-----Original Message-----
From: m...@sandelman.ca [mailto:m...@sandelman.ca]
Sent: den 23 maj 2013 20:03
To: Anders Broman
Cc: tcpdump-workers@lists.tcpdump.org
Subject: Re: [tcpdump-workers] Request for new DLT
>>>>> "Anders" == Anders Broman <anders.bro...@ericsson.com> writes:
Pascal> Anders can describe it better than me, but the format
Pascal> intends to be versatile.It allows you to export any higher
Pascal> level PDUs in a pcap file while maintaining some basic
Pascal> information about the lower layers
>So, how are the higher level PDUs going to be described?
>that is, will you have a recursive DLT value, or what exactly?
Pascal> (like the transport one). The current code sample in
Pascal> Wireshark is for SIP protocol, but could be extended to any
Pascal> protocol if there is a need. With a DLT allocated, it would
Pascal> allow the feature to work out of
>I'd rather have it be rather specific and well defined, then loose and
>nebulous. DLTs already require too much specialized knowledge to decode as it
>is.
I'm not sure I get the objection, do you feel that these protocol type tag
isn't clear enough?
#define EXP_PDU_TAG_LINKTYPE 11 /**< The value part is the linktype
value defined by tcpdump
*
http://www.tcpdump.org/linktypes.html
*/
#define EXP_PDU_TAG_PROTO_NAME 12 /**< The value part should be an ASCII
non NULL terminated string
* of the short protocol name used by
Wireshark e.g "sip"
* Will be used to call the next
dissector.
*/
/* Add protocol type related tags here NOTE Only one protocol type tag may be
present in a packet, the first one found will be used*/
The meta data tags are optional.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
