tcpdump mailing list archives
Re: New official link-layer type request
From: Damir Franusic <damir.franusic () gmail com>
Date: Sun, 19 May 2019 10:45:54 +0200
Hi Guy and MichaelAfter piecing everything together, I think I will focus my efforts on using the regular PCAP file and fix and update the current draft for DLT_ELEE. SCTP part for ELEE protocol is missing so I will also add that ASAP. I would like the new LI system to be based on new standards and PCAPNG is the way to go. As soon as I have this draft and dissector finished, I will focus on PCAPNG
and follow your advice.I plan to use EPB for TPDUs carrying CC data (raw packet data) and request new options for LI specific metadata. I will also request a new block type for IRIs but I will structure it like I did with current draft so that only one custom block type is needed. The custom block will use some option in that block to indicatetype of IRI (like "IRI CType" filedĀ in the current draft) and dissector will decode it accordingly.
The only problem is that I haven't found any examples for writing plugin dissectors for PCAPNG blocks and/or options; that would be quite handy and if it's not too complicated I could do both PCAP and PCAPNG stuff in parallel.
If You know a good example of PCAPNG plugin dissector that would cover what I explained here, I would really
appreciate it. Thanks On 5/19/19 2:00 AM, Guy Harris wrote:
On May 18, 2019, at 4:33 PM, Damir Franusic <damir.franusic () gmail com> wrote:No I get now what you you're saying. You think that I should rewrite the draft to explain custom options in Enhanced Packet Block, rather than using a new DLT ?No. I'm suggesting that: you use EPBs, with new options, for Content of Communication PDUs; you add *new* block types for Intercept Related Information PDUs; you do that in a *separate* draft, as you already want a document to describe the ELEE protocol that runs atop SCTP.
-- Damir Franusic email: damir.franusic () gmail com http://ele2.io/ _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Re: New official link-layer type request, (continued)
- Re: New official link-layer type request Guy Harris (May 11)
- Re: New official link-layer type request Damir Franusic (May 11)
- Message not available
- Re: New official link-layer type request Damir Franusic (May 12)
- Re: New official link-layer type request Michael Richardson (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 19)
- Message not available
- Re: New official link-layer type request Guy Harris (May 18)
- Message not available
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Damir Franusic (May 18)
- Re: New official link-layer type request Guy Harris (May 18)
- Re: New official link-layer type request Damir Franusic (May 12)
- Re: New official link-layer type request Damir Franusic (May 12)