netlink is a linux IPC mechanism commonly used for complex interactions between userspace and the linux kernel. The API uses socket() with a PF_NETLINK, and sendfrom/recvfrom.
Since it's IPC, there is no ethX device to pcap - I'm wondering if anybody knows of ways to watch netlink traffic? I could build dissectors, if I had to, but I'm not too sure how to get the captures. Cheers, Sam ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
