tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: verbose decoding without assigned port number

From: Denis Ovsienko <infrastation () yandex ru>
Date: Fri, 08 Feb 2013 20:58:51 +0400
    Denis> There are network protocols that have an assigned port
    Denis> number, and there are other that don't or are commonly used
    Denis> on non-assigned ports, such as HTTP on port 8080. Looking at
    Denis> function tcp_print() in file print-tcp.c, it is clear how the
    Denis> former are handled, but is there any assumed way to handle
    Denis> the latter? I am considering adding a ZeroMQ decoder to
    Denis> tcpdump, to be particular.

Currently the -T option is the only resort at the IP layer and UDP layer.
It could apply to TCP too, perhaps.


It looks like -T applies. I've got a working code and am producing a sample capture. The ZeroMQ decoding function is 
called from both tcp_print() and udp_print(), should I put it into an existing file or a new file? Which of license 
boilerplates then?

-- 
    Denis Ovsienko
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Previous By Date Next
Previous By Thread Next

Current thread: