terminated */
- NFULA_UID=0xb /* user id of socket */
/** 4B in BE */
- NFULA_GID=0xe /* group id of socket */
/** 4B in BE */
...
Regards,
Jakub Zawadzki.
[1] http://www.netfilter.org/projects/libnfnetlink/
[2] http://www.netfilter.org/projects/libnetfilter_log/
-
This is the tcpdu
On Mon, Jun 20, 2011 at 11:46:50AM -0700, Guy Harris wrote:
> And is there any packet data in there? For example, is that what's in
> NFULA_PAYLOAD TLVs?-
I'm not 100% sure if I undestand your question, but I think yes,
it's what current version of pcap-netfilter-linux.c is doing,
i.e. finding N
On Mon, Jun 20, 2011 at 01:54:43PM -0700, Guy Harris wrote:
> Are these structures likely to remain unchanged (other than new TLV types
> being added,
> and perhaps some TLVs changing length in a backwards-compatible fashion), so
> that older
> DLT_NFLOG captures won't be rendered unreadable by
On Mon, Jun 20, 2011 at 11:17:20PM +0200, Jakub Zawadzki wrote:
> If DLT_* registration process can be only done by someone who maintains
> given protocol/interface than I'm not such person :)
Ping?
Cheers,
Jakub
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
On Sat, Jul 09, 2011 at 10:37:55PM -0400, Michael Richardson wrote:
> Just a general comment about patches:
> - try not to include "configure" in your patch. From a developer
> point of view, this is a generated file, and any patch it generally
> big and irrelevant, and just confuses peo
Hi,
On Sat, Jul 09, 2011 at 02:36:50PM +0200, Joerg Mayer wrote:
> I've created a patch that actually manages to build into an rpm on my
> opensuse system. Wireshark HEAD also detects rpcap support when buiding with
> cmake. Now all I have to do is wait for the equipment to come back to
> do a rea
On Tue, Aug 30, 2011 at 05:56:54PM -0700, Guy Harris wrote:
> So how do you know how many TLVs there are? Is there a special "end of list"
> TLV?
Nope, you should read until end of message (packet).
PS: Sorry for late response, and thanks for assigning value :)
-
This is the tcpdump-workers lis
On Fri, Jan 06, 2012 at 04:47:09PM +0100, Akos Vandra wrote:
> Another reason why this is not a good approach: Let's get wireshark in
> the picture. Let's say the user selected a canusb device. The only way
> for wireshark to know what parameters (ex. baudrate) the canusb device
> needs is if wires
Hi,
On Wed, May 16, 2012 at 07:45:53AM +0200, Fulvio Risso wrote:
> Just because the code was done in 2002 and probably at that time I used the
> old
> socket style.
Nah, patch 3518553 [1] is mine :)
Yours code seems to use getaddrinfo like suggested by Artur.
3518553 is less invasive and more
Hi,
Compilation of pcap-netfilter-linux.c is currently broken.
I've already reported it in bug #3536543 [1], but I'm not sure if someone read
sf tracker nowadays :)
gcc -O2 -fpic -I. -DHAVE_CONFIG_H -D_U_="__attribute__((unused))" -g -O2 -c
./pcap-netfilter-linux.c
./pcap-netfilter-linux.c:43
On Thu, Aug 30, 2012 at 11:10:02AM -0700, Jim Lloyd wrote:
> I'm confused as to what is required for libpcap to use PF_RING. Most of the
> hits I have seen while searching for this are ancient and refer to libpcap
> 0.8. Can anyone please provide a link or summarize what must be done for
> libpcap
On Mon, Sep 03, 2012 at 02:34:02PM -0400, Michael Richardson wrote:
> The changes introduced in June to deal with "canopy" being picked up
> by CANusb interface, introduced a problem:
>
> ./pcap-canusb-linux.c:260:20: error: 'struct canusb_t' has no member named
> 'src'
> make: *** [pcap-canusb-l
12 matches
Mail list logo
