tcpdump mailing list archives
Re: RFC: DLT for "application TCP stream capture"
From: Guy Harris <guy () alum mit edu>
Date: Wed, 14 Jan 2015 14:21:18 -0800
On Jan 14, 2015, at 12:10 PM, Michael Tuexen <Michael.Tuexen () lurchi franken de> wrote:
On 14 Jan 2015, at 18:19, Denis Ovsienko <denis () ovsienko info> wrote:Eventually, we'll be using this format to debug multi-path TCP, in which case the IP addresses (and maybe even the IP4/IP6-ness of it) might change.Also there exists SCTP, which implements the concept of variable (0..65535) number of "streams" for each direction of an "association" between a pair of sockets (in TCP these two things are the same), so a stream_id field in the encoding (0 for TCP and UDP) could be handy for SCTP payload representation.and don't forget the PPID, the ordered/unordered flag, and the TSN/SSN. All this is exposed to the application...
OK, so the transport-layer metadata values we should include are: UDP: source and destination port numbers TCP: source and destination port numbers, EOF indication (think of it as FIN), urgent pointer? SCTP: source and destination port numbers, stream ID, PPID, ordered/unordered flag, TSN/SSN Anything else? What about TCP - or IP - options? Some of those may be exposed to the application. _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 13)
- Re: RFC: DLT for "application TCP stream capture" Guy Harris (Jan 13)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Michael Richardson (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Denis Ovsienko (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Michael Tuexen (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Guy Harris (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 15)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" David Laight (Jan 15)
- Re: RFC: DLT for "application TCP stream capture" Guy Harris (Jan 13)
- Re: RFC: DLT for "application TCP stream capture" David Laight (Jan 15)