tcpdump mailing list archives
Re: Re: -e vs. -x, revisited
From: Michael Richardson <mcr () sandelman ottawa on ca>
Date: Wed, 18 Dec 2002 17:53:49 -0500
-----BEGIN PGP SIGNED MESSAGE-----
"Guy" == Guy Harris <guy () netapp com> writes:
>> hmm....here's a packet, would you please dissect it into a "human
>> readable format" and place that representation in this buffer?
>>
>> tcpdump would call the dissectors and then just print the results.
>> goofy idea?
Guy> that could go into a "libtcpdump" - and Michael Richardson has been
Guy> working on such a library. - This is the TCPDUMP workers list. It
Yes... did it a year ago... I want to do this again after 3.8/0.8 and
call this 4.0 of tcpdump. We can then argue all we want about changing the
a UI, since we can a new front end, leaving scripts to call "tcpdump"
with the old UI and defaults.
This code is presently linkable into the FreeS/WAN, User-Mode-Linux
testing harness, so that you see what is going on from the point of view
of the network "hub" (a virtual thing).
From
http://www.freeswan.ca/cgi-bin/viewcvs.cgi/freeswan/testing/utils/uml_netjig/Makefile?rev=1.21&cvsroot=FreeS%2FWAN&content-type=text/vnd.viewcvs-markup
# To use the netdissect option, you have to have a very recent (pre-alpha) copy
# of tcpdump source code from www.tcpdump.org. For now, leave it unset.
#
# If you want to play with it, you'll need libnetdissect.a. You can get this
# by checking code out of www.tcpdump.org:
#
# cvs -d :pserver:tcpdump () cvs tcpdump org:/tcpdump/master checkout -rmcr_dissect -dnetdissect_tcpdump
#
#NETDISSECTH=-DNETDISSECT -I/home/mcr/src/tcpdump
#NETDISSECTLIB=-L/home/mcr/src/linux/i386/tcpdump -lnetdissect
I do not think it is worth trying to preserve this branch, rather to
do it again in 4.0.
Among things is to change the output to either:
1) always use a pointer to fprintf-like function.
- -or-
2) always use fprintf(variable, ...);
(And assume that your stdio is new enough to let you fopen() a string,
a la funopen(3) on BSD)
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr () sandelman ottawa on ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPgD8e4qHRg3pndX9AQEylAP/TpFIqwAccTCmGx3D8jVvOI9IcZb9TdLZ
65xQLSB/w0rrth/Xw6Js6/GeYpXK+Cv4GP6prStxz8oJRKci89zjp9aL4/m+cFJ0
IyHkV/HnPOeU3ez47Nt9HfZX1+f672bC3jlwd0dJ/O2Qg6tfzVyIObj2ewHfRfo/
/DU5xgDIEeQ=
=YxGH
-----END PGP SIGNATURE-----
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- Re: New APIs to support multiple DLT_'s on an interface, (continued)
- Re: New APIs to support multiple DLT_'s on an interface Guy Harris (Dec 16)
- -e vs. -x, revisited Guy Harris (Dec 17)
- Re: -e vs. -x, revisited Andrew Brown (Dec 17)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 17)
- Re: Re: -e vs. -x, revisited Andrew Brown (Dec 17)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: Re: -e vs. -x, revisited Andrew Brown (Dec 18)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: Re: -e vs. -x, revisited Andrew Brown (Dec 18)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: Re: -e vs. -x, revisited Michael Richardson (Dec 18)
- Re: Re: -e vs. -x, revisited Guy Harris (Dec 19)
- Re: -e vs. -x, revisited Guy Harris (Dec 18)
- Re: -e vs. -x, revisited Andrew Brown (Dec 18)
- Re: -e vs. -x, revisited Guy Harris (Dec 19)