u2 binary format question

[Avery Rozar <avery.rozar () insecure-it com>]

In the snort_manual.pdf for 2.9.x it does not mention anything about the 2
extra bytes for "policy_id" before the 2 bytes of padding in the U2(V2)
Event .
(Question): Is it safe to assume this was just missed in the documentation
and I can move forward with the 2 bytes for "policy_id"?

Also, the U2 packet does not mention anything about the extra 4 bytes for
"packet seconds".
(Question): Is is also safe to assume this was just missed in the
documentation and I can move forward with the 4 bytes for "packet seconds"?
Is this the same for U2 extra data as well?


Thanks,
Avery Rozar

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!