--- Begin Message ---
Hi Guy,
> BTW, having just implemented SLL2 support in Wireshark, the layout of the
> header really doesn't work as well as I'd like with ARPHRD_NETLINK packets.
> I'd prefer something like
> struct header {
> uint16_t hatype;/* link-layer address
--- Begin Message ---
On 10/05/2020 10:04, Francois-Xavier Le Bail via tcpdump-workers wrote:
> On 10/05/2020 00:37, Guy Harris via tcpdump-workers wrote:
>> Is SLL2 sufficiently established that we'd have to introduce an SLL3 type,
>> or can we just change SLL2 at this point?
> Just on the
--- Begin Message ---
On 10/05/2020 00:37, Guy Harris via tcpdump-workers wrote:
> Is SLL2 sufficiently established that we'd have to introduce an SLL3 type, or
> can we just change SLL2 at this point?
Just on the SLL2/SLL3 point:
libpcap-1.9.1 is the first libpcap release to support SLL2, but
--- Begin Message ---
BTW, having just implemented SLL2 support in Wireshark, the layout of the
header really doesn't work as well as I'd like with ARPHRD_NETLINK packets.
I'd prefer something like
struct header {
uint16_t hatype;/* link-layer address type */
--- Begin Message ---
Since there's interest in SLL2 here, I'd like to raise the visibility of my
libpcap pull request for filtering on ifindex:
https://github.com/the-tcpdump-group/libpcap/pull/829
It filters on both live "any" captures (SLL or SLL2) and reading from a
saved SLL2 pcap.
Bill
--- Begin Message ---
On May 8, 2020, at 10:47 AM, Guy Harris via tcpdump-workers
wrote:
> No, nobody appears to have contributed a change to add support to
> epan/dissectors/packet-sll.c yet.
I just did; it was a significant enough change to a bit of infrastructure used
by other dissectors
--- Begin Message ---
On 08/05/2020 22:59, Francois-Xavier Le Bail via tcpdump-workers wrote:
>> > In fact, no need to change libpcap. Can be do in tcpdump code.
>>
>> > See: https://github.com/the-tcpdump-group/tcpdump/pull/850
>>
>> definitely do this in tcpdump.
> Done.
So for tcpdump
--- Begin Message ---
On 08/05/2020 19:59, Michael Richardson wrote:
>
> Francois-Xavier Le Bail via tcpdump-workers wrote:
> >>> BTW how about DLT_LINUX_SLL2 as the default? What does it block?
>
> >> To avoid breaking program that cannot use SLL2, could we have an API
> >> like
--- Begin Message ---
On Mar 31, 2020, at 2:10 AM, Francois-Xavier Le Bail
wrote:
> To avoid breaking program that cannot use SLL2,
Note, by the way, that one program that can't dissect LINKTYPE_LINUX_SLL2
packets is named "Wireshark".
No, nobody appears to have contributed a change to add
--- Begin Message ---
On Mar 31, 2020, at 2:10 AM, Francois-Xavier Le Bail
wrote:
> On 31/03/2020 00:04, Petr Vorel wrote:
>> Hi Guy,
>>
BTW man pages (pcap.3pcap.in, pcap_datalink.3pcap.in, pcap_loop.3pcap and
pcap_next_ex.3pcap) mention only DLT_LINUX_SLL.
>>
>>> Fixed in commit
--- Begin Message ---
On 31/03/2020 11:09, Francois-Xavier Le Bail via tcpdump-workers wrote:
>> BTW how about DLT_LINUX_SLL2 as the default? What does it block?
> To avoid breaking program that cannot use SLL2, could we have an API like
> pcap_set_cooked_default_ssl2() or
--- Begin Message ---
On 31/03/2020 00:04, Petr Vorel wrote:
> Hi Guy,
>
>>> BTW man pages (pcap.3pcap.in, pcap_datalink.3pcap.in, pcap_loop.3pcap and
>>> pcap_next_ex.3pcap) mention only DLT_LINUX_SLL.
>
>> Fixed in commit ffb99eceefd31771a4aa89f0da5d02a3c53cfd03.
> Thanks a lot!
>
> BTW how
--- Begin Message ---
Hi Guy,
> > BTW man pages (pcap.3pcap.in, pcap_datalink.3pcap.in, pcap_loop.3pcap and
> > pcap_next_ex.3pcap) mention only DLT_LINUX_SLL.
> Fixed in commit ffb99eceefd31771a4aa89f0da5d02a3c53cfd03.
Thanks a lot!
BTW how about DLT_LINUX_SLL2 as the default? What does it
--- Begin Message ---
Hi Francois,
> > The "-y" flag to tcpdump allows you to specify capturing with
> > DLT_LINUX_SLL2.
> Should DLT_LINUX_SLL2 be now the default when tcpdump is built with a libpcap
> that support it ?
I'd be glad if it was so, but not sure if first wireshark needs to
--- Begin Message ---
Hi Bill,
> The "-y" flag to tcpdump allows you to specify capturing with
> DLT_LINUX_SLL2.
Thanks a lot!
Kind regards,
Petr
--- End Message ---
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
--- Begin Message ---
On 13/03/2020 12:35, Bill Fenner via tcpdump-workers wrote:
>
> The "-y" flag to tcpdump allows you to specify capturing with
> DLT_LINUX_SLL2.
Should DLT_LINUX_SLL2 be now the default when tcpdump is built with a libpcap
that support it ?
--
Francois-Xavier
--- End
>
> tcpdump: listening on any, link-type LINUX_SLL (Linux cooked v1), ...
>
> What do I do wrong?
>
> Kind regards,
> Petr
>
>
>
> -- Forwarded message --
> From: Petr Vorel via tcpdump-workers
> To: Guy Harris
> Cc: tcpdump-workers@lists.
--- Begin Message ---
Hi Guy,
some time ago we did together DLT_LINUX_SLL2 support for libpcap.
I don't remember the details, but IMHO it was enabled by default.
When now I compile libpcap and tcpdump, it's still using DLT_LINUX_SLL:
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked
18 matches
Mail list logo
