On Jan 12, 2005, at 8:10 PM, linux lover wrote:
I want to add my own new protocol interface to tcpdump utility.
I.e., you have a protocol that runs top IP or a protocol running atop IP (such as TCP or UDP), and you want to add code to tcpdump to dissect packets for that protocol and print information about the packet?
If so, then:
if it runs atop IP - by which I mean runs *directly* atop IP, as TCP and UDP do - look at "udp_print()" in "print-udp.c" for an example;
if it runs atop TCP or UDP, then look at the routines called by "udp_print()" or "tcp_print()".
Is there any Documentation avail?
Unfortunately, there's no "how to write a protocol dissector" documentation for tcpdump.
- This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
