Dne 24. 03. 19 v 22:50 František Kučera napsal(a):
Dne 24. 03. 19 v 13:59 Michael Richardson napsal(a):
I don't see a problem with making up the metadata.
Yes, it works. I attached a screenshot of my current proof-of-concept.
I can filter by the socket path, see the metadata in a structured way
and it also decodes the data format (DER in this case). But it is an
ugly hack with lot of unused or misused fields and layers (IP, UDP,
port numbers, HTTP headers...). I would like to have a proper and
clean solution.
The attachment:
<https://vps.frantovo.cz/temp/uds-wireshark-dirty-hack.png> (just for
illustration)
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
