Re: [tcpdump-workers] Link-Layer Header Type request for Linux Kernel Messages
Hi, Are there any comments on that? (since month) Pozdrawiam / Best regards - Michał Łabędzki, Software Engineer Tieto Corporation Product Engineering Services http://www.tieto.com / http://www.tieto.pl --- ASCII: Michal Labedzki e-mail: michal.labed...@tieto.com location: Swobodna 1 Street, 50-088 Wrocław, Poland room: 5.01 (desk next to 5.08) --- Please note: The information contained in this message may be legally privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorised use, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank You. --- Please consider the environment before printing this e-mail. --- Tieto Poland spółka z ograniczoną odpowiedzialnością z siedzibą w Szczecinie, ul. Malczewskiego 26. Zarejestrowana w Sądzie Rejonowym Szczecin-Centrum w Szczecinie, XIII Wydział Gospodarczy Krajowego Rejestru Sądowego pod numerem 124858. NIP: 8542085557. REGON: 812023656. Kapitał zakładowy: 4 271500 PLN ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] Link-Layer Header Types request for Android
Hello, I would like to request a new link-layer header type values: LINKTYPE_ANDROID_ADB DLT_ANDROID_ADB LINKTYPE_ANDROID_LOGGER DLT_ANDROID_LOGGER First is ADB. Android Debug Bridge is protocols used to manage Android platforms (connect, send command, receive data). Please check also Android documentation: http://developer.android.com/tools/help/adb.html For example: There are commands like: OKAY, WRTE (write), CLSE (close), etc. They can be dissected, for example in Wireshark. Second: Android Logger (knowns as Logcat logs) is format of (debug, for analyse of issues) Android processes messages. Logger is something like Linux kernel messages or/and syslog. You can see implementation on Wireshark side - it can be useful to understand this request: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8279 Main purpose of Logger: add system logs allow to analyse application/protocols issues. (example: file over Bluetooth is not send and there is logcat log "socket not open: permission denied") Main purpose of ADB: it is protocols. Technically: 1. There can be a lot of Android interfaces: see "adb devices" (one interface per device [formally two: one for ADB, second for LOGCAT]) 2. Logger can be put over ADB. 3. ADB can be put over TCP (adb connect localhost) or USB (default). I think you can replace LOGGER by LOGCAT is you think that "logcat" is more clear. Pozdrawiam / Best regards - Michał Łabędzki, Software Engineer Tieto Corporation Product Engineering Services http://www.tieto.com / http://www.tieto.pl --- ASCII: Michal Labedzki e-mail: michal.labed...@tieto.com location: Swobodna 1 Street, 50-088 Wrocław, Poland room: 5.01 (desk next to 5.08) --- Please note: The information contained in this message may be legally privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorised use, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank You. --- Please consider the environment before printing this e-mail. --- Tieto Poland spółka z ograniczoną odpowiedzialnością z siedzibą w Szczecinie, ul. Malczewskiego 26. Zarejestrowana w Sądzie Rejonowym Szczecin-Centrum w Szczecinie, XIII Wydział Gospodarczy Krajowego Rejestru Sądowego pod numerem 124858. NIP: 8542085557. REGON: 812023656. Kapitał zakładowy: 4 271500 PLN ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] Link-Layer Header Type request for Linux Kernel Messages
> "Michal" == Michal Labedzki writes: Michal> Are there any comments on that? (since month) I agree... I don't understand why putting these things into a pcap layer helps anyone. Have you looked at: http://datatracker.ietf.org/wg/syslog/charter/ and http://datatracker.ietf.org/doc/rfc5848/ might provide a more standard, more portable container? -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
[tcpdump-workers] Use of critical section on Win32
I really don't understand the motivation behind the Win32-code
for pcap_compile(). In gencode.c:
int
pcap_compile(pcap_t *p, struct bpf_program *program,
const char *buf, int optimize, bpf_u_int32 mask)
{
int result;
EnterCriticalSection(&g_PcapCompileCriticalSection);
result = pcap_compile_unsafe(p, program, buf, optimize, mask);
LeaveCriticalSection(&g_PcapCompileCriticalSection);
return result;
}
--
Why doesn't other libpcap functions needs this critical-section protection
too?
And how about the case when DllMain() hasn't been called (because libpcap
is used as a static lib) and someone calls e.g. pcap_compile(). Then this
'g_PcapCompileCriticalSection' struct is left un-initialised and the program
will crash.
Can we maybe sprinkle calls to 'wsockinit()' where needed and let 'wsockinit()'
do it's task only once? I could make the needed patches if we agree on this.
--gv
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] Use of critical section on Win32
On May 14, 2013, at 8:21 AM, Gisle Vanem wrote: > I really don't understand the motivation behind the Win32-code > for pcap_compile(). I assume the motivation is that pcap_compile() is not thread-safe. It's no more thread-safe on UN*X, so if the goal is to allow programs to use it without having to lock out other threads using it, we should perhaps use a pthread mutex if they're available... ...except if you're using Grand Central Dispatch rather than pthreads, in which case we should do what's appropriate for GCD. Then again, sufficiently recent versions of Flex can generate thread-safe lexical analyzers; if we can also generate a thread-safe parser (e.g., with Bison or some more modern flavor of YACC), we could probably incorporate the remaining global variables into a structure and make it thread-safe *if* the right tools are used to generate the parser and lexer. > Why doesn't other libpcap functions needs this critical-section protection > too? Because they're thread-safe. ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
