[Cake] [Ecn-sane] The two SCE tests I have in mind

Rodney W. Grimes 4bone at gndrsh.dnsmgr.net
Tue Apr 2 09:36:48 EDT 2019


> On Sun, 24 Mar 2019 13:32:03 +0100
> Michael Richardson <mcr at sandelman.ca> wrote:
> 
> > Jonathan Morton <chromatix99 at gmail.com> wrote:
> >     >> On 24 Mar, 2019, at 12:05 pm, Pete Heist <pete at heistp.net> wrote:
> >     >> 
> >     >> tcpdump -r file.pcap udp port 2112 and greater 80 and "ip[1] != 0x1?
> >     >> 
> >     >> ?greater 80? ignores the handshake packets and 0x1 is whatever TOS
> >     >> value we want to make sure the packets contain. We can use different
> >     >> filters for other traffic.  
> > 
> >     > Bear in mind that the TOS byte contains ECN as well as DSCP fields, and
> >     > the latter is left-justified.  
> > 
> > libpcap should probably learn about DSCN bits to avoid people having to

We need to teach tcpdump and wireshark what the new meaning of the 4th state
ECT bits mean, and that NS now means ESCE.  It already knows what CE and ECE
are, iirc.

> > think so much :-)
> > 
> > Send patches to me/github.
> > 
> 
> Libpcap is ancient history by now. It is like ifconfig, everyone still can't reprogram
> their brain; but the tool is on life support.

That is not correct, wireshark is a GUI built on top of libpcap,
and quiet useless without a working libpcap.

	https://wiki.wireshark.org/libpcap


However, the place(s) that need to learn about the bits so it
can display them correctly is in the wireshark code, and also
in the command line tcpdump code.

> All development is happening on wireshark/tshark.

Rarely, but not unheard of, changes do have to be made to libpcap,
this however is not one of those cases.
Libpcap is a very stable entity today.

-- 
Rod Grimes                                                 rgrimes at freebsd.org


More information about the Cake mailing list