tcpdump mailing list archives
Re: Link-Layer Header Type request for Linux Kernel Messages
From: <Michal.Labedzki () tieto com>
Date: Wed, 15 May 2013 14:06:53 +0300
Hi, I guess area what I am working blur the boundaries of existing tools. So what about feature? (maybe it is time to little extend tool boundary) Linux Kernel Messages and Android Logs are similar to "syslog", ok, but think about wide perspective. The question are: 1. What can be supported by libpcap, but what cannot be. (~ we need one tool or two/infinite number of tools) 2. kmsg/syslog seems to be helper for other payloads analyse, so why it cannot be keep together? (for example: kernel close data socket, we know that from kernel logs and see that in protocol payloads) 3. Should I think about new tool? (On the other hand - my ideas should not completely break your tool or primary intention and should not disturb anyone) 4. kmsg seems to be regular interface, we can treat log as packet (or packet as log!), compute received, dropped, etc. PS. If all logs are in pcap (kernel, application logs [syslog/logcat], networks payloads (Internet, Bluetooth, NFC, DBus, etc...) ), than user can simply send it to developer, and we do not need syslog anymore. Pozdrawiam / Best regards ------------------------------------------------------------------------------------------------------------- Michał Łabędzki, Software Engineer Tieto Corporation Product Engineering Services http://www.tieto.com / http://www.tieto.pl --- ASCII: Michal Labedzki e-mail: michal.labedzki () tieto com location: Swobodna 1 Street, 50-088 Wrocław, Poland room: 5.01 (desk next to 5.08) --- Please note: The information contained in this message may be legally privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorised use, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank You. --- Please consider the environment before printing this e-mail. --- Tieto Poland spółka z ograniczoną odpowiedzialnością z siedzibą w Szczecinie, ul. Malczewskiego 26. Zarejestrowana w Sądzie Rejonowym Szczecin-Centrum w Szczecinie, XIII Wydział Gospodarczy Krajowego Rejestru Sądowego pod numerem 0000124858. NIP: 8542085557. REGON: 812023656. Kapitał zakładowy: 4 271500 PLN ________________________________________ From: mcr () sandelman ca [mcr () sandelman ca] Sent: 14 May 2013 16:39 To: Labedzki Michal Cc: tcpdump-workers () lists tcpdump org Subject: Re: [tcpdump-workers] Link-Layer Header Type request for Linux Kernel Messages
"Michal" == Michal Labedzki <Michal.Labedzki () tieto com> writes:
Michal> Are there any comments on that? (since month) I agree... I don't understand why putting these things into a pcap layer helps anyone. Have you looked at: http://datatracker.ietf.org/wg/syslog/charter/ and http://datatracker.ietf.org/doc/rfc5848/ might provide a more standard, more portable container? -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] mcr () sandelman ca http://www.sandelman.ca/ | ruby on rails [ _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Link-Layer Header Type request for Linux Kernel Messages Michal.Labedzki (Apr 17)
- Re: Link-Layer Header Type request for Linux Kernel Messages Michal.Labedzki (May 14)
- Re: Link-Layer Header Type request for Linux Kernel Messages Michael Richardson (May 14)
- Re: Link-Layer Header Type request for Linux Kernel Messages Michal.Labedzki (May 15)
- Re: Link-Layer Header Type request for Linux Kernel Messages Michal.Labedzki (May 15)
- Re: Link-Layer Header Type request for Linux Kernel Messages Michal Labedzki (Jun 27)
- Re: Link-Layer Header Type request for Linux Kernel Messages Michael Richardson (May 14)
- Re: Link-Layer Header Type request for Linux Kernel Messages Michal.Labedzki (May 14)