tcpdump mailing list archives
Re: Scanning IP6 packets
From: Darren Reed <darrenr () netbsd org>
Date: Thu, 14 Nov 2013 20:04:57 +1100
On 13/11/2013 7:15 PM, Guy Harris wrote:
... Or write your own filter expression that looks at the link-layer header to detect IPv6 packets, skips past the IPv6 header (you won't be able to handle extension headers, as that involves looping, and the libpcap filter language doesn't support that), and then loads the appropriate value from the TCP header based on that. There is no easy solution.
Something that I'm working on is a design & implementation of BPF (v2) that incorporates instructions that are specifically designed to deal with headers that are chained together in this fashion. In its current form, BPF (v1) is not that IPv6 friendly. Give me a week or two to back up a design with some code that works (the parser and compiler bit are the tricky pieces.) Darren . _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Scanning IP6 packets Steve (Nov 12)
- Re: Scanning IP6 packets Guy Harris (Nov 13)
- Re: SPAM-LOW: Re: Scanning IP6 packets Steve (Nov 13)
- Re: Scanning IP6 packets Darren Reed (Nov 14)
- Re: Scanning IP6 packets Michael Richardson (Nov 14)
- Re: Scanning IP6 packets Darren Reed (Nov 14)
- Re: Scanning IP6 packets Michael Richardson (Nov 14)
- Re: Scanning IP6 packets Guy Harris (Nov 13)