On Jan 17, 2018, at 4:47 AM, Paul Offord <Paul.Offord@xxxxxxxxxxxx> wrote:
> I want to make a start on the plan below. Last night I took a look at the relevant code.
>
> I started by adding support for TSDBs into the function pcapng_open(…) in pcapng.c
The *first* thing to do is to start by either
1) getting an official block type value from pcap-ng-format@xxxxxxxxxxx
or
2) getting a Private Enterprise Number from the IANA and using a custom block:
http://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?url=https://raw.githubusercontent.com/pcapng/pcapng/master/draft-tuexen-opsawg-pcapng.xml&modeAsFormat=html/ascii&type=ascii#rfc.section.4.7
> but I then stumbled across wtap_opttype_register_custom_block_type(…) in wtap_opttypes.c which seems to be a framework to add support for new block types. I did a check on code that refers to this function and found that nothing uses it at the moment.
That's correct - pcapng.c doesn't currently support custom blocks.
