byte_jump:<bytes_to_convert>, <offset> \
[, relative][, multiplier <mult_value>][, <endian>][, string, <number_type>]\
[, align][, from_beginning][, post_offset <adjustment value>][, dce];
bytes = 1 - 10
offset = -65535 to 65535
mult_value = 0 - 65535
post_offset = -65535 to 65535
| Option | Description |
| bytes_to_convert |
Number of bytes to pick up from the packet. The allowed values are 1 to 10 when used without dce. If used with dce allowed values are 1, 2 and 4. |
| offset | Number of bytes into the payload to start processing |
| relative | Use an offset relative to last pattern match |
multiplier  value |
Multiply the number of calculated bytes by
value and skip forward that number of bytes. |
| big | Process data as big endian (default) |
| little | Process data as little endian |
| string | Data is stored in string format in packet |
| hex | Converted string data is represented in hexadecimal |
| dec | Converted string data is represented in decimal |
| oct | Converted string data is represented in octal |
| align | Round the number of converted bytes up to the next 32-bit boundary |
| from_beginning | Skip forward from the beginning of the packet payload instead of from the current position in the packet. |
|
post_offset value |
Skip forward or backwards (positive of
negative value) by value number of bytes after the other jump
options have been applied. |
| dce | Let the DCE/RPC 2 preprocessor determine the byte order of the value to be converted. See section 2.2.15 for a description and examples (2.2.15 for quick reference). |