tcpdump mailing list archives
Re: Scanning IP6 packets
From: Michael Richardson <mcr () sandelman ca>
Date: Thu, 14 Nov 2013 14:26:18 -0500
Darren Reed <darrenr () netbsd org> wrote:
>> Or write your own filter expression that looks at the link-layer
>header to detect IPv6 packets, skips past the IPv6 header (you won't be
>able to handle extension headers, as that involves looping, and the
>libpcap filter language doesn't support that), and then loads the
>appropriate value from the TCP header based on that.
>>
>> There is no easy solution.
> Something that I'm working on is a design & implementation of BPF (v2) that
> incorporates instructions that are specifically designed to deal with
> headers
That's cool...
> that are chained together in this fashion. In its current form, BPF (v1) is
> not that IPv6 friendly. Give me a week or two to back up a design with some
> code that works (the parser and compiler bit are the tricky pieces.)
True. I assume you are adding kind of limited loop capability. Could it be
unrolled to some depth to work with BPFv1?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] mcr () sandelman ca http://www.sandelman.ca/ | ruby on rails [
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Scanning IP6 packets Steve (Nov 12)
- Re: Scanning IP6 packets Guy Harris (Nov 13)
- Re: SPAM-LOW: Re: Scanning IP6 packets Steve (Nov 13)
- Re: Scanning IP6 packets Darren Reed (Nov 14)
- Re: Scanning IP6 packets Michael Richardson (Nov 14)
- Re: Scanning IP6 packets Darren Reed (Nov 14)
- Re: Scanning IP6 packets Michael Richardson (Nov 14)
- Re: Scanning IP6 packets Guy Harris (Nov 13)