Re: DLT Request

[Guy Harris <guy () alum mit edu>]

On Jul 31, 2007, at 7:43 PM, Phil Mulholland wrote:

> I'd like to request a new DLT value for our internal header format.
>
> We have a patched version of libpcap that can capture packets from  
> our custom board. The
> board can optionally attach it's own header to the packets, before  
> the Ethernet header. We
> call it an RAIF1 header so something like DLT_RAIF1 would be good.
>
> I can make more information available, but currently it's only  
> really useful to our
> customers that have a board.

I note that tcpdump, Snort, Wireshark, and ntop are mentioned on your  
company's website; will patches for any of those be distributed to  
handle DLT_RAIF1?

In addition, we might want to know what information is provided in the  
header, to guide future work on the pcap-NG file format and on  
tcpdump, Wireshark, etc..
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.