-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Christian" == Christian Kreibich <[EMAIL PROTECTED]> writes:
Christian> proposal that while I personally think an XML capture
Christian> format is not the right idea, an XML based tcpdump output
Christian> would be great in the long term -- it would certainly
Christian> eliminate a lot of parsing ambiguity.
I am not a fan of XML, but I could live with this kind of thing.
My opinion is that we need a code structure change:
- dissectors would not call printf() directly.
- dissectors would call some kind of thing=value function
that has a table for the current packet only.
- at the end of dissection, an appropriate thing=value->OUTPUT
converter would occur.
I think that this can work very well for XML or $thing="value";
or { "thing" => "value" } format. The question is -- how to retain what
we have now?
Does each level of dissector register a "print" function as well?
(with XML output all using the common XML print function?)
Or is some other structure that someone can think of.
- --
] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQOMZgoqHRg3pndX9AQHTDgQAknqmHRwfvCS4H36sI3u9BMiTcZTFn0it
tSE5X6dOHVedvLVsjQk9BIJISBp3QUSaGfUbcRDPNrE7z4x1YWt42u8jLVI885ZE
if+u8o/cZQhiCZu8UF4Ty2+5kzKmRXIvqFIwe8o8fcw43/Hl+bPuVM1EcTBbTfzv
Z2G9AQMUgqU=
=Y5xc
-----END PGP SIGNATURE-----
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
