Re: gencode.c

[Guy Harris <guy () alum mit edu>]

On Nov 4, 2010, at 11:54 AM, Xiaochun Lu wrote:

> My libpcap version is libpcap_1.2.0.

The latest release from tcpdump.org is 1.1.1.  If you build the Git trunk version, it's 1.2.0-PRE-GIT.

What does "dumpcap -v" print?

>  xcrp is a network device with
> special link layer header.  I guess the problem  is libpcap can't
> figure out what it is.

No, it can figure it out, but it probably doesn't realize that the link-layer header doesn't support a link-layer type 
field of the type it understands - which means that it won't support a TCP-based or UDP-based filter such as "port 
123", as it won't even be able to figure out whether a packet is an IP packet.

Is xcrp a regular network device, or is it a device with special support in libpcap?  If it's a regular network device, 
what's its ARPHRD_ value?
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe