tcpdump mailing list archives
Re: Re: -e vs. -x, revisited
From: Guy Harris <guy () netapp com>
Date: Wed, 18 Dec 2002 12:12:10 -0800
On Wed, Dec 18, 2002 at 09:45:41AM -0500, Andrew Brown wrote:
(BTW, as per another recent discussioin, that means multi-line output even if "-v" isn't specified....)we're already pretty much in that boat if the dissector calls default_print(), right?
Yes, which argues that it should do so only if "-x" was specified or "-v" was specified.
if (1) default_print_packet() were allowed to ignore its arguments so that it could behave "properly" as per the given flags, (2) it set a flag once called, that we could clear somewhere else, (3) a shim layer was added in between pcap and the xxx_if_print() routines, then (4) you could remove all xflag processing from all the xxx_if_print() routines.
If by "xflag processing" you mean checking "xflag", that could be done
*now*, without *any* of that stuff, by removing it and adding the "if
(xflag)" test to "default_print_packet()".
However, if you centralize the *calls* to "default_print_packet()" in
the shim layer, it won't know how long the link-layer header is, so they
won't know how to skip it.
To handle that, one could have the "xxx_if_print()" routines return the
link-layer header length. Once one's done that, however, one doesn't
need any global variables - the shim routine would look something like
void
print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
{
void (*if_print)(const struct pcap_pkthdr *h, const
u_char *p) = user;
u_int hdrlen;
hdrlen = (*user)(h, p);
if (xflag)
default_print(p, h->caplen, hdrlen);
}
("main()" would set "pcap_userdata()" to the results of
"lookup_printer()", and set "printer" to "print_packet").
Of course, once we've done *that*, we should probably then do
void
print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
{
void (*if_print)(const struct pcap_pkthdr *h, const
u_char *p) = user;
u_int hdrlen;
++infodelay;
ts_print(&h->ts);
hdrlen = (*user)(h, p);
if (xflag)
default_print_packet(p, h->caplen, hdrlen);
putchar('\n');
--infodelay;
if (infoprint)
info(0);
}
and remove all that stuff from the if_print routines, centralizing that
in "print_packet()" as well.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- Re: New APIs to support multiple DLT_'s on an interface, (continued)
- Re: New APIs to support multiple DLT_'s on an interface Guy Harris (Dec 17)
- Re: New APIs to support multiple DLT_'s on an interface Andrew Brown (Dec 17)
- Re: New APIs to support multiple DLT_'s on an interface David Young (Dec 16)
- Re: New APIs to support multiple DLT_'s on an interface Guy Harris (Dec 16)
- -e vs. -x, revisited Guy Harris (Dec 17)
- Re: -e vs. -x, revisited Andrew Brown (Dec 17)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 17)
- Re: Re: -e vs. -x, revisited Andrew Brown (Dec 17)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: Re: -e vs. -x, revisited Andrew Brown (Dec 18)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: Re: -e vs. -x, revisited Andrew Brown (Dec 18)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: Re: -e vs. -x, revisited Michael Richardson (Dec 18)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 19)
- Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: -e vs. -x, revisited Andrew Brown (Dec 18)
- Re: -e vs. -x, revisited Guy Harris (Dec 19)