Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Protocol numbers in firewalls

Hi,

I need to discover protocol name from protocol numbers that is available in Cisco ASA NSEL flows.

Got the below info from a cisco document:

table 1:

ProtoName      ProtoNumber

----------      --------------

icmp                  1
igmp                  2
ipinip                 4
tcp                   6
igrp                   9
udp                   17
gre or pptp         47
esp or ipsec        50
ah                     51
icmp6                58
eigrp                 88
ospf                  89
nos                   94
pim                   103
pcp                  108
snp                  109

Source: http://www.cisco.com/en/US/docs/security/pix/pix62/command/reference/intro.html#wp1031557

But Internet Assigned Numbers Authority http://www.iana.org/assignments/protocol-numbers , gives me the below specifications:

table 2:

Decimal  Keyword          Protocol                                 References
-------  ---------------  ---------------------------------------  ------------------
0        HOPOPT           IPv6 Hop-by-Hop Option                   [RFC1883]
1        ICMP             Internet Control Message                 [RFC792]
2        IGMP             Internet Group Management                [RFC1112]
3        GGP              Gateway-to-Gateway                       [RFC823]
4        IP               IP in IP (encapsulation)                 [RFC2003]
5        ST               Stream                                   [RFC1190][RFC1819]
6        TCP              Transmission Control                     [RFC793]
7        CBT              CBT                                      [Ballardie]
8        EGP              Exterior Gateway Protocol                [RFC888][DLM1]
9        IGP              any private interior gateway             [IANA]
                          (used by Cisco for their IGRP) 
10       BBN-RCC-MON      BBN RCC Monitoring                       [SGC]
11       NVP-II           Network Voice Protocol                   [RFC741][SC3]
12       PUP              PUP                                      [PUP][XEROX]
13       ARGUS            ARGUS                                    [RWS4]
14       EMCON            EMCON                                    [BN7]
15       XNET             Cross Net Debugger                       [IEN158][JFH2]
16       CHAOS            Chaos                                    [NC3]
17       UDP              User Datagram                            [RFC768][JBP]
18       MUX              Multiplexing                             [IEN90][JBP]
19       DCN-MEAS         DCN Measurement Subsystems               [DLM1]
20       HMP              Host Monitoring                          [RFC869][RH6]

and the above table keeps on growing. To see the entire list click here.

Do firewalls report for all the protcols listed by IANA, or Is it enough to see the Protocol numbers listed in table1?

Kindly clarify me.

Many Thanks
Senthil.S

  • Firewalling
1 REPLY
New Member

Re: Protocol numbers in firewalls

In the flow the NF_F_PROTOCOL field uses only the protocol number. ASA will translate the number to the name and vice-versa if it is found in the table1. If you happen to see any of the other protocols found in the IANA table you will only see the number and have to translate the name yourself but that should rarely happen.

-Florian

450
Views
0
Helpful
1
Replies
This widget could not be displayed.