tcpdump mailing list archives
Re: Fix print-pflog.c
From: Guy Harris <guy () alum mit edu>
Date: Wed, 31 Mar 2010 11:00:25 -0700
On Mar 31, 2010, at 9:15 AM, Michael Richardson wrote:
Two questions:
1) is there anything preventing us from processing pflog
format pcap files on any system (i.e. a header I'm missing
on non-BSD systems)?
The fact that the header for packets in a DLT_PFLOG file can be (and has been) changed by the pflog developers, without a version number in the header and without asking for a new DLT_ value every time it changes, and we decided not to even try to follow that, so we get the packet header format from <net/if_pflog.h> (and other stuff from <net/pfvar.h)?
2) can you give us a .pcap file and test case to process that
file, so that this does not happen again?
The problem was presumably that tcpdump probably didn't even *build* on FreeBSD or OpenBSD. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Fix print-pflog.c Wesley Shields (Mar 31)
- Re: Fix print-pflog.c Michael Richardson (Mar 31)
- Re: Fix print-pflog.c Guy Harris (Mar 31)
- Re: Fix print-pflog.c Wesley Shields (Mar 31)
- Re: Fix print-pflog.c Guy Harris (Mar 31)
- Re: Fix print-pflog.c Guy Harris (Mar 31)
- Re: Fix print-pflog.c Michael Richardson (Mar 31)
- Re: Fix print-pflog.c Michael Richardson (Mar 31)