tcpdump mailing list archives
bpf filtering for new DLT type
From: "Lidwa, Eric (GSFC-582.0)[SGT INC]" <eric.lidwa-1 () nasa gov>
Date: Fri, 15 Jan 2010 10:31:58 -0600
I am trying to find information on what is needed to implement bpf filtering for a new DLT type (in my case DLT_AOS).
Initially I added to gencode.c in libpcap the following:
case DLT_AOS:
/*
* Currently, only raw "link[N:M]" filtering is supported.
*/
off_linktype = -1;
off_macpl = -1;
off_nl = -1;
off_nl_nosnap = -1;
return;
Now I would like to implement bpf filtering for AOS protocol. Could somebody please point me to info on the steps to
take? Would this require rebuilding of the kernel (I am on linux)?
Do I need to modify grammar.y and scanner.l ? If yes, what else needs to be done?
Regards,
Eric
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- pcap_inject() an Ethernet's FCS David Crowcroft (Jan 14)
- Re: pcap_inject() an Ethernet's FCS Guy Harris (Jan 14)
- Re: pcap_inject() an Ethernet's FCS David Crowcroft (Jan 14)
- Re: pcap_inject() an Ethernet's FCS Guy Harris (Jan 14)
- Re: pcap_inject() an Ethernet's FCS Aaron Turner (Jan 14)
- bpf filtering for new DLT type Lidwa, Eric (GSFC-582.0)[SGT INC] (Jan 15)
- Re: bpf filtering for new DLT type Guy Harris (Jan 15)
- Re: bpf filtering for new DLT type Lidwa, Eric (GSFC-582.0)[SGT INC] (Jan 15)
- Re: pcap_inject() an Ethernet's FCS David Crowcroft (Jan 14)
- Re: pcap_inject() an Ethernet's FCS Guy Harris (Jan 14)