Re: [tcpdump-workers] Request for new LINKTYPE_* code LINKTYPE_AUERSWALD_LOG

--- Begin Message --- On Feb 4, 2021, at 3:41 AM, developer--- via tcpdump-workers wrote: > We currently use this code in our lua dissector to display (decoded) SIP > messages. > > -- offsets will change with the new LINKTYPE >if (buf(148,2):uint() == MSG_TYPE_SIP) then >sadd("src_

Re: [tcpdump-workers] Request for new LINKTYPE_* code LINKTYPE_AUERSWALD_LOG

--- Begin Message --- Hi, We currently use this code in our lua dissector to display (decoded) SIP messages. -- offsets will change with the new LINKTYPE if (buf(148,2):uint() == MSG_TYPE_SIP) then sadd("src_ip",0,16) sadd("src_port",16,2,"uint") sadd("dst_ip", 18,16)

Re: [tcpdump-workers] Request for new LINKTYPE_* code LINKTYPE_AUERSWALD_LOG

--- Begin Message --- Hi, You should perhaps take a look at the exported plus link type and wireshark sources. It may be doing similar things. New tags could be added. Regards Anders Hämta Outlook för Android From: tcpdump-workers on behal

Re: [tcpdump-workers] Request for new LINKTYPE_* code LINKTYPE_AUERSWALD_LOG

--- Begin Message --- > Ideally, you would have a document somewhere that would describe your capture > format. We might want to review the format. I would be able to > I would note that if you are just adding logging, and you just want to use > pcapng, that you might store your ethernet captur

Re: [tcpdump-workers] Request for new LINKTYPE_* code LINKTYPE_AUERSWALD_LOG

--- Begin Message --- > Ideally, you would have a document somewhere that would describe your capture > format. We might want to review the format. I would be able to > I would note that if you are just adding logging, and you just want to use > pcapng, that you might store your ethernet captur