XML dissector output

[Michael Richardson <mcr () sandelman ottawa on ca>]

-----BEGIN PGP SIGNED MESSAGE-----


> > > > > "Christian" == Christian Kreibich <christian () whoop org> writes:
    Christian> proposal that while I personally think an XML capture
    Christian> format is not the right idea, an XML based tcpdump output
    Christian> would be great in the long term -- it would certainly
    Christian> eliminate a lot of parsing ambiguity.

  I am not a fan of XML, but I could live with this kind of thing.

  My opinion is that we need a code structure change:
     - dissectors would not call printf() directly.

     - dissectors would call some kind of thing=value function
       that has a table for the current packet only.

     - at the end of dissection, an appropriate thing=value->OUTPUT
       converter would occur.

  I think that this can work very well for XML or $thing="value";
or { "thing" => "value" } format. The question is -- how to retain what
we have now? 
  Does each level of dissector register a "print" function as well?
  (with XML output all using the common XML print function?)

  Or is some other structure that someone can think of.

- --
]     "Elmo went to the wrong fundraiser" - The Simpson         |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr () xelerance com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQOMZgoqHRg3pndX9AQHTDgQAknqmHRwfvCS4H36sI3u9BMiTcZTFn0it
tSE5X6dOHVedvLVsjQk9BIJISBp3QUSaGfUbcRDPNrE7z4x1YWt42u8jLVI885ZE
if+u8o/cZQhiCZu8UF4Ty2+5kzKmRXIvqFIwe8o8fcw43/Hl+bPuVM1EcTBbTfzv
Z2G9AQMUgqU=
=Y5xc
-----END PGP SIGNATURE-----
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.