tcpdump mailing list archives
Re: [PATCH libpcap] linktype: add netlink link/dlt type
From: Guy Harris <guy () alum mit edu>
Date: Fri, 19 Jul 2013 11:23:54 -0700
On Jul 3, 2013, at 3:49 AM, Daniel Borkmann <dborkman () redhat com> wrote:
For pcap interoperability, introduce a common link type for netlink captures.
What do the link-layer headers for this look like?
Netlink debugging workflow looks like the following: Setup: modprobe nlmon ip link add type nlmon ip link set nlmon0 up Capture: tcpdump -i nlmon0 ...
Presumably making that work also involves changes to libpcap to support capturing on nlmon devices (so that DLT_NETLINK is returned for them) and, if you're not using the -w flag to tcpdump, changes to tcpdump to analyze DLT_NETLINK packets. _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- [PATCH libpcap] linktype: add netlink link/dlt type Daniel Borkmann (Jul 03)
- Re: [PATCH libpcap] linktype: add netlink link/dlt type Guy Harris (Jul 19)
- Re: [PATCH libpcap] linktype: add netlink link/dlt type Daniel Borkmann (Jul 20)
- Re: [PATCH libpcap] linktype: add netlink link/dlt type Guy Harris (Jul 20)
- Re: [PATCH libpcap] linktype: add netlink link/dlt type Daniel Borkmann (Jul 20)
- Re: [PATCH libpcap] linktype: add netlink link/dlt type Guy Harris (Jul 19)