On Jul 2, 2004, at 11:07 AM, Hannes Gredler wrote:
could you maybe also provide a pointer to a spec where the escaping routines and or the 0x7e escape hack is described ?
http://www.ietf.org/rfc/rfc1662.txt
"This document describes the use of HDLC-like framing for PPP encapsulated packets.
...
4. Octet-stuffed framing
This chapter summarizes the use of HDLC-like framing with 8-bit asynchronous and octet-synchronous links.
4.1. Flag Sequence
The Flag Sequence indicates the beginning or end of a frame. The octet stream is examined on an octet-by-octet basis for the value 01111110 (hexadecimal 0x7e).
4.2. Transparency
An octet stuffing procedure is used. The Control Escape octet is defined as binary 01111101 (hexadecimal 0x7d), most significant bit first.
As a minimum, sending implementations MUST escape the Flag Sequence and Control Escape octets.
After FCS computation, the transmitter examines the entire frame between the two Flag Sequences. Each Flag Sequence, Control Escape octet, and any octet which is flagged in the sending Async-Control- Character-Map (ACCM), is replaced by a two octet sequence consisting of the Control Escape octet followed by the original octet exclusive-or'd with hexadecimal 0x20.
This is bit 5 complemented, where the bit positions are numbered
76543210 (the 6th bit as used in ISO numbered 87654321 -- BEWARE
when comparing documents).Receiving implementations MUST correctly process all Control Escape sequences.
On reception, prior to FCS computation, each octet with value less than hexadecimal 0x20 is checked. If it is flagged in the receiving ACCM, it is simply removed (it may have been inserted by intervening data communications equipment). Each Control Escape octet is also removed, and the following octet is exclusive-or'd with hexadecimal 0x20, unless it is the Flag Sequence (which aborts a frame)."
- This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
