Re: Variable length mac headers and gencode.c (and

[Darren Reed <darren.reed () oracle com>]

On 13/05/11 12:52 AM, Darren Reed wrote:
> On 12/05/11 04:27 AM, Guy Harris wrote:
> > On May 10, 2011, at 1:40 PM, Darren Reed wrote:
> >
> > > To pursue this a little further, experimenting has
> > > determined that the best layout thus far would be
> > > something similar to this:
> > >
> > > bits field
> > > 00-07 version (1)
> > > 08-15 pad (0)
> > > 16-31 pre-mac payload length
> > > 32-63 dlt (DLT_*)
> > > 64-79 ethernet protocol number
> > > 80-95 pad (0)
> >
> > What about packets for which there is no appropriate Ethernet 
> > protocol number value, such as:
> >
> > various link control protocols for PPP;
> >
> > management and control frames for 802.11 (and similar frames for 
> > older LAN technologies such as FDDI and Token Ring);
> >
> > LAN frames with 802.2 headers with DSAPs for which there's no 
> > Ethernet protocol number;
> >
> > LAN frames with 802.2+SNAP headers with an OUI other than 0x000000;
> >
> > etc.?
>
>
> An alternative would be like this:
>
> bits  field values
> ----- ------------
> 00-07 version (1)
> 08-15 control field for bits 64-95
> 16-31 pre-mac payload length
> 32-63 dlt (DLT_*)
> 64-95 mac payload type
>
> So, if bits 08-15 are 0, 64-79 are 0 and 80-95 are the ethernet 
> protocol number.
>
> ...

I've adopted the comments directly above into the frame format being used.

The attached diffs represent the changes required to have libpcap 
properly work with this header. As yet I haven't seen a DLT assigned, so 
I've chosen one a fair distance off - 16384. At present the code 
generator assumes that bits 8-15 are 0 because thus far there is no 
other type of packet being generated.

Darren

Attachment: libpcap.link.diffs
Description:

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.