tcpdump mailing list archives

Re: Using the decoders in other applications?

From: Michael Richardson <mcr () sandelman ottawa on ca>
Date: Tue, 13 Jan 2004 15:39:13 -0500

-----BEGIN PGP SIGNED MESSAGE-----

"Aaron" == Aaron Turner <aturner () pobox com> writes:

    Aaron> I'm sure many of you are somewhat familar with tcpreplay which I
    Aaron> currently maintain (http://tcpreplay.sf.net for those of you not).
    Aaron> Lately I've recieved a few requests to add support for decoding of
    Aaron> packets to STDOUT as they are sent on the wire.

    Aaron> Obviously, I have no wish to reinvent the wheel, and I immediately
    Aaron> started looking at figuring out a way to optionally link, include,
    Aaron> etc the tcpdump code.

    Aaron> Turns out that this appears to be a lot more complicated then I
    Aaron> had hoped.  So I figured I'd email the list and try to find out:

    Aaron> 1) If anyone has done something like this before and had some
    Aaron> suggestions?

  Yes.
  Check out the "mcr_dissect" branch of tcpdump.

    Aaron> 2) If any plans have been made to modularize/librarize the code so
    Aaron> that the decoders could be used in other applications without
    Aaron> declaring a bunch of global variables?

  Yes. It is done above, but it needs to be merged into HEAD, which may be
more work than just doing it all again.

    Aaron> 3) If someone has a better idea of how to accomplish the above
    Aaron> goal.

  Note that I didn't finish going through the code and directing everything
to an (*fprintf) function instead of printf().

  I would like to do this for a 4.0 release of tcpdump.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr () xelerance com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQARXb4qHRg3pndX9AQF36gQAlpbtfxbTD/8Vi4IrumjFuFUK66bNKmmy
aTk0nozFm0815V6xr7t/VPEIaWXpTuVQeMm4FruvC6T5UtwxX/CvHdyFkhiACtcJ
mq+qmeUIdmz48vz7QYjcsORZmI6wGC0MY+mNGlaF0nwjrRBf91PWdmGYaZ5bsg5O
RHUY/dvyS4w=
=acKn
-----END PGP SIGNATURE-----
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe

Current thread:

Using the decoders in other applications? Aaron Turner (Jan 13)
- Re: Using the decoders in other applications? Neil Spring (Jan 13)
- Re: Using the decoders in other applications? Michael Richardson (Jan 13)
- Re: Using the decoders in other applications? Christian Kreibich (Jan 14)