On Jun 24, 2004, at 11:29 AM, Jefferson Ogata wrote:
It would seem to me that the best approach would be to have a format
configuration file when an entry for each dissected protocol. Local
installations could tweak it however they like.
That would be great -- but the default should be the old fo
Eddie Kohler wrote:
It would seem to me that the best approach here would be to design a new
format that applied *only in those cases where it was required*:
gre/l2tp/mpls tunneling. And of course it doesn't matter how new
protocols are printed, there are no backwards compatibility issues.
It w
Hannes,
does this break existing scripts ?
most certainly: however we have not yet found out how to
progress the software in terms of new protcols and multilayer
encapsualation support (gre/l2tp/mpls) and still stay 100%
downwards compatible;
You don't need to stay 100% compatible. However, some o
Michael Richardson wrote:
"Pekka" == Pekka Savola <[EMAIL PROTECTED]> writes:
Pekka> Have you checked the code in the CVS? It already includes a
Pekka> "droproot" option.
Pekka> Yours is slightly different, though, as it uses
Pekka> (Linux-specific?) capabilities. I'm not sure if
Title: Message
I have
an update to the problem. i no longer think that it is a irix issue as i
have compiled this code on a redhat 9.0 box as well as a mandrake box. the
problem still exists
Please
any help is appreciated
thank
you
jason
-Original Message-From:
[EMAIL
eddie,
i did most of the vflag changes in the last 18 months
along with my work on the rsvp,bgp,isis,ospf,lmp,rip,pim,eigrp
dissectors;
the rationale behind this is that you get brief one-line
information that is good enough for troubleshooting
and for a detailed information (vv) we switch
to mul
-BEGIN PGP SIGNED MESSAGE-
> "Pekka" == Pekka Savola <[EMAIL PROTECTED]> writes:
Pekka> Have you checked the code in the CVS? It already includes a
Pekka> "droproot" option.
Pekka> Yours is slightly different, though, as it uses
Pekka> (Linux-specific?) capabilities.
Pekka Savola wrote:
On Wed, 23 Jun 2004, Matt Beaumont wrote:
I've written a little patch to drop all but the CAP_NET_ADMIN and
CAP_NET_RAW capabilities immediately if tcpdump is running with root
privileges. The idea is to limit the damage done by an exploit
against tcpdump.
Some of the inspirati
