[tcpdump-workers] DLTs for Z-Wave

[Joshua Wright]

I request two DLTs for Z-Wave packet captures based on the ITU-T
Recommendation G.9959 (http://www.itu.int/rec/T-REC-G.9959).

My packet capture tool has support for three Z-Wave RF profiles
(sometimes called "channel configurations"):

R1 - 9.6 Kbps (908.42 North America, 868.42 Europe)
R2 - 40 Kbps (908.4, 868.4)
R3 - 100 Kbps (916, 869.85)

The MAC format for R1 and R2 Z-Wave networks is identical, but the R3
MAC is different with additional fields and different bit mask
definitions.  Unfortunately, there is no version or other indicator in
the MAC frame to indicate if the packet is R1, R2, or R3. A decoding
tool (e.g. Wireshark) needs an indicator as to the RF profile in use
to properly decode the packet capture.

I believe this MAC behavior warrants two DLT's for Z-Wave: one DLT for
R1/R2 packets, and a second DLT for R3 packets.

Are there any questions I can answer to justify this request?

Thank you,

-Josh
--
Joshua Wright
jwri...@hasborg.com
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Re: [tcpdump-workers] tcpdump and libpcap releases, and future thoughts

[Denis Ovsienko]

>I would like to move all of the source for libnetdissect into a subdir, 
>and make it easier to build just that part, and finally introduce my 
>idea for a second main()/getopt() containing top-level program for tcpdump, 
>one which is not called tcpdump, but rather "pktdump". 

I don't fully understand the primary pro et contra of this change, but a 
positive side effect of this would be that the new subdir would make it easier 
to apply uniform updates specifically to printers' source code. Right now it is 
easy to miss a few .c/.h files when trying to do a uniform update.

-- 
Denis Ovsienko

___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers