To be totally honest, I think the whole way in which vlans are managed in the
filters is quite nonsense. The underlying problem is that normally a BPF filter
is an "or" or "and" combination of disjoint filters, so if I write "filterA" or
"filterB" I assume that the two filters are disjoints, so
hello folks :
As you guys have been aware, I am hacking libpcap for a while. Me and
Bill noticed something seriously broken for any filter expression that
has a "not vlan" in it. For example, take a look at the filter code
generated by libpcap with an expression like "not vlan and tcp port
80" :
> Currently the -T option is the only resort at the IP layer and UDP layer.
> It could apply to TCP too, perhaps.
Thanks, that seems to be OK to start with.
>
> It would be nice to have a way for each ULP decoders to register their
> name so that it's not so switch() stmt based, and then to have
> "Denis" == Denis Ovsienko writes:
Denis> There are network protocols that have an assigned port
Denis> number, and there are other that don't or are commonly used
Denis> on non-assigned ports, such as HTTP on port 8080. Looking at
Denis> function tcp_print() in file print-tc
Hello, list.
There are network protocols that have an assigned port number, and there are
other that don't or are commonly used on non-assigned ports, such as HTTP on
port 8080. Looking at function tcp_print() in file print-tcp.c, it is clear how
the former are handled, but is there any assumed
