tcpdump mailing list archives

Re: Request for new DLT

From: Anders Broman <anders.broman () ericsson com>
Date: Fri, 24 May 2013 08:59:03 +0000



-----Original Message-----
From: mcr () sandelman ca [mailto:mcr () sandelman ca] 
Sent: den 23 maj 2013 20:03
To: Anders Broman
Cc: tcpdump-workers () lists tcpdump org
Subject: Re: [tcpdump-workers] Request for new DLT

"Anders" == Anders Broman <anders.broman () ericsson com> writes:

    Pascal> Anders can describe it better than me, but the format
    Pascal> intends to be versatile.It allows you to export any higher
    Pascal> level PDUs in a pcap file while maintaining some basic
    Pascal> information about the lower layers

So, how are the higher level PDUs going to be described?
that is, will you have a recursive DLT value, or what exactly?


    Pascal> (like the transport one). The current code sample in
    Pascal> Wireshark is for SIP protocol, but could be extended to any
    Pascal> protocol if there is a need. With a DLT allocated, it would
    Pascal> allow the feature to work out of

I'd rather have it be rather specific and well defined, then loose and nebulous.  DLTs already require too much 
specialized knowledge to decode as it is.


I'm not sure I get the objection, do you feel that these protocol type tag isn't clear enough?
#define EXP_PDU_TAG_LINKTYPE          11 /**< The value part is the linktype value defined by tcpdump 
                                          * http://www.tcpdump.org/linktypes.html
                                          */ 
#define EXP_PDU_TAG_PROTO_NAME        12 /**< The value part should be an ASCII non NULL terminated string 
                                          * of the short protocol name used by Wireshark e.g "sip"
                                          * Will be used to call the next dissector.
                                          */
/* Add protocol type related tags here NOTE Only one protocol type tag may be present in a packet, the first one found 
will be used*/

The meta data tags are optional.

-- 
]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     mcr () sandelman ca  http://www.sandelman.ca/        |   ruby on rails    [ 
        
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Current thread:

Request for new DLT Pascal Quantin (May 18)
- Re: Request for new DLT Michael Richardson (May 18)
  - Re: Request for new DLT Pascal Quantin (May 19)
    - Re: Request for new DLT Anders Broman (May 21)
    - Re: Request for new DLT Michael Richardson (May 23)
    - Re: Request for new DLT Pascal Quantin (May 23)
    - Re: Request for new DLT Anders Broman (May 24)
    - Re: Request for new DLT Anders Broman (Jun 18)
    - Message not available
    - Re: Request for new DLT Anders Broman (Jun 19)
    - Re: Request for new DLT Michael Richardson (Jun 27)
    - Re: Request for new DLT Anders Broman (Jun 27)
    - Message not available
    - Re: Request for new DLT Anders Broman (Jun 24)
- <Possible follow-ups>
- Request for new DLT Anders Broman (May 18)
- Re: Request for new DLT Anders Broman (May 18)