Re: Verbose output of tcpdump on protocols of different

[Hannes Gredler <hannes () juniper net>]

mikhail,

what you are suggesting makes sense
and you are welcome to submit a patch ;-)

/hannes

Mikhail Manuylov wrote:
> Hello,
>
> I need to parse output of tcpdump printing contents of snmp packets
> and insert to database.
>
> First time I thought that output can be explained with some regexps,
> but when I looked into sources I've suddenly changed my mind and have
> choosed to yacc. Now I'm writing grammar of tcpdump's output in BNF (
> because PDML and wireshark is not my choise ).
>
> All I need is snmp printing which is done with verbose flag ( -v |
> vflag ). But I DON'T need verbose printing of low level protocols (
> ip, udp ). For optional printing of Ethernet header there exists flag
> (-e | eflag ), but for ip and udp is not (it depends on vflag). I
> don't want to write grammar for that output. Of course I can make some
> local crocks (and I will ), but am I the first person complaining
> about that behaviour?
>
> I think there should be flags for verbose optional output on EACH
> level of tcp|osi model. But because tcpdump only supports BSD style of
> cli options, I think config is a good choise there.
>
> Just think about it.
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.