[PATCH libpcap] linktype: add netlink link/dlt type

[Daniel Borkmann <dborkman () redhat com>]

For pcap interoperability, introduce a common link type for netlink
captures. Netlink debugging workflow looks like the following:

Setup:
  modprobe nlmon
  ip link add type nlmon
  ip link set nlmon0 up

Capture:
  tcpdump -i nlmon0 ...

Teardown:
  ip link set nlmon0 down
  ip link del dev nlmon0
  rmmod nlmon

Signed-off-by: Daniel Borkmann <dborkman () redhat com>
CC: Thomas Graf <tgraf () suug ch>
CC: Tobias Klauser <tklauser () distanz ch>
---
 pcap-common.c | 7 ++++++-
 pcap/bpf.h    | 7 ++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/pcap-common.c b/pcap-common.c
index 6175a5a..f26d22e 100644
--- a/pcap-common.c
+++ b/pcap-common.c
@@ -932,7 +932,12 @@
  */
 #define LINKTYPE_WIRESHARK_UPPER_PDU   252
 
-#define LINKTYPE_MATCHING_MAX  252             /* highest value in the "matching" range */
+/*
+ * Link-layer header type for the netlink protocol (nlmon devices).
+ */
+#define LINKTYPE_NETLINK               253
+
+#define LINKTYPE_MATCHING_MAX  253             /* highest value in the "matching" range */
 
 static struct linktype_map {
        int     dlt;
diff --git a/pcap/bpf.h b/pcap/bpf.h
index ad36eb6..8286ed5 100644
--- a/pcap/bpf.h
+++ b/pcap/bpf.h
@@ -1224,7 +1224,12 @@ struct bpf_program {
  */
 #define DLT_WIRESHARK_UPPER_PDU        252
 
-#define DLT_MATCHING_MAX       252     /* highest value in the "matching" range */
+/*
+ * DLT type for the netlink protocol (nlmon devices).
+ */
+#define DLT_NETLINK            253
+
+#define DLT_MATCHING_MAX       253     /* highest value in the "matching" range */
 
 /*
  * DLT and savefile link type values are split into a class and
-- 
1.7.11.7

_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers