Hey all,
Not getting much luck asking around so I thought I will ask here too.
Right, my current project is working with decoding SNMP messages (a.k.a data payload field within UDP datagrams). Everything is working dandy, as in I can break up the header, split everything up so I am left with the parts I need.
I can mix and match the data types and values from the SNMP message (working on TLV structure, type, length value). I can output the hexadecimal values, ASCII values to a text file which is nice.
However, I need to be able to deal with the byte's value in order to determine the next sequence (a.k.a its field length); so I need to be able to see whether a bit signal is marked or not. If a byte is greater than 127 it means the most significant bit is marked (to signal that there is more data coming); so I need to be able to identify this.
At the moment I have received datagrams into a char array and I have been working through this array (bitwise operations to find hex values etc).
However, what I am unsure of is why I cannot output a byte whose value is greater than 127. I am simply TEXT_FILE << (unsigned int) ARRAY[X].
To give some indication of what I mean see a bit of my output below (snippet):
Hexadecimal and ASCII values of array[?]
Code:
30 82 00 A3 02 01 00 04 0C 4D 4F 4E 49 54 4F 52 0........MONITOR
Decimal of array[?] (8-bit)
Code:
48 4294967170 0 4294967203 2 1 0 4 12 77 79 78 73 84 79 82
Actual file output; so you know what my program does at the moment
Code:
_________________________________UDP Packet_________________________________
_IP HEADER_
IP Version: 4
IP Header Length: 5 DWORDS or 20 Bytes
Type Of Service: 0
IP Total Length: 195 Bytes(Size of Packet)
Identification: 5932
Reserved ZERO Field: 0
Dont Fragment Field: 0
More Fragment Field: 0
TTL: 128
Protocol: 17
Checksum: 51930
Source IP: 172.16.0.2
Destination IP: 172.16.0.1
_UDP HEADER_
Source Port: 51249
Destination Port: 161
UDP Length: 175
UDP Checksum: 16360
_IP HEADER_
45 00 00 C3 17 2C 00 00 80 11 CA DA AC 10 00 02 E....,..........
AC 10 00 01 ....
_UDP HEADER_
C8 31 00 A1 00 AF 3F E8 .1....?.
_DATA PAYLOAD_
30 82 00 A3 02 01 00 04 0C 4D 4F 4E 49 54 4F 52 0........MONITOR
5F 53 4E 4D 50 A0 82 00 8E 02 02 6B 64 02 01 00 _SNMP......kd...
02 01 00 30 82 00 80 30 82 00 0C 06 08 2B 06 01 ...0...0.....+..
02 01 01 01 00 05 00 30 82 00 0C 06 08 2B 06 01 .......0.....+..
02 01 01 02 00 05 00 30 82 00 0C 06 08 2B 06 01 .......0.....+..
02 01 01 03 00 05 00 30 82 00 0C 06 08 2B 06 01 .......0.....+..
02 01 01 04 00 05 00 30 82 00 0C 06 08 2B 06 01 .......0.....+..
02 01 01 05 00 05 00 30 82 00 0C 06 08 2B 06 01 .......0.....+..
02 01 01 06 00 05 00 30 82 00 0C 06 08 2B 06 01 .......0.....+..
02 01 01 07 00 05 00 30 82 00 0C 06 08 2B 06 01 .......0.....+..
02 01 02 01 00 05 00 .......
