I would like to inquire about a couple of patches that are incorporated
into the build of tcpdump (3.4.19) that comes with Red Hat 6.2 (and 7.x,
I think).
Files "libpcap-0.4-ss991029.dif" and "tcpdump-3.4-ss991030.dif" and a
number of other patch files are included (gzipped) in the source rpm.
The most important benefit (to me) of the patches is the expansion of
the pcap_pkthdr structure:
struct pcap_pkthdr {
struct bpf_timeval ts;
bpf_u_int32 caplen;
bpf_u_int32 len;
#ifdef linux
int ifindex;
unsigned short protocol;
unsigned char pkt_type;
#endif
};
This allows the tcpdump print function to display the device name for
each packet (...very useful when all interfaces are being sniffed).
I need to add this into a custom build of tcpdump 3.6.2, because I also
need VLAN support. Does anyone know of an easier way than
hand-stitching bits of code from the patched source into the 3.6.2
source? In other words, are there equivalent patches for libpcap 0.6
and tcpdump 3.6.2? I'm also wondering why this code has not yet been
absorbed into the current version of libpcap and tcpdump.
---
Ed Stevens
Senior Software Designer, Atreus Systems Corporation
(613) 233-1741 x226
http://www.atreus-systems.com
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
