How to Analyze Network Protocols, Learn More >>

Being able to support more than 300 protocols in the latest version, Capsa Network Sniffer make it easy to analyze protocols in network and understand what is happening.

Recommend Network Analysis Software >>


RFC 2748 http://tools.ietf.org/html/rfc2748

The COPS (Common Open Policy Service) protocol describes a simple query and response protocol that can be used to exchange policy information between a policy server (Policy Decision Point or PDP) and its clients (Policy Enforcement Points or PEPs). It is designed to be extensible so that other kinds of policy clients may be supported in the future. The model does not make any assumptions about the methods of the policy server, but is based on the server returning decisions to policy requests. Each message consists of the COPS header followed by a number of typed objects.

The structure of the COPS header is:

Version
4 bits
Flags
4 bits
Op Code
8 bits
Client-type
16 bits
Message Length 32 bits
COPS Header structure

Version
The version field specifies the COPS version number. The current version is 1.

Flags
The defined flag values is 1 a Solicited Message Flag Bit. This flag is set when the message is solicited by another COPS message.(all other flags MUST be set to 0).

Op Code
Code identifying the COPS operations:
1          Request (REQ)
2          Decision (DEC)
3          Report State (RPT)
4          Delete Request State (DRQ)
5          Synchronize State Req (SSQ)
6          Client-Open (OPN)
7          Client-Accept (CAT)
8          Client-Close (CC)
9          Keep-Alive (KA)
10        Synchronize Complete (SSC)

Client-type
The Client-type identifies the policy client. Interpretation of all encapsulated objects is relative to the client-type.

Message length
Size of message in octets, which includes the standard COPS header and all encapsulated objects. Messages MUST be aligned on 4 octet intervals.

COPS Specific Object formats
After the COPS header comes all encapsulated objects that follow the same object format.

Each object consists of one or more 32-bit words with a four-octet header, using the following format:

Length (octets) C-Num C-Type
  (Object contents)
COPS specific object formats

Length
The length is a two-octet value that describes the number of octets (including the header) that compose the object. If the length in octets does not fall on a 32-bit word boundary, padding MUST be added to the end of the object so that it is aligned to the next 32- bit boundary before the object can be sent on the wire. On the receiving side, a subsequent object boundary can be found by simply rounding up the previous stated object length to the next 32-bit boundary.

C-Num
Identifies the class of information contained in the object.

The possible values for the C-number are

C-Num Object Contents
1 Handle
2 Context
3 In Interface
4 Out Interface
5 Reason code
6 Decision
7 LDP Decision
8 Error
9 Client Specific Info
10 Keep-Alive Timer
11 PEP Identification
12 Report Type
13 PDP Redirect Address
14 Last PDP Address
15 Accounting Timer
16 Message Integrity

C-type
Identifies the subtype or version of the information contained in the object.

Object contents
The value appearing in the C-Num fields, defines the type of object contents. See the list above for possible object contents.

Vulnerabilities for this protocol (from CVE)

CVE ID Protocol Source Port Targetport

TCP/IP Protocols:

AHARP/RARPATMPBGP-4COPSDCAPDHCPDNS
DVMRPEGPEIGRPESPFANPFingerFTPHSRP
HTTPICMPICMPv6IGMPIGRPIMAP4IPIPDC
IPv6ISAKMPL2FL2TPLDAPMARSMobile IPNARP
NetBIOS/IPNHRPNTPOSPFPIMPOP3PPTPRadius
RIP2RIPng for IPv6RLOGINRSVPRTSPRUDPS-HTTPSCTP
SLPSMTPSNMPSOCKS V5TACACSTALITCPTELNET
TFTPUDPVan JacobsonVRRPWCCPX-WindowXOT