tcpdump mailing list archives
Re: Request for DLT for new BlueZ Monitor
From: Michal Labedzki <michal.labedzki () tieto com>
Date: Mon, 30 Dec 2013 08:21:40 +0100
Hello, You can see code in Wireshark side (great example, very similar, but this is only support for capture file changes): https://bugs.wireshark.org/bugzilla/attachment.cgi?id=12394 Implementation in libpcap is very similar to pcap-bt-linux.c, but: 1. There is only one interface, let call it bluetooth-monitor 2. Pseudo header is: guint16 adapter_id; guint16 opcode; It based on btsnoop header (this two variables are in one 32 bit field called "flags") 3. Socket changes from addr.hci_family = AF_BLUETOOTH; addr.hci_dev = handlep->dev_id; addr.hci_channel = HCI_CHANNEL_RAW; to: addr.hci_family = AF_BLUETOOTH; addr.hci_dev = HCI_DEV_NONE; addr.hci_channel = HCI_CHANNEL_MONITOR; 4. "Direction" (frame) based on "opcode" , timestamps got from socket "SCM_TIMESTAMP". 5. Implementation from libpcap is ready, maybe you want to see it? On 30 December 2013 00:12, Guy Harris <guy () alum mit edu> wrote:
On Dec 27, 2013, at 3:13 AM, Michal Labedzki <michal.labedzki () tieto com> wrote:1. Bluetooth Linux Monitor use psedoheader to provide Opcode and Adater Id which are required to correctly dissect payload (like Bluetooth H4 with pseudoheader)What is the detailed format of the pseudo-header, and what is the payload that follows it?
-- Pozdrawiam / Best regards ------------------------------------------------------------------------------------------------------------- Michał Łabędzki, Software Engineer Tieto Corporation Product Development Services http://www.tieto.com / http://www.tieto.pl --- ASCII: Michal Labedzki location: Swobodna 1 Street, 50-088 Wrocław, Poland room: 5.01 (desk next to 5.08) --- Please note: The information contained in this message may be legally privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorised use, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank You. --- Please consider the environment before printing this e-mail. --- Tieto Poland spółka z ograniczoną odpowiedzialnością z siedzibą w Szczecinie, ul. Malczewskiego 26. Zarejestrowana w Sądzie Rejonowym Szczecin-Centrum w Szczecinie, XIII Wydział Gospodarczy Krajowego Rejestru Sądowego pod numerem 0000124858. NIP: 8542085557. REGON: 812023656. Kapitał zakładowy: 4 271500 PLN _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Request for DLT for new BlueZ Monitor Michal Labedzki (Dec 20)
- Re: Request for DLT for new BlueZ Monitor Michal Labedzki (Dec 27)
- Re: Request for DLT for new BlueZ Monitor Guy Harris (Dec 29)
- Re: Request for DLT for new BlueZ Monitor Michal Labedzki (Dec 29)
- Re: Request for DLT for new BlueZ Monitor Guy Harris (Dec 29)
- Re: Request for DLT for new BlueZ Monitor Michal Labedzki (Dec 27)