Re: Defining a DLT which could be used to dissect any protocol.

[Guy Harris <guy () alum mit edu>]

On Feb 7, 2012, at 6:33 AM, Anders Broman wrote:

> How about defining a DLT with a TLV based header which could be used to carry any protocol - a tag would contain the 
> name of the protocol to be called the name would of course have to correspond
> To the name the dissector has registered in Wireshark - yes this is a weakness an alternative would be to give every 
> protocol a number but that means keeping a registry list.
> Tags could be defined to carry any extra info needed.

What is the purpose of this?

I *REALLY* don't like "generic" link-layer type values that don't cover a specific protocol.  If people want multiple 
different link-layer header types in the same file, that's what pcap-NG is for.

Note also that there isn't a one-to-one correspondence between protocol names and dissector names - for example, we 
have multiple dissectors for Ethernet, depending on whether:

        we know that the packet includes an FCS;

        we know that the packet doesn't include an FCS;

        we don't know whether it includes an FCS or not.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe