--- On Thu, 12 Nov 1998 21:10:34 -0600 (CST) "Gilbert Ramirez Jr."
<gram@xxxxxxxxxxxxxxxxxxx> wrote:
> I want to be able to define
>protocol filters in a text file, and have my program roll all these
>definitions into a "BPF library" of sorts. I am guessing that the vast
>majority of all filters will be similar: "x bytes at offset y from
beginning
>of this protocol layer". As such, I want to provide an easy syntax for
>creating these easy filters, but with the ability for a programmer to
write
>BPF assembly if he needs to.
>
>I'm still playing around with the syntax, but here's a sample filter file
>for the token-ring layer:
I don't know about the issues behind it, but there is a format used by
Precision Guesswork's LanWatch which might be usable. It was used by the
predecessor of that program NetWatch which was from MIT and CMU.
Basically they use C structures. The code is not too ugly and it might be
nice to be able to use descriptions developed for LanWatch.
Just my $.02
--john
-------------------------------------
Name: John McDermott
VOICE: +1 505/377-6293 FAX +1 505/377-6313
E-mail: John McDermott <jjm@xxxxxxxxxx>
Writer and Computer Consultant
-------------------------------------
