tcpdump mailing list archives
releases (was Re: understanding filtering )
From: Michael Richardson <mcr () sandelman ottawa on ca>
Date: Tue, 17 Dec 2002 11:43:42 -0500
-----BEGIN PGP SIGNED MESSAGE-----
"Guy" == Guy Harris <guy () netapp com> writes:
Guy> so as long as you're testing bytes at *fixed offset* from the beginning Guy> of the link-layer (e.g., Ethernet), network layer (e.g., IP), or Guy> transport layer (e.g., TCP) header, the libpcap filter syntax can handle Guy> it. To be clear, it is the beginning of the header, right? Guy> Note, however, that the length of the TCP header is not necessarily Guy> fixed length, as it might have options, so if you want to, for example, Guy> filter based on the content of the TCP payload *and* you want it to Guy> handle TCP packets with options, you'd have to construct the BPF filter Guy> code yourself. If someone is playing with BPF filter generate code, having code to skip TCP options would be good... tcp_data[0]... Guy> If you want that on Windows, you'd need, I think, WinPcap 3.0 alpha - I Guy> think 2.3 was based on a version of libpcap that didn't have those Guy> symbolic names. I haven't heard any objections to a code freeze on December 22nd. I hope that we can verify that it builds on many platforms. I know that there are many build lab systems available these days, often from the manufacturers, as well as at sourceforge.net. Would there be a volunteers to do: 1) write a "buildtest.sh" script to include with the tar file, which does ./configure && make, and compares the results with some template on that system. 2) a script which grabs the latest beta.tar (or via anoncvs), and invokes buildtest.sh on each thing. It should optionally POST to a web form about successes. 3) a CGI/pHp script (with a host for it? www.ca.tcpdump.org has php, but no database. I have other hosts) to which one can report build successes. I know that we have, like, 20 platforms on which things should work, not to mention OS revisions.. ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr () sandelman ottawa on ca http://www.sandelman.ottawa.on.ca/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Finger me for keys iQCVAwUBPf9UPIqHRg3pndX9AQHmHgP/avJEqArb+JqH0RfufgCHfBL3eL/rfPfR hUxlirYWiiFgu/lMgAWEVsQVKTI7gROZc83f/8hbz5XJ3jB4g7gCUgsbq/nanNCW TOomhlU9xBqrdTSE9dd4Rbrf3NJfhvuB32x2QWbjwMJ+AMXwTerClBbvrlKXTnvJ DEYdinzZou0= =U7qH -----END PGP SIGNATURE----- - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- understanding filtering Sam Carleton (Dec 16)
- Re: understanding filtering Guy Harris (Dec 16)
- Re: understanding filtering Andrew Brown (Dec 17)
- Re: understanding filtering George Bakos (Dec 17)
- releases (was Re: understanding filtering ) Michael Richardson (Dec 17)
- Re: releases (was Re: understanding filtering ) Guy Harris (Dec 17)
- questions perf about tcpdump->libpcap->freebsd rmkml (Dec 17)
- Re: understanding filtering Guy Harris (Dec 16)