tcpdump mailing list archives
Re: New official link-layer type request
From: Damir Franusic <damir.franusic () gmail com>
Date: Sun, 19 May 2019 01:33:35 +0200
No I get now what you you're saying. You think that I should rewrite the draft to explain custom options in Enhanced Packet Block, rather than using a new DLT ? <http://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?url=https://raw.githubusercontent.com/pcapng/pcapng/master/draft-tuexen-opsawg-pcapng.xml&modeAsFormat=html/ascii&type=ascii#section_epb>
On 5/19/19 12:53 AM, Guy Harris wrote:
On May 18, 2019, at 3:05 PM, Damir Franusic <damir.franusic () gmail com> wrote:I know it's extensible but ELEE is used for different purposeLINKTYPE_ELEE is used for the *same* purpose as pcapng - recording timestamped network events, and metadata for those events and for the capture process, in a file. "Target PDUs" with a subtype of "Content of Communication", and that just contain raw packet data (as opposed to the ASN.1 stuff I asked about in an earlier message) are just pcapng Enhanced Packet Blocks: the target identifier and sequence number in the Target PDU header would be options; the timestamp would either just be the block's timestamp (and, unlike ELEE with its 32-bit Timestamp_sec, would work past Y2.106K); the "target activity flag for CC data", "handover connection name for CC data delivery", "destination directory for CC data delivery used only for file system based connections" (if relevant here), "target aggregation factor for CC data delivery", "communication identifier Operator Id", "communication identifier Network Element Id", and "communication identifier Number" would also be options. "Target PDUs" with a subtype of "Content of Communication" that contain that ETSI-specified ASN.1 data would be a new block type, using the same options as the new EPB options; "Target PDUs" with a subtype of "Intercept Related Information (IRI)" would be one or more new block types, depending on whether to have a single block type for all of them, possibly using options.
-- Damir Franusic email: damir.franusic () gmail com http://ele2.io/ _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Re: New official link-layer type request, (continued)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Message not available
- Re: New official link-layer type request Damir Franusic (May 11)
- Re: New official link-layer type request Guy Harris (May 11)
- Re: New official link-layer type request Damir Franusic (May 11)
- Message not available
- Re: New official link-layer type request Damir Franusic (May 12)
- Re: New official link-layer type request Michael Richardson (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 19)
- Message not available
- Re: New official link-layer type request Guy Harris (May 18)
- Message not available
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Guy Harris (May 18)