Re: [RFC TCPDUMP PATCH 2/2] Add sll_ifindex into sll_header + use it to print ifname

[Petr Vorel <pvorel () suse cz>]

Hi Guy,

> What happens if you capture traffic on machine A and print it on machine B, where machines A and B have different 
> sets of network interfaces?

> (This is why pcapng has Interface Description Blocks - so that the list of interfaces is part of the file, so you use 
> *that*, rather than the configuration of interfaces on the machine running the program reading the capture, to get 
> interface names.)
Thanks for a pointer to pcapng.

> Perhaps this should be done *only* for live captures, *not* for reading savefiles.

Good point, make sense.
I've created pull request implementing this, via new member in struct
netdissect_options (maybe there are better ways to do that).
https://github.com/the-tcpdump-group/tcpdump/pull/689

I'd be for adding getopt long option to allow showing this info even for reading captured
file (on users responsibility to decide whether data are valid). If you do dump
on the same host you want to see interface name (and IMHO it's the point of DLT_LINUX_SLL2).

Or (as it's too specific to some case) print interfaces always and just print a
warning about interfaces might be wrong when reading on different host in case
of reading pcap file.

Does it sounds better for you? Should I change pull request in one of these two
options?


Kind regards,
Petr
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers