Identifying unknown packet type
I have a data dump containing packets which I cannot identify the type of. I'm hoping someone here maybe has some idea of what it is. The data comes from a client's satellite link and cannot be shared unfortunately.
Encapsulation
Each packet is encapsulated by 0x7E flags and a standard CCITT-CRC16 code. This is the same as HDLC packets. Idle flags are 0xFF, which is not standard HDLC (which uses 0x7E). As an example:
FF FF FF 7E [PACKET DATA] CRC1 CRC2 7E FF FF FF FF .. FF 7E [PACKET DATA] CRC1 CRC2 7E FF ..
Packet description
I've managed to decipher some of the packet structure so far. This is what I've got:
- packet lead is 0x1841
- next byte indicates the number of segments in the packet
- next byte appears to be a type indicator (only 0x01, 0x02, 0x03 appear - each 'type' seems to transmit different data (the segment lengths for each type have a different distribution)
- followed by N segments, where each segment starts with a variable length uint indicating number of bytes in the segment
Example (including 'HDLC' flags and CRC):
7E 18 41 N T [SEGMENT 1..N] CRC1 CRC2 7E
where N is the number of segments and T the type. A segment example:
N X1 X2 .. XN
where N is the segment length and X are the segment data bytes.
Has anyone seen something similar? Or is there perhaps a better forum/place to ask for help for this?