The following parameters can be used to check ICMP header properties:
|
Name |
Description |
|---|---|
|
.icmp.type |
Checking ICMP type. The following operators are supported: =, !=. |
|
.icmp.code |
Checking ICMP code value. The following operators are supported: =, !=. |
|
.icmp.id |
Checking ICMP ID value. The following operators are supported: =, !=. |
|
.icmp.checksum |
Verifying the checksum which is used when errors are detected. The following operators are supported: <, >, <=, >=, =, !=. |
|
.icmp.data_size |
Checking the size of the data field of the packet. This parameter is used to detect packets of abnormal size which are often used to cause buffer overflow. The following operators are supported: <, >, <=, >=, =, !=. When multiple conditions are set, they are combined using AND logical operator. |