Re: DLT_DBUS

[Martin Vidner <martin () vidner net>]

On Wed, Nov 3, 2010 at 2:45 PM, Martin Vidner <martin () vidner net> wrote:
> Guy Harris wrote:
> > On Oct 31, 2010, at 12:29 AM, Martin Vidner wrote:
> > > please allocate a new network type for libpcap dump files, as
> > > described in
> > > http://wiki.wireshark.org/Development/LibpcapFileFormat#Global_Header
> > > .
> > > It is for dumping traffic on D-Bus,
> > > http://en.wikipedia.org/wiki/D-Bus
> > > , and the packets would contain raw D-Bus messages:
> > > http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-messages
> >
> > I.e., starting with the endianness flag, followed by the message
> > type, etc.?
>
> Yes. That also means that the authentication handshake before the
> message sequence is excluded.
> http://dbus.freedesktop.org/doc/dbus-specification.html#auth-protocol

Hello? Are there some concerns that I should address? Just too busy?

Martin Vidner
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.