[
https://issues.apache.org/jira/browse/DRILL-6179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16373220#comment-16373220
]
ASF GitHub Bot commented on DRILL-6179:
---------------------------------------
GitHub user Vlad-Storona opened a pull request:
https://github.com/apache/drill/pull/1126
DRILL-6179: Added pcapng-format support
See DRILL-6179 for details.
https://issues.apache.org/jira/browse/DRILL-6179
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/mapr-demos/drill pcapng_dev
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/drill/pull/1126.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1126
----
commit 043988c0a12bca3288f8ac49384ba6d1584fa159
Author: Vlad Storona <vstorona@...>
Date: 2018-01-30T12:55:04Z
DRILL-6179: Added pcapng-format support
----
> Added pcapng-format support
> ---------------------------
>
> Key: DRILL-6179
> URL: https://issues.apache.org/jira/browse/DRILL-6179
> Project: Apache Drill
> Issue Type: New Feature
> Reporter: Vlad
> Assignee: Vlad
> Priority: Major
>
> The _PCAP Next Generation Dump File Format_ (or pcapng for short) [1] is an
> attempt to overcome the limitations of the currently widely used (but
> limited) libpcap format.
> At a first level, it is desirable to query and filter by source and
> destination IP and port, and src/dest mac addreses or by protocol. Beyond
> that, however, it would be very useful to be able to group packets by TCP
> session and eventually to look at packet contents.
> Initial work is available at
> https://github.com/mapr-demos/drill/tree/pcapng_dev
> [1] https://pcapng.github.io/pcapng/
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
