Hello sir,
Actually i am in implementation of new protocol
like IPSEC protocol which adds NEW IP header in front
of AH Header i.e. consider packet structure of ipsec
TCP+IP1+AH+IP2+ETHERNET
So how to dissect packet headers in that case.
regards,
linux_lover.
--- Guy Harris <[EMAIL PROTECTED]> wrote:
>
> On Jan 12, 2005, at 8:10 PM, linux lover wrote:
>
> > I want to add my own new protocol
> interface
> > to tcpdump utility.
>
> I.e., you have a protocol that runs top IP or a
> protocol running atop
> IP (such as TCP or UDP), and you want to add code to
> tcpdump to dissect
> packets for that protocol and print information
> about the packet?
>
> If so, then:
>
> if it runs atop IP - by which I mean runs
> *directly* atop IP, as TCP
> and UDP do - look at "udp_print()" in "print-udp.c"
> for an example;
>
> if it runs atop TCP or UDP, then look at the
> routines called by
> "udp_print()" or "tcp_print()".
>
> > Is there any Documentation avail?
>
> Unfortunately, there's no "how to write a protocol
> dissector"
> documentation for tcpdump.
>
> -
> This is the tcpdump-workers list.
> Visit https://lists.sandelman.ca/ to unsubscribe.
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
