I have written several custom parsers, all of which extract source/dest IP and port from raw messages. They're all working fine in that respect.
What I need is for the MARS to also parse out the "protocol" value, which isn't present in the messages as they apply exclusively to TCP traffic. Can I have the MARS match on some arbitrary string and put a constant into the "protocol" field, rather than attempt to parse it out from the raw message?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...