. Usually a short string of binary numbers.
+* "client_version" (string): string which identifies the type and version of the bittorrent-dht client. Some implementations may be missing this field.
+
+Extra fields:
+~~~~~~~~~~~~~
+Packets should also contain one of either the fields:
+
+| error
+
+* "error": details of an error which occurred while processing the request
+ * "error.num" (num): the error code
+ * "error.msg" (string): the error message
+
+| request_type and request
+
+* "request_type" (string): the type of the request (a.k.a. the query). Included if this packet was a request
+* "request": a request (a.k.a. a query) sent by the bittorrent-dht client
+ * "request.id" (string): the node ID of the node which sent the request (20-byte string in network byte order)
+ * "request.target" (string): the target node ID. Used by the find_node request_type
+ * "request.info_hash" (string): info hash of target torrent (20-byte string). Used by the get_peers and announce_peer request_types
+ * "request.token" (string): token key received from previous get_peers request. Used by the announce_peer request type
+ * "request.implied_port" (num): 0 or 1, if 1 ignore provided port and use source port of UDP packet. Used by the announce_peer request_type
+ * "request.port" (num): port on which peer will download torrent. Used by the announce_peer request_type
+
+| response
+
+* "response": a response to the client's request
+ * "response.id" (string): the node ID of the node which sent the response (20-byte string in network byte order)
+ * "response.nodes" (string): find_node/get_peers - compact node info for target node or K(8) closest good nodes in routing table
+ * "response.values" (array): list of compact peer info strings. Used by the get_peers request_type
+ * "response.token" (string): token key required for sender's future announce_peer query
+
+Examples:
+~~~~~~~~~
+
+Ping and response::
+
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "request_type": "ping",
+ "request": {
+ "id": "abcdefghij0123456789"
+ }
+ }
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "response": {
+ "id": "mnopqrstuvwxyz123456"
+ }
+ }
+
+Find_node and response::
+
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "client_version": "UT01",
+ "request_type": "find_node",
+ "request": {
+ "id": "abcdefghij0123456789",
+ "target": "mnopqrstuvwxyz123456"
+ }
+ }
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "client_version": "UT01",
+ "response": {
+ "id": "0123456789abcdefghij",
+ "nodes": "def456..."
+ }
+ }
+
+Get_peers and response with values param::
+
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "request_type": "get_peers",
+ "request": {
+ "id": "abcdefghij0123456789",
+ "info_hash": "mnopqrstuvwxyz123456"
+ }
+ }
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "client_version": "UT12",
+ "response": {
+ "id": "abcdefghij0123456789",
+ "values": [
+ "axje.u",
+ "idhtnm"
+ ],
+ "token": "aoeusnth"
+ }
+ }
+
+Get_peers and response with nodes param::
+
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "request_type": "get_peers",
+ "request": {
+ "id": "abcdefghij0123456789",
+ "info_hash": "mnopqrstuvwxyz123456"
+ }
+ }
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "response": {
+ "id": "abcdefghij0123456789",
+ "nodes": "def456...",
+ "token": "aoeusnth"
+ }
+ }
+
+Announce_peer and response::
+
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "request_type": "announce_peer",
+ "request": {
+ "id": "abcdefghij0123456789",
+ "info_hash": "mnopqrstuvwxyz123456",
+ "token": "aoeusnth",
+ "port": 6881
+ }
+ }
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "response": {
+ "id": "mnopqrstuvwxyz123456"
+ }
+ }
+
+Announce_peer with implied_port param and response::
+
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "request_type": "announce_peer",
+ "request": {
+ "id": "abcdefghij0123456789",
+ "info_hash": "mnopqrstuvwxyz123456",
+ "token": "aoeusnth",
+ "implied_port": 1,
+ "port": 6881
+ }
+ }
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "response": {
+ "id": "mnopqrstuvwxyz123456"
+ }
+ }
+
+Sample error responses::
+
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "error": {
+ "num": 201,
+ "msg": "A Generic Error Ocurred"
+ }
+ }
+ "bittorrent-dht": {
+ "transaction_id": "aa",
+ "error": {
+ "num": 203,
+ "msg": "Malformed Packet"
+ }
+ }
+
NTLMSSP fields
~~~~~~~~~~~~~~
projects / thirdparty / suricata.git / commitdiff
