Conversation
|
Thanks for this PR. Could you add unit tests, for example at Line 2258 in ef72e1d Also, can you point us with the documentation of these blocks? |
This patch allows to set Hardware, OS, and User Application, when creating a PcapNgWriter. These values will be written into the SHB.
LarsV33
force-pushed
the
adding_shb_options_to_pcapng
branch
from
d184fc9 to
41d1a2c
Compare
I gave it a try. Without a reader hard to read back.
This is part of the regular pcapng specification. These options are missing in the scapy implementation. I guess the best pcapng spec is the upcoming rfc: |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #4865 +/- ##
==========================================
+ Coverage 80.48% 80.86% +0.37%
==========================================
Files 368 368
Lines 90255 90269 +14
==========================================
+ Hits 72645 72998 +353
+ Misses 17610 17271 -339
🚀 New features to boost your workflow:
|
|
Thanks for pointing out the spec! I forgot about it. The RawPcapNgReader already supports reading these options, that probably better to tweak it and use for the unit tests, see https://github.com/secdev/scapy/blob/master/scapy/utils.py#L1752 |
|
@LarsV33 I push the changes to the unit tests. How does that look? |
|
How many options are there in total? Do we want to make an API? I see this as "someone will always want an option we don't have". Two propositions:
Or similar. WDYT @guedou |
|
That's a tricky question, because it depends on block types. I agree that the current design don't scale well. I will have a look at something better to easily add new options (likely an options argument to the object constructor). I don't recall that the PCAPng draft that I implemented had that many options. |
3 participants
This patch allows to initialize the PcapNgWriter with Hardware, OS, and User Application. This information is written to the pcapng SHB.