Re: Fwd: Proposed update to DLT_BLUETOOTH_LE_LL_WITH_PHDR

[Sultan Khan via tcpdump-workers <tcpdump-workers () lists tcpdump org>]

> --- Begin Message ---
>
>
> From: Sultan Khan <sultanqasim () gmail com>
>
> Date: Thu, 9 Jul 2020 18:15:21 -0400
>
> After rereading it, I made one more slight change to the wording, dropping
> the word "received" from "Packets received using the LE Coded PHY are
> represented..." since this DLT can also be used to represent transmitted
> packets.
>
> Here's a browser renderable link to the latest version:
> https://gistcdn.githack.com/sultanqasim/8b6561309f5934f084a0d938ae733b7a/raw/c9172a730117c824a1b80add472052220810e538/LINKTYPE_BLUETOOTH_LE_LL_WITH_PHDR.html
>
> Any comments from anyone else?
>
> Thanks,
> Sultan
>
> On Thu, Jul 9, 2020 at 5:55 PM Sultan Khan via tcpdump-workers <
> tcpdump-workers () lists tcpdump org> wrote:
>
> > ---------- Forwarded message ----------
> > From: Sultan Khan <sultanqasim () gmail com>
> > To: tcpdump-workers <tcpdump-workers () lists tcpdump org>
> > Cc:
> > Bcc:
> > Date: Thu, 9 Jul 2020 17:57:03 -0400
> > Subject: Fwd: [tcpdump-workers] Proposed update to
> > DLT_BLUETOOTH_LE_LL_WITH_PHDR
> > Thanks for the feedback Guy. I revised the wording based on your
> > suggestion, while also noting there is a four octet access address in the
> > LE packet before the coding indicator.
> >
> > See the updated version here since the GitHack version rendered with a
> > suitable Content-Type is slow to update:
> > https://gist.github.com/sultanqasim/8b6561309f5934f084a0d938ae733b7a
> >
> > New wording:
> > For packets using the LE Coded PHY as defined in the Bluetooth Core
> > Specification v5.2, Volume 6, Part B, Section 2.2, the LE Packet is
> > represented as the four-octet access address, followed by the Coding
> > Indicator (CI), stored in a one-octet field with the lower 2 bits
> > containing the CI value, immediately followed by the PDU and the CRC.
> > Packets received using the LE Coded PHY are represented in an uncoded form,
> > so the TERM1 and TERM2 coding terminators are not included in the LE packet
> > field.
> >
> > On Thu, Jul 9, 2020 at 5:23 PM Guy Harris via tcpdump-workers <
> > tcpdump-workers () lists tcpdump org> wrote:
> >
> > > ---------- Forwarded message ----------
> > > From: Guy Harris <gharris () sonic net>
> > > To: Sultan Khan <sultanqasim () gmail com>
> > > Cc: tcpdump-workers <tcpdump-workers () lists tcpdump org>, Joakim
> > Andersson
> > > <joakim.andersson () nordicsemi no>, Mike Ryan <mikeryan () lacklustre net>,
> > > virtualabs () gmail com
> > > Bcc:
> > > Date: Thu, 9 Jul 2020 14:22:49 -0700
> > > Subject: Re: Proposed update to DLT_BLUETOOTH_LE_LL_WITH_PHDR
> > > On Jul 9, 2020, at 1:46 PM, Sultan Khan <sultanqasim () gmail com> wrote:
> > >
> > > > Through discussions with Joakim Anderson (of Nordic) and Mike Ryan
> > > (Ubertooth developer), and going through several iterations of proposed
> > > protocol updates, I/we came up with this:
> > https://gistcdn.githack.com/sultanqasim/8b6561309f5934f084a0d938ae733b7a/raw/LINKTYPE_BLUETOOTH_LE_LL_WITH_PHDR.html
> > > In the last paragraph, it says:
> > >
> > >         For packets using the LE Coded PHY as defined in the Bluetooth
> > > Core Specification v5.2, Volume 6, Part B, Section 2.2, the Coding
> > > Indicator (CI) is represented by the two least significant bits of a
> > > dedicated coding indicator byte between the Access Address and PDU.
> > Packets
> > > received using the LE Coded PHY are represented in an uncoded form, so
> > the
> > > TERM1 and TERM2 coding terminators are not included in the LE packet
> > field.
> > > Perhaps that's a bit clearer if stated as
> > >
> > >         For packets using the LE Coded PHY as defined in the Bluetooth
> > > Core Specification v5.2, Volume 6, Part B, Section 2.2, the LE Packet is
> > > represented as the Coding Indicator (CI), stored in a one-octet field
> > with
> > > the lower 2 bits containing the CI value, immediately followed by the PDU
> > > and the CRC.  Packets received using the LE Coded PHY are represented in
> > an
> > > uncoded form, so the TERM1 and TERM2 coding terminators are not included
> > in
> > > the LE packet field.
> > >
> > >
> > > ---------- Forwarded message ----------
> > > From: Guy Harris via tcpdump-workers <tcpdump-workers () lists tcpdump org>
> > > To: Sultan Khan <sultanqasim () gmail com>
> > > Cc: virtualabs () gmail com, Joakim Andersson <
> > joakim.andersson () nordicsemi no>,
> > > tcpdump-workers <tcpdump-workers () lists tcpdump org>
> > > Bcc:
> > > Date: Thu, 9 Jul 2020 14:22:49 -0700
> > > Subject: Re: [tcpdump-workers] Proposed update to
> > > DLT_BLUETOOTH_LE_LL_WITH_PHDR
> > > _______________________________________________
> > > tcpdump-workers mailing list
> > > tcpdump-workers () lists tcpdump org
> > > https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
> >
> >
> >
> > ---------- Forwarded message ----------
> > From: Sultan Khan via tcpdump-workers <tcpdump-workers () lists tcpdump org>
> > To: tcpdump-workers <tcpdump-workers () lists tcpdump org>
> > Cc:
> > Bcc:
> > Date: Thu, 9 Jul 2020 17:57:03 -0400
> > Subject: [tcpdump-workers] Fwd: Proposed update to
> > DLT_BLUETOOTH_LE_LL_WITH_PHDR
> > _______________________________________________
> > tcpdump-workers mailing list
> > tcpdump-workers () lists tcpdump org
> > https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
>
> --- End Message ---
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers