--- Begin Message ---
Hi libpcap team,
Have you advanced on the subject? The project is published on the Airbus CERT
github if you want to take a look : https://github.com/airbus-cert/Winshark
Have a nice day,
Sylvain
--
--
Don't hesitate to contact us if you have questions or need assistanc
--- Begin Message ---
On Jun 2, 2020, at 12:58 AM, Airbus CERT via tcpdump-workers
wrote:
> The layout is
> https://docs.microsoft.com/en-us/windows/win32/api/evntcons/ns-evntcons-event_header
So each packet's data starts with, in order:
a 2-octet event record size;
a 2-octet
--- Begin Message ---
François checked in a change to tcpdump so that, if it's handed a capture file
with a link-layer header type for which it has no dissector, it just dumps the
packet data in hex, rather than failing with an indication that the header type
isn't supported.
However, pcap_comp
