From owner-freebsd-hackers@FreeBSD.ORG Fri Mar 4 17:47:14 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A17316A4CE; Fri, 4 Mar 2005 17:47:14 +0000 (GMT) Received: from outbound0.sv.meer.net (outbound0.sv.meer.net [205.217.152.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4D52543D53; Fri, 4 Mar 2005 17:47:13 +0000 (GMT) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail.meer.net [209.157.152.14]) j24HlBV1093337; Fri, 4 Mar 2005 09:47:12 -0800 (PST) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (nat-202.43.223.241.hongkong.corp.yahoo.com [202.43.223.241]) by mail.meer.net (8.12.10/8.12.10/meer) with ESMTP id j24Hl6DY051049; Fri, 4 Mar 2005 09:47:07 -0800 (PST) (envelope-from gnn@neville-neil.com) Date: Sat, 05 Mar 2005 01:47:05 +0800 Message-ID: From: gnn@freebsd.org To: Aziz KEZZOU In-Reply-To: <37e13166050304080715525d7e@mail.gmail.com> References: <37e13166050304080715525d7e@mail.gmail.com> User-Agent: Wanderlust/2.12.0 (Your Wildest Dreams) SEMI/1.14.6 (Maruoka) FLIM/1.14.6 (Marutamachi) APEL/10.6 Emacs/21.3.50 (powerpc-apple-darwin7.7.0) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII cc: freebsd-net@freebsd.org cc: hackers@freebsd.org Subject: Re: generic network protocols parser ? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Mar 2005 17:47:14 -0000 At Fri, 4 Mar 2005 11:07:34 -0500, Aziz KEZZOU wrote: > > Hi all, > I am wondering if any one knows about a generic parser which takes a > packet (mbuf) of a certain protocol (e.g RSVP ) as input and generates > some data structre representing the packet ? > > I've been searching for a while and found that ethereal and tcpdump > for example use specific data structres and functions to dissect each > protocol packets. Is this the only approach possible ? > > My supervisor suggested using a TLV (Type/Length/Value) approach > instead. Any opinions about that? > > If no such a parser exists is there any practical reason why ? > You might want to look at libnet and libnet-ng. Start here: http://www.packetfactory.net/libnet/ Perhaps not exactly what you want but the beginnings are there. Later, George