[tcpdump-workers] Link-layer header type for unix domain sockets (UDS)
František Kučera
konference at frantovo.cz
Sun Mar 24 17:50:39 EDT 2019
Dne 24. 03. 19 v 13:59 Michael Richardson napsal(a):
> I don't see a problem with making up the metadata.
Yes, it works. I attached a screenshot of my current proof-of-concept. I
can filter by the socket path, see the metadata in a structured way and
it also decodes the data format (DER in this case). But it is an ugly
hack with lot of unused or misused fields and layers (IP, UDP, port
numbers, HTTP headers...). I would like to have a proper and clean solution.
More information about the tcpdump-workers
mailing list