tcpdump mailing list archives
Re: Request for a new DLT
From: "Fulko Hew" <fulko.hew () gmail com>
Date: Tue, 17 Jul 2007 13:18:23 -0400
On 7/17/07, Guy Harris <guy () alum mit edu> wrote:
Fulko Hew wrote: > I am formally requesting a new DLT value to support capture traffic > from my companies So that'd be SITA: http://www.sita.aero/default.htm
Correct.
> LAN/WAN router/protocol converter device. > > Since this device supports WAN protocols, this new DLT will be > used to provide/indicate that the data stream contains a > number of WAN port specific pieces of information such as: > > - message direction > - hardware signal line states (RTS, CTS, DCD, etc.) > - transmit/receive error/status bits. > - a protocol type indicator (Frame Relay, LAPB, IPARS, UTS, etc.) So a given capture can have packets in it with multiple different protocol types?
A given capture will be attached to a particular WAN port, and a port can only support one protocol at a time so... a given capture will only ever have a single protocol within it, but since the header is common for all protocols, I thought it was better to ask for a single DLT instead rather than one DLT per protocol. Basically this DLT defines 'serial WAN' support but throws in some proprietary (embedded protocol implementation) handling too. For example, I thought of supporting DLT_FR for frame relay, but then I would have been required to pass 'data' only. This way I can pass the other useful info too.
> This 5 byte header/control-structure will be prefixed to each captured > data packet, but will not be considered as part of the 'data packet' > that will be decoded as part of Wireshark, etc. So will the format of that header be public, or private?
Public. I will also be releasing (minimal) Wireshark dissectors for this DLT as well as the two 'airline industry' related protocols. Unfortunately SITA isn't being contracted to create the dissectors, but I will be providing some minimal dissectors (that our customer (may) extend. (Or I might do it during my copious spare time.) - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Request for a new DLT Fulko Hew (Jul 17)
- Re: Request for a new DLT Guy Harris (Jul 17)
- Re: Request for a new DLT Fulko Hew (Jul 17)
- Re: Request for a new DLT Guy Harris (Jul 17)
- Re: Request for a new DLT Fulko Hew (Jul 17)
- Re: Request for a new DLT Guy Harris (Jul 17)
- Re: Request for a new DLT Fulko Hew (Jul 18)
- Re: Request for a new DLT Guy Harris (Jul 18)
- Re: Request for a new DLT Fulko Hew (Jul 18)
- Re: Request for a new DLT Guy Harris (Jul 18)
- Re: Request for a new DLT Fulko Hew (Jul 19)
- Re: Request for a new DLT Fulko Hew (Jul 17)
- Re: Request for a new DLT Guy Harris (Jul 17)