[tcpdump-workers] [RFC LIBPCAP PATCH 0/1] LINKTYPE_LINUX_SLL2 implementation

Petr Vorel pvorel at suse.cz
Thu Jul 12 14:02:18 EDT 2018


Hi,

this is an attempt to implement LINKTYPE_LINUX_SLL2 [1]. The main
adventure over LINKTYPE_LINUX_SLL [2] is having "Interface index" field,
which allows to show interface name for "any" device.
This part is required for following patch in tcpdump, here I describe
libpcap part.

Unfortunately I haven't found a way how to coexist in runtime library
both LINKTYPE_LINUX_SLL and LINKTYPE_LINUX_SLL2, so by default
LINKTYPE_LINUX_SLL2 is enabled (PCAP_SUPPORT_SLL_V2 definition).
For users which needs, who needs to have LINKTYPE_LINUX_SLL, they have
to compile libpcap with --enable-sll-v2 option.
The reason for this is that it's look like there is no way to pass dlt
info to functions activate_new(pcap_t *handle),
pcap_create_interface(const char *device, char *ebuf), ...
Maybe I'm missing something obvious and there can be both
LINKTYPE_LINUX_SLL and LINKTYPE_LINUX_SLL2 compiled in the library.
It's also a bit easier to reuse sll_header for LINKTYPE_LINUX_SLL2.
Solution allowing both linktypes would require to create sll2_header.

Implementation isn't perfect, maybe some places in pcap-linux.c related
to cooked mode (cooked_ok) needs to chose use DLT_LINUX_SLL2 for
LINKTYPE_LINUX_SLL2 (I kept it DLT_LINUX_SLL only as CAN bus and CAN FD
aren't mentioned in LINKTYPE_LINUX_SLL2 spec [1]). But this part needs

Comments and suggestions are welcome.


Kind regards,
Petr

[1] http://www.tcpdump.org/linktypes/LINKTYPE_LINUX_SLL2.html
[2] http://www.tcpdump.org/linktypes/LINKTYPE_LINUX_SLL.html


Petr Vorel (1):
  Implement DLT_LINUX_SLL2

 INSTALL.md       |  2 +-
 cmakeconfig.h.in |  3 +++
 config.h.in      |  4 ++++
 configure        | 20 ++++++++++++++++++++
 configure.ac     | 10 ++++++++++
 gencode.c        |  3 +++
 pcap-common.c    |  1 +
 pcap-linux.c     | 12 ++++++++++++
 pcap.c           |  4 ++++
 pcap/sll.h       | 21 +++++++++++++++++++--
 10 files changed, 77 insertions(+), 3 deletions(-)

-- 
2.18.0



More information about the tcpdump-workers mailing list