Michael RichardsonAre there any very minimal #flex / #bison like things that will produce a self-contained parser (maybe in a single function, no libraries) for a very small #ABNF or equivalent. #libpcap has grown a slightly complex capture source definition as it moves to mainstream the #rpcap mechanism. It used to be just "eth0" or "de0", but now there are many more things. Probably a superset of URN-syntax.
T_XAnd on another good news, got some sign of life from a #tcpdump / #libpcap maintainer. Hopefully the @batadv dissector for libpcap will be merged eventually... It's been more than 4 years already with only eventual feedback from upstream... This would really help with debugging network issues, especially on #embedded devices, and capturing only the data you need with minimal performance overhead.
Also: My pull-request for #tcpdump / #libpcap to add #batman_adv support to it is now four years old. "Happy" birthday! 
...
https://github.com/the-tcpdump-group/libpcap/pull/980
...https://github.com/the-tcpdump-group/libpcap/pull/980
Updated my patch for #tcpdump / #libpcap to add #batman_adv support. The patch is nearing 3 years of getting no full review... and I have no clue why that is.
This patch allows to filter for specific batman-adv packet types. And allows to filter within a packets payload by adjusting offsets, like "tcpdump ... 'batadv 15 bcast and arp' ". Very handy for debugging, especially on devices with limited resources, as libpcap uses #BPF on #Linux.
bitkeksfinally got around to write a PoC for a #rust-based #libpcap analysis/interceptor tool. But since https://crates.io/crates/pcap uses unsafe rust to wrap around the native libpcap library, there's no way to build the binary statically, right? The target system on which the binary shall be executed on must provide the libpcap.so?
I also used https://www.tcpdump.org/linktypes.html as reference fyi
George Budd
TigerschweinekaterBenutzt hier jemand #bettercap und hat jemand das mit irgendeinem halbwegs aktuellem #libpcap (d.h. >0.8.*) am laufen?