17 Aug
2009
17 Aug
'09
10:18 p.m.
And I think that it is still a good idea to have tcpdump dissectors as you maybe want to have live output over your seriell interface on you embedded device without much hassle.
Yes, that is my aim. Wireshark has too much overhead for embedded system use.
Writing the dissector was simple. Writing new filters looks a lot harder. I don't yet understand the Flex/Bision stuff in libpcap. Does anybody have any experience with it?
Andrew