tcpdump mailing list archives

Re: Fix print-pflog.c

From: Wesley Shields <wxs () FreeBSD org>
Date: Wed, 31 Mar 2010 20:40:36 -0400

On Wed, Mar 31, 2010 at 11:00:25AM -0700, Guy Harris wrote:


On Mar 31, 2010, at 9:15 AM, Michael Richardson wrote:

Two questions:
  1) is there anything preventing us from processing pflog
     format pcap files on any system (i.e. a header I'm missing
     on non-BSD systems)?


The fact that the header for packets in a DLT_PFLOG file can be (and
has been) changed by the pflog developers, without a version number in
the header and without asking for a new DLT_ value every time it
changes, and we decided not to even try to follow that, so we get the
packet header format from <net/if_pflog.h> (and other stuff from
<net/pfvar.h)?

  2) can you give us a .pcap file and test case to process that
     file, so that this does not happen again?


The problem was presumably that tcpdump probably didn't even *build*
on FreeBSD or OpenBSD.


Yes, this was it exactly. Thank you for pushing the fix in.

-- WXS
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

Current thread:

Fix print-pflog.c Wesley Shields (Mar 31)
- Re: Fix print-pflog.c Michael Richardson (Mar 31)
  - Re: Fix print-pflog.c Guy Harris (Mar 31)
    - Re: Fix print-pflog.c Wesley Shields (Mar 31)
- Re: Fix print-pflog.c Guy Harris (Mar 31)
  - Re: Fix print-pflog.c Michael Richardson (Mar 31)