AFS-aware tcpdump patches now available

Neulinger, Nathan R. nneul at umr.edu
Wed Oct 20 16:00:50 CEST 1999 

I've taken Ken's patches and rewritten them as patches to ethereal. I've
also added a small amount of additional decoding. More can be added by
anyone - just take a look at the rx definitions in the Arla source code.
(Although they don't always seem to match up to the packet contents... I
don't completely understand the rx source's workings.)

I haven't submitted the patch to be added to the ethereal source yet, but
will be doing so probably later today.

	http://ethereal.zing.org/

Ethereal is a Gtk+ based network analyzer with a UI similar to
sniffer/etherpeek/etc. 

The afs support will need more work to decode more of the packet contents,
but just right now they provide a tremendous amount of information that was
previously not easy to get at. (They should give you at least all the
information that Ken's tcpdump patch does.)

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul at umr.edu
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216


> -----Original Message-----
> From: Ken Hornstein [mailto:kenh at cmf.nrl.navy.mil]
> Sent: Friday, October 15, 1999 2:14 PM
> To: info-afs at transarc.com
> Subject: AFS-aware tcpdump patches now available
> 
> 
> As some people might have been aware, a while ago I wrote 
> some code for
> tcpdump that decoded RX packets and some of the arguments to the AFS
> RPC calls.  That code has been quitely bitrotting for a while.
> 
> Well, at the urging of some various people, I finally revisited
> this code, dusted it off, crammed it into the latest tcpdump and
> polished it to a dull glow.  I figured it's finally suitable for
> external consumption.
> 
> Anyway, to make a long story short, it's now at:
> 
> /afs/transarc.com/public/afs-contrib/tools/tcpdump
> 
> Included in that directory is a README which explains a bit about how
> the code works, and the actual context diff itself.
> 
> I know there were some other tcpdump patches by a Transarc employee,
> but I haven't been able to find those in a long time.  Note that my
> patches take a _completely_ different route; more energy has been
> spent on decoding the AFS RPC calls.  I believe that my patch include
> the same information as that other patch, however.
> 
> Comments, suggestions, improvements, and bug fixes are welcome.
> 
> --Ken
>

More information about the Arla-drinkers mailing list