diff options
author | Vadim Kochan <vadim4j@gmail.com> | 2015-06-16 04:10:19 +0300 |
---|---|---|
committer | Daniel Borkmann <daniel@iogearbox.net> | 2015-06-20 00:24:25 +0200 |
commit | 9977ec6012452bfc5053dbc90aed53f55064c86b (patch) | |
tree | 5aa23fa8645383d631829068d64b8b6e8b6b719c /dissector.h | |
parent | 12c6a61fa54a2ee6a28c04ff51b2456f73d499b9 (diff) |
netsniff-ng: Add dissector for Linux "cooked" packets
Added dissector_sll.c which uses sockaddr_ll to lookup & print
higher L3 layer protocol.
This dissector is mapped by LINKTYPE_LINUX_SLL link type.
Sample output of dissected Netlink & Ethernet packets.
Truncated manually some longer lines by "...":
> nlmon0 20 1434193547s.717131169ns #6
[ Linux "cooked" Pkt Type 4 (outgoing), If Type 824 (netlink), Addr Len 0, Src (), Proto 0x0 ]
[ NLMSG Family 0 (routing), Len 20, Type 0x0003 (DONE)...
> wlp3s0 52 1434194181s.436224709ns #9
[ Linux "cooked" Pkt Type 4 (outgoing), If Type 1 (ether), Addr Len 6, Src (XX:XX:XX:XX:XX:XX), Proto 0x800 ]
[ IPv4 Addr (XXX.XXX.XXX.XXX => 212.42.76.253), Proto (6), TTL (64), TOS (0), ...
), CSum (0x1ef5) is ok ]
[ Geo (local => Ukraine) ]
[ TCP Port (45849 => 443 (https)), SN (0x1744209), AN (0x46ca9611), DataOff (8) ...
[ Chr .....w.Rj).. ]
[ Hex XX XX XX XX XX XX XX XX XX XX XX XX ]
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Diffstat (limited to 'dissector.h')
-rw-r--r-- | dissector.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/dissector.h b/dissector.h index a99442e..5580110 100644 --- a/dissector.h +++ b/dissector.h @@ -105,7 +105,7 @@ static inline void show_frame_hdr(uint8_t *packet, size_t len, int linktype, extern void dissector_init_all(int fnttype); extern void dissector_entry_point(uint8_t *packet, size_t len, int linktype, - int mode, uint16_t proto); + int mode, struct sockaddr_ll *sll); extern void dissector_cleanup_all(void); extern int dissector_set_print_type(void *ptr, int type); |