forked from LibtraceTeam/libtrace
-
Notifications
You must be signed in to change notification settings - Fork 0
Adding New Linktypes
salcock edited this page Sep 8, 2014
·
1 revision
Steps for adding full support for a new Link type to libtrace:
-
Get a TRACE_TYPE assigned and add it to libtrace.h
-
Add conversions to/from your linktype
- If your linktype is supported by pcap:
- Add LIBTRACE_DLT of the correct number to libtrace.h
- Add your new TRACE_TYPE to
libtrace_to_pcap_dlt/pcap_dlt_to_libtrace
- If your linktype is supported by ERF
- Add TYPE_* of the correct number to libtrace.h
- Add your new TRACE_TYPE to
libtrace_to_erf_type/erf_type_to_libtrace
- If your linktype is supported by the Linux kernel:
-
Add your linktype to linuxnative_get_link_type. ARPHRD's are defined in
<net/if_arp.h>. If your linktype is too new to exist in that header, consider having#ifndef ARPHRD_foo #define ARPHRD_foo 1337 #endif
-
- If your linktype is supported by pcap:
-
Add a structure to parse your linktype to
libtrace.hwith a name "libtrace__yourlinktype__t" -
Add trace_get_payload_from__yourlinktype_ to protocols_l2.c, and add code to
trace_get_payload_from_layer2()to understand your linktype. If you would like your new function to be part of the libtrace API, add a prototype and documentation to libtrace.h.in. -
Add a protocol description to
libpacketdump/