> Denis> There are network protocols that have an assigned port
> Denis> number, and there are other that don't or are commonly used
> Denis> on non-assigned ports, such as HTTP on port 8080. Looking at
> Denis> function tcp_print() in file print-tcp.c, it is clear how the
> Denis> former are handled, but is there any assumed way to handle
> Denis> the latter? I am considering adding a ZeroMQ decoder to
> Denis> tcpdump, to be particular.
>
> Currently the -T option is the only resort at the IP layer and UDP layer.
> It could apply to TCP too, perhaps.
It looks like -T applies. I've got a working code and am producing a sample
capture. The ZeroMQ decoding function is called from both tcp_print() and
udp_print(), should I put it into an existing file or a new file? Which of
license boilerplates then?
--
Denis Ovsienko
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
