This document provides a complete introduction to NetPDL, a Markup Language that aims to describe Protocols from OSI layer 2 to OSI layer 7. NetPDL is an acronym that stands for Network Protocol Description Language. Network Protocol stands for Cell, Frame, Packet or PDU, while Description Language means that different tools can use the same description to accomplish different tasks. This document assumes that the reader is familiar with the format of the most commonly used network protocols.
Several applications need to know the format of network packets for performing their job. An incomplete list of applications includes routing (it needs to locate the appropriate fields into the packet for the forwarding process), access lists (they must check if a set of conditions applies to some fields of the current packet), network address translators, firewalls, intrusion detection systems, packet sniffers (they need to filter packets according to some fields, then they need to decode the content of each packet), and more. Currently, each application defines its own database of protocols in order to be able to locate the selected fields into the packet or to decode the packet completely. This means that each application uses its own format, that any update must be repeated for every applications, and that the user that is interested in experimenting a new network protocol needs to modify several applications in order to play with it.
The NetPDL (Network Protocols Description Language) language is an XML-based language that aims at filling this gap by creating a unique database of protocols that can be used by all the applications. The NetPDL language aims at describing the basic features of each protocol (for instance the protocol fields and the protocol encapsulation). Additionally, a set of optional specifications can be defined for some specific tasks: the NetPDL Visualization Extension aims at defining how to print a decoded protocol (for instance, a 32 bit number representing an IP address should be visualized in the dotted-decimal form), and more. Each NetPDL engine must be able to parse the NetPDL Specification, while it can be able to understand only the optional parts that are of interest of that application.
The NetPDL language is easily extendible according to the needs of some particular application, its syntax is easy to understand, and the parsing is very simple thanks to the existing XML technologies. A first implementation of a NetPDL engine (and a NetPDL database) can be found in the NetBee library NetBee library, which is used by the Analyzer 3.0 network sniffer.
The objectives of this work are the following:
- this language should be easily extensible; this can be done by defining a common part (the NetPDL Core Specification) plus a set of additional specifications that can be used by a subset of the NetPDL applications (like the ones that list all the protocols and the fields contained into a network packet);
- the language should be intuitive, i.e. the syntax and the elements should be easily understood also without a detailed knowledge of the NetPDL specification.
This document refers to NetPDL version 0.2 (last update 06-Feb-2007) For any comments, please send an email to ''info.nbee at gmail.com''. Warning: this is an early draft specification and it is subject to change. The reader must take care not to consider this document as a final specification.
The NetPDL language is defined in the following documents:
- NetPDL Core Specification: this is the master document that defines the NetPDL specification related to the protocol description (i.e. how a protocol header looks like)
- NetPDL Expressions: it contains all the primitives related to NetPDL expressions, i.e. the language primitives that can be used to create boolean, mathematical and string expressions
- NetPDL Advanced Primitives: it contains some advanced NetPDL primitives that are targeted mainly to application-layer processing. Due to the complexity of this task, the reader should understand the basic NetPDL specification prior to attacking this document.
Additionally, the NetPDL language includes a set of optional specifications that can be used for some set of applications. Currently, there are the following optional specifications:
- NetPDL Visualization Extensions: this document presents some specific NetPDL commands that help visualizing a decoded packet (for example to print the IP address in a dotted-decimal form)
The NetPDL can interact with some other XML-derived languages:
- PDML Specification: it defines a very simple XML-derived language that has been defined to create a detailed view of each decoded packet that belongs to a capture.
- PSML Specification: it defines a very simple XML-derived language that has been defined to create a summary view of all the packets belonging to a capture.
Finally, the Change Log is available.
A list of NetPDL-related publications can be found following this link.
The database of the protocols currently described in NetPDL can be found following this link.
Individual protocol dissectors are included in the NetBee source code and are available in the main repository of the library. Please modify directly the files in the repository (or, if you don't have the permissions, send the modifications to the NetBee maintainers) in order to include new protocols in the NetBee library.
The XML schema definition of the NetPDL language can be found at the XSD Schema Page.
The license of the NetPDL language can be found at the Language License Page.