Re: interpreting the output of tcpdump -d option

[Gregor Maier <gregor () endace com>]

> > And where can i get these instructions and their corresponding
> > opcodes.....
>
>
> on BSD systems the header is in /usr/include/net/bpf.h
>
> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/net/bpf.h


and for a general introduction to the bpf machine, have a look at the
original paper:

McCanne, S., and Jacobson, V., The BSD Packet Filter: A New Architecture
for User-level Packet Capture.  Proceedings of the 1993 Winter USENIX
Technical Conference (San Diego, CA, Jan. 1993), USENIX.

http://www.tcpdump.org/papers/bpf-usenix93.pdf

cu
gregor
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.