Re: New link-type for Z-Wave serial interface

[Guy Harris <gharris () sonic net>]

On Jul 21, 2019, at 2:19 PM, Mikhail Gusarov <dottedmag () dottedmag net> wrote:

> On 21 Jul 2019, at 23:07, Guy Harris wrote:
>
> > So a "garbage frame" would be any frame that begins with a value other than 0x06, 0x15, 0x18, or 0x01?
>
> > Is there any reason for whatever capture mechanism produces these packets not to discard garbage frames
> > rather than handing them to the libpcap caller (if this is implemented as a libpcap module) or writing
> > them to a file (if this is implemented as a program that writes pcap or pcapng files)?
>
> Not really. These bytes are useless without the framing, and there are at most 257 of them (frame length
> is a single byte).

So should we just say something such as

        LINKTYPE_Z_WAVE_SERIAL  XXX     DLT_Z_WAVE_SERIAL       Serial frames transmitted between a host and a Z-Wave 
chip over an RS-232 or USB serial connection, as described in section 5 of the Z-Wave Serial API Host Application 
Programming Guide.  Frames that aren't ACK, NAK, CAN, or Data frames should be treated as invalid.

with "the Z-Wave Serial API Host Application Programming Guide" linking to the document you mentioned?

That way, the "Frames that aren't..." part indicates that, if code that produces those frames doesn't discard them, but 
provides them to programs capturing the frames or reading from a file logging the frames, the code getting the frames 
should either ignore them or report them as invalid.
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers