Wireshark mailing list archives

Re: gencode.c

From: Xiaochun Lu <xiaoclu () gmail com>
Date: Thu, 4 Nov 2010 12:40:09 -0700

Hi, Guy:
yes, my git version is 1.2.0-PRE-GIT.
xcrp is a regular network device. The problem is that it  is not
supported by libpcap yet. I add DLT value for xcrp by myself. I also
add some code to wire shark
to decode xcrp packets.  I did it a few months ago and forget what is
gencode.c at all.

Right now,  I can  capture packets without capture filter. Then  I can
apply read filter when read it out from pcap file. seems to me that I
need add
some special code for DLT_XCRP  in gen_linktype(protol).


Thanks!
shawn

On Thu, Nov 4, 2010 at 12:04 PM, Guy Harris <guy () alum mit edu> wrote:


On Nov 4, 2010, at 11:54 AM, Xiaochun Lu wrote:

My libpcap version is libpcap_1.2.0.


The latest release from tcpdump.org is 1.1.1.  If you build the Git trunk version, it's 1.2.0-PRE-GIT.

What does "dumpcap -v" print?

 xcrp is a network device with
special link layer header.  I guess the problem  is libpcap can't
figure out what it is.


No, it can figure it out, but it probably doesn't realize that the link-layer header doesn't support a link-layer 
type field of the type it understands - which means that it won't support a TCP-based or UDP-based filter such as 
"port 123", as it won't even be able to figure out whether a packet is an IP packet.

Is xcrp a regular network device, or is it a device with special support in libpcap?  If it's a regular network 
device, what's its ARPHRD_ value?
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

gencode.c Xiaochun Lu (Nov 04)
- Re: gencode.c Guy Harris (Nov 04)
  - Re: gencode.c Xiaochun Lu (Nov 04)
    - Re: gencode.c Guy Harris (Nov 04)
    - Re: gencode.c Xiaochun Lu (Nov 04)
    - Re: gencode.c Guy Harris (Nov 04)
    - Re: gencode.c Xiaochun Lu (Nov 05)