tcpdump mailing list archives
Re: New official link-layer type request
From: Damir Franusic <damir.franusic () gmail com>
Date: Sat, 11 May 2019 22:39:00 +0200
Hi Like I sad, I don't have the complete documentation ready, but this is the general format: +---------------------------------+ | Version | | (1 Octet) | | | +---------------------------------+ | PDU Type | | (1 Octet) | | | +---------------------------------+ | Source ELLE Node | | NULL terminated ASCII string | | (1 Octet min for \0) | | | +---------------------------------+ | Destination ELEE Node | | NULL terminated ASCII string | | (1 Octet min for \0) | | | +---------------------------------+ | ELEE PDU Payload | . (Remaining octets) . . . . . PDU Payload part is the rest of the packet data and will be interpreted based on PDU Type. On 5/11/19 10:09 PM, Guy Harris wrote:
On May 11, 2019, at 7:26 AM, Damir Franusic <damir.franusic () gmail com> wrote:*Example tshark output for IRI:*...ELEE Protocol Protocol version: 1 PDU type: Target PDU (1) Source node: elee.ppd.node_1 Destination node: . Target PDU Lawful interception identifier: dhcp_li_id Target PDU data type: Intercept Related Information (IRI) (1) Sequence number: 0 Timestamp: May 10, 2019 18:21:59.723619839 UTC IRI configuration Active: True Delivery format: ELEE (3) Handover connection: Handover directory: Aggregation factor: 2 Delivery timeout: 0 Communication identifier Operator identifier: Network element identifier: Communication identifier number (CIN): 0 Data part size: 95 IP IRI IRI type: IRI-REPORT (4) Access event type: accessAttempt (0) Target username: 001cbf0dbfd7 Internet access type: Unknown (0) IP version: IPv4 protocol (1) Target IPv4: 0.0.0.0 Target network id: 00:1c:bf:0d:bf:d7 POP port number: 0 Target call-back number: <MISSING> POP IP address: 00000000 Authentication type: AAA provided by DHCP (3)...*Example tshark output for CC:*...*ELEE Protocol* Protocol version: 1 PDU type: Target PDU (1) Source node: elee.ppd.node_1 Destination node: . Target PDU Lawful interception identifier: test_li_id Target PDU data type: Content of Communication (CC) (2) Sequence number: 0 Timestamp: May 10, 2019 18:27:56.677651565 UTC CC configuration Active: True Delivery format: ELEE (3) Handover connection: Handover directory: Aggregation factor: 10 Delivery timeout: 0 Communication identifier Operator identifier: Network element identifier: Communication identifier number (CIN): 0 Data part size: 60So what would the exact format of the header be for this link-layer type?
-- Damir Franusic email: damir.franusic () gmail com http://ele2.io/ _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- New official link-layer type request Damir Franusic (May 11)
- Message not available
- Re: New official link-layer type request Damir Franusic (May 11)
- Re: New official link-layer type request Guy Harris (May 11)
- Re: New official link-layer type request Damir Franusic (May 12)
- Re: New official link-layer type request Guy Harris (May 12)
- Re: New official link-layer type request Damir Franusic (May 12)
- Re: New official link-layer type request Guy Harris (May 12)
- Re: New official link-layer type request Damir Franusic (May 12)
- Re: New official link-layer type request Guy Harris (May 17)
- Re: New official link-layer type request Damir Franusic (May 15)
- Re: New official link-layer type request Damir Franusic (May 17)
- Re: New official link-layer type request Damir Franusic (May 17)
- Re: New official link-layer type request Damir Franusic (May 11)
- Message not available