tcpdump mailing list archives
Re: Re: -e vs. -x, revisited
From: Michael Richardson <mcr () sandelman ottawa on ca>
Date: Wed, 18 Dec 2002 17:53:49 -0500
-----BEGIN PGP SIGNED MESSAGE-----
"Guy" == Guy Harris <guy () netapp com> writes:
>> hmm....here's a packet, would you please dissect it into a "human >> readable format" and place that representation in this buffer? >> >> tcpdump would call the dissectors and then just print the results. >> goofy idea? Guy> that could go into a "libtcpdump" - and Michael Richardson has been Guy> working on such a library. - This is the TCPDUMP workers list. It Yes... did it a year ago... I want to do this again after 3.8/0.8 and call this 4.0 of tcpdump. We can then argue all we want about changing the a UI, since we can a new front end, leaving scripts to call "tcpdump" with the old UI and defaults. This code is presently linkable into the FreeS/WAN, User-Mode-Linux testing harness, so that you see what is going on from the point of view of the network "hub" (a virtual thing). From http://www.freeswan.ca/cgi-bin/viewcvs.cgi/freeswan/testing/utils/uml_netjig/Makefile?rev=1.21&cvsroot=FreeS%2FWAN&content-type=text/vnd.viewcvs-markup # To use the netdissect option, you have to have a very recent (pre-alpha) copy # of tcpdump source code from www.tcpdump.org. For now, leave it unset. # # If you want to play with it, you'll need libnetdissect.a. You can get this # by checking code out of www.tcpdump.org: # # cvs -d :pserver:tcpdump () cvs tcpdump org:/tcpdump/master checkout -rmcr_dissect -dnetdissect_tcpdump # #NETDISSECTH=-DNETDISSECT -I/home/mcr/src/tcpdump #NETDISSECTLIB=-L/home/mcr/src/linux/i386/tcpdump -lnetdissect I do not think it is worth trying to preserve this branch, rather to do it again in 4.0. Among things is to change the output to either: 1) always use a pointer to fprintf-like function. - -or- 2) always use fprintf(variable, ...); (And assume that your stdio is new enough to let you fopen() a string, a la funopen(3) on BSD) ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr () sandelman ottawa on ca http://www.sandelman.ottawa.on.ca/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Finger me for keys iQCVAwUBPgD8e4qHRg3pndX9AQEylAP/TpFIqwAccTCmGx3D8jVvOI9IcZb9TdLZ 65xQLSB/w0rrth/Xw6Js6/GeYpXK+Cv4GP6prStxz8oJRKci89zjp9aL4/m+cFJ0 IyHkV/HnPOeU3ez47Nt9HfZX1+f672bC3jlwd0dJ/O2Qg6tfzVyIObj2ewHfRfo/ /DU5xgDIEeQ= =YxGH -----END PGP SIGNATURE----- - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- Re: New APIs to support multiple DLT_'s on an interface, (continued)
- Re: New APIs to support multiple DLT_'s on an interface Guy Harris (Dec 16)
- -e vs. -x, revisited Guy Harris (Dec 17)
- Re: -e vs. -x, revisited Andrew Brown (Dec 17)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 17)
- Re: Re: -e vs. -x, revisited Andrew Brown (Dec 17)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: Re: -e vs. -x, revisited Andrew Brown (Dec 18)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: Re: -e vs. -x, revisited Andrew Brown (Dec 18)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: Re: -e vs. -x, revisited Michael Richardson (Dec 18)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 19)
- Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: -e vs. -x, revisited Andrew Brown (Dec 18)
- Re: -e vs. -x, revisited Guy Harris (Dec 19)