Re: forces (and sctp) patch

[Darren Reed <Darren.Reed () Sun COM>]

On 12/01/2010 6:57 PM, Michael Richardson wrote:
>    
> > > > > > "sthaug" == sthaug<sthaug () nethelp no>  writes:
> > > > > >              
>      >>  Well, it gets in the way of all types of things, for example:
>      >>
>      >>  tcpdump-v -i foo.cap | egrep pattern | wc -l
>      >>
>      >>  I think the behaviour should be the reverse of the -g in Mac OS X
>      >>  and that is it should be necessary to use some new command line
>      >>  option to force tcpdump to insert new lines between things.
>
>      sthaug>  100% agreed. I think changing the default behavior like that
>      sthaug>  was a bad idea, and should be reversed.
>
> There are three questions then:
> 1) do we do this now?
> 2) do we make any accomodation for the situation in between?
> 3) are there some volunteers to help?
>    

This kind of change to the defaul behaviour warrants bumping the version 
number from 4.x to 5.x because this is a significant change in the 
output of tcpdump and the output of tcpdump is a documented interface 
that is consumed by many.

I'm curious about what the motivation is for splitting the timestamp and 
packet data onto separate lines is.

I'm confused about your questions...
are you saying "do we reverse it back to the old format now?"
If so, yes... but shouldn't (3) then be a simple matter of applying the 
delta you committed to change the behaviour, in reverse?
And I'm not sure I understand (2) at all...

Darren

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.