releases (was Re: understanding filtering )

[Michael Richardson <mcr () sandelman ottawa on ca>]

-----BEGIN PGP SIGNED MESSAGE-----


> > > > > "Guy" == Guy Harris <guy () netapp com> writes:
    Guy> so as long as you're testing bytes at *fixed offset* from the beginning
    Guy> of the link-layer (e.g., Ethernet), network layer (e.g., IP), or
    Guy> transport layer (e.g., TCP) header, the libpcap filter syntax can handle
    Guy> it.
  
  To be clear, it is the beginning of the header, right?

    Guy> Note, however, that the length of the TCP header is not necessarily
    Guy> fixed length, as it might have options, so if you want to, for example,
    Guy> filter based on the content of the TCP payload *and* you want it to
    Guy> handle TCP packets with options, you'd have to construct the BPF filter
    Guy> code yourself.

  If someone is playing with BPF filter generate code, having code to skip
TCP options would be good...

  tcp_data[0]...

    Guy> If you want that on Windows, you'd need, I think, WinPcap 3.0 alpha - I
    Guy> think 2.3 was based on a version of libpcap that didn't have those
    Guy> symbolic names.

  I haven't heard any objections to a code freeze on December 22nd.

  I hope that we can verify that it builds on many platforms. I know that
there are many build lab systems available these days, often from the
manufacturers, as well as at sourceforge.net. 

  Would there be a volunteers to do:
        1) write a "buildtest.sh" script to include with the tar file,
           which does ./configure && make, and compares the results 
           with some template on that system.

        2) a script which grabs the latest beta.tar (or via anoncvs),
           and invokes buildtest.sh on each thing.
           It should optionally POST to a web form about successes.

        3) a CGI/pHp script (with a host for it? www.ca.tcpdump.org has
           php, but no database. I have other hosts) to which one can report
           build successes.

  I know that we have, like, 20 platforms on which things should work, not
to mention OS revisions..

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr () sandelman ottawa on ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [


         
        
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPf9UPIqHRg3pndX9AQHmHgP/avJEqArb+JqH0RfufgCHfBL3eL/rfPfR
hUxlirYWiiFgu/lMgAWEVsQVKTI7gROZc83f/8hbz5XJ3jB4g7gCUgsbq/nanNCW
TOomhlU9xBqrdTSE9dd4Rbrf3NJfhvuB32x2QWbjwMJ+AMXwTerClBbvrlKXTnvJ
DEYdinzZou0=
=U7qH
-----END PGP SIGNATURE-----
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe