On Fri, Feb 1, 2013 at 8:07 PM, Michael Richardson <m...@sandelman.ca> wrote:
>
>>>>>> "Ani" == Ani Sinha <a...@aristanetworks.com> writes:
> Ani> hello folks :
>
> Ani> As you guys have been aware, I am hacking libpcap for a
> Ani> while. Me and Bill noticed something seriously broken for any
> Ani> filter expression that has a "not vlan" in it. For example,
> Ani> take a look at the filter code generated by libpcap with an
> Ani> expression like "not vlan and tcp port 80" :
>
> Ani> BpfExpression '(not vlan and tcp port 80)' { 0x28, 0, 0,
>
> Do we have any way to test libpcap expression outputs other than -d
> options to tcpdump? I'm thinking regression tests here.
All the bits are there inside libpcap, they just need to be plumbed together.
pcap = pcap_open_dead(link, snaplen);
/* todo: hook together argv to a single string */
prog = argv[0];
if (pcap_compile(pcap, &p, prog, optimize, 0) < 0) {
fprintf(stderr, pcap_geterr(pcap));
exit(1);
}
bpf_dump(&p, option);
pcap_freecode(&p);
pcap_close(pcap);
add some command-line arguments to set link, snaplen, optimize and
option and you've got part of a regression test engine! :-)
Bill
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
