tcpdump mailing list archives
Re: Verbose output of tcpdump on protocols of different
From: Hannes Gredler <hannes () juniper net>
Date: Thu, 27 Jul 2006 11:36:11 +0200
mikhail, what you are suggesting makes sense and you are welcome to submit a patch ;-) /hannes Mikhail Manuylov wrote:
Hello, I need to parse output of tcpdump printing contents of snmp packets and insert to database. First time I thought that output can be explained with some regexps, but when I looked into sources I've suddenly changed my mind and have choosed to yacc. Now I'm writing grammar of tcpdump's output in BNF ( because PDML and wireshark is not my choise ). All I need is snmp printing which is done with verbose flag ( -v | vflag ). But I DON'T need verbose printing of low level protocols ( ip, udp ). For optional printing of Ethernet header there exists flag (-e | eflag ), but for ip and udp is not (it depends on vflag). I don't want to write grammar for that output. Of course I can make some local crocks (and I will ), but am I the first person complaining about that behaviour? I think there should be flags for verbose optional output on EACH level of tcp|osi model. But because tcpdump only supports BSD style of cli options, I think config is a good choise there. Just think about it.
- This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- Verbose output of tcpdump on protocols of different level Mikhail Manuylov (Jul 26)
- Re: Verbose output of tcpdump on protocols of different Hannes Gredler (Jul 27)