Richard,
I like this idea. How might it return the decoded packet? As an array
of strings? It might be nice to be able to tell it at what level to
start, e.g. libdecode(pkt,len,PKT_IP) or libdecode(pkt,len,PKT_ETHER) or
even libdecode(pkt,len,PKT_SUNRPC).
libencode would be nice, too :-)
--john
Richard Sharpe wrote:
>
> Hi,
>
> I am thinking of libdecode
>
> Libdecode would take a frame and some suggested type info and return to you
> as many levels of decode as you asked for or it was capable of.
>
> We might also allow it to try some heuristics in the case that the base
> type info was UNKNOWN.
>
> The sorts of things it should return are:
>
> Proto: xxxxxxx
> Value: iiiii
> Offset: xxxxx
> Len: qqqqq
> Summary: xxxxxxxxxxxxxxxx
> Payload:
> Data: bbbbbbbbbbbbb
> Offset: xxxxxx
> Len: qqqqq
> Payload Decode:
> etc
>
> We should explicitely support an UNKNOWN protocol, and allow the decode
> routines to try their heuristics.
>
> Regards
> -------
> Richard Sharpe, sharpe@xxxxxxxxxx, Master Linux Administrator :-),
> Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org)
> Co-author, SAMS Teach Yourself Samba in 24 Hours
> Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course
--
John McDermott jjm@xxxxxxxxxx
Writer and Computer Consultant
J-K International, Ltd.
+1 505/377-6293 - V
+1 505/377-6313 - F