Data payload in decimal becomes:
Code:
48 4294967170 0 4294967203 2 1 0 4 12 77 79 78 73 84 79 82 95 83 78 77 80 4294967200 4294967170 0 4294967182 2 2 107 100 2 1 0 2 1 0 48 4294967170 0 4294967168 48 4294967170 0 12 6 8 43 6 1 2 1 1 1 0 5 0 48 4294967170 0 12 6 8 43 6 1 2 1 1 2 0 5 0 48 4294967170 0 12 6 8 43 6 1 2 1 1 3 0 5 0 48 4294967170 0 12 6 8 43 6 1 2 1 1 4 0 5 0 48 4294967170 0 12 6 8 43 6 1 2 1 1 5 0 5 0 48 4294967170 0 12 6 8 43 6 1 2 1 1 6 0 5 0 48 4294967170 0 12 6 8 43 6 1 2 1 1 7 0 5 0 48 4294967170 0 12 6 8 43 6 1 2 1 2 1 0 5 0 48 4294967169 4294967222 2 1 0 4 12 77 79 78 73 84 79 82 95 83 78 77 80 4294967202 4294967169 4294967202 2 2 107 100 2 1 0 2 1 0 48 4294967169 4294967189 48 29 6 8 43 6 1 2 1 1 1 0 4 17 51 67 111 109 32 83 117 112 101 114 83 116 97 99 107 32 51 48 24 6 8 43 6 1 2 1 1 2 0 6 12 43 6 1 4 1 43 10 27 4 1 2 4 48 14 6 8 43 6 1 2 1 1 3 0 67 2 127 64 48 12 6 8 43 6 1 2 1 1 4 0 4 0 48 16 6 8 43 6 1 2 1 1 5 0 4 4 83 78 77 80 48 12 6 8 43 6 1 2 1 1 6 0 4 0 48 13 6 8 43 6 1 2 1 1 7 0 2 1 2 48 13 6 8 43 6 1 2 1 2 1 0 2 1 57
Everything is dandy, except when the value is greater than 127, so 82 and A3 for example (Hex:82 decimal:130 and Hex:A3 decimal: 163).
So I know it is working through each byte correctly, but I don't know why it is having an issue with greater than 127.
Bit pattern 0111 1111 is fine, 127.
Bit pattern 1000 0000 no likey.
If I use signed int the output becomes the largest negative number (-127). So not sure?
RECVFROM() takes a char array
If you'd like to see what I am actually doing see below:
Code:
SEQUENCE: Field Length (Bytes): 197
Integer: 00 00
Octet String: MONITOR_SNMP
GetResponse-PDU: Field Length (Bytes): 380
Integer: 611 611 64 64
Integer: 00 00
Integer: 00 00
SEQUENCE: Field Length (Bytes): 556
SEQUENCE: Field Length (Bytes): 669
Object Identifier: 211 06 01 02 01 01 01 00
Octet String: 3Com SuperS
SEQUENCE: Field Length (Bytes): 30
SEQUENCE: Field Length (Bytes): 18
Object Identifier: 211 06 01 02 01 01 02 00
Object Identifier: 211 06 01 04 01 211 010 111 04 01 02 04
SEQUENCE: Field Length (Bytes): 14
UNKNOWN: 08 08 211 211 06 06 01 01 02 02 01 01
UNKNOWN: 00 00 43 43 02 02
IpAddress: 012 06 08 211 06 01 02 01 01 04 00 04 00 30 10 06 08 211 06 01 02 01 01 05 00 04 04 53 414 413
SEQUENCE: Field Length (Bytes): 12
UNKNOWN: 08 08 211 211 06 06 01 01 02 02 01 01
UNKNOWN: 00 00 04 04 00 00 30 30 013 013 06 06
UNKNOWN:
As you may see my octet string 3Com SuperS is the name of my managed switch, however, the hex of the "length" is 11, which in decimal is actually 17. So it hasn't looped over the values correctly. Problem is, is if this length identifier is bigger than 127 my program will try and loop 4294967169 or something similar.
(Output, I am decoding the data payload field in regards to SNMP messages, so as you can see getting the length right is essential to work out the next data types and values.
Any suggestions? Or a little lesson on what I am doing wrong?
I am a novice programmer so this is my first ever network specific program.
I appreciate this is a pretty big chunk and question to ask, but it seems something so simple is tripping me up.
Thanks,
Regards,
Mike