This series adds supporting of Linux "cooked" header http://www.tcpdump.org/linktypes/LINKTYPE_NETLINK.html
which is compatible with Wireshark. Also it can be dissected by new dissector_sll.c while dumping. Needs to test on archs's with different byte ordering. 1) Moved some device's stuff string conversion functions from proto_nlmsg.c to dev.c to be used in dissector_sll.c 2) Add suporting Linux "cooked" header. Added -w,--cooked option which replaces L2 header frame with cooked header for each frame and allows to dump & dissect Ethernet & Netlink packets together. Linux "cooked" header is automatically used for Netlink link type for the other cases (for -i any) it needs to specify "--cooked" option. Used dgram packet socket when sniffing with "--cooked" option to pull L2 header and wrap packet with Linux "cooked" header, it allows compatibility with Wireshark. 3) Added dissector_sll.c to dissect packets with Linux "cooked" header. Meanwhile it can dump only Netlink & Ethernet protos (L3 layer). This dissector is used if link type is LINKTYPE_LINUX_SLL. Vadim Kochan (3): dev: Add device string convertions (addr, dev type) netsniff-ng: Add support of Linux "cooked" header netsniff-ng: Add dissector for Linux "cooked" packets dev.c | 111 +++++++++++++++ dev.h | 3 + dissector.c | 12 +- dissector.h | 2 +- dissector_sll.c | 114 +++++++++++++++ dissector_sll.h | 18 +++ linktype.h | 1 + netsniff-ng.8 | 16 ++- netsniff-ng.c | 35 +++-- netsniff-ng/Makefile | 1 + pcap_io.h | 390 ++++++++++++++++++++++++++++++++++++--------------- pcap_mm.c | 28 +++- pcap_rw.c | 30 +++- pcap_sg.c | 83 +++++------ pkt_buff.h | 2 +- proto_nlmsg.c | 120 +--------------- sock.c | 10 ++ sock.h | 1 + 18 files changed, 688 insertions(+), 289 deletions(-) create mode 100644 dissector_sll.c create mode 100644 dissector_sll.h -- 2.4.2 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.