Re: -y and -r flag

["Gisle Vanem" <giva () bgnett no>]

> However, that's a lot of work (and not always implementable, e.g. 
> trying to transform a Cisco Discovery Protocol packet on Ethernet into 
> a CDP-over-BSD-loopback, so you can't always do the reverse of the 
> example you gave, i.e. translating DLT_EN10MB to DLT_NULL), so I'd vote 
> for not doing it.  (If somebody really wants that feature, they're 
> welcome to implement it.

All this got me started because I found a pcap trace (psc_fddi.cap) that
supposed to have FDDI linklayer. But the fileheader.linktype is 1 (en10mb) 
and all MAC fields are 00. The file is from 1997 (by Pittsburg Supercomputing
Centre; www.psc.edu).

So I assume the DLT_* values have changed since it was created or
savefile didn't support FDDI back then. Hence I tried to interpret it 
by using '-yfddi'.

--gv

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe