Wireshark-dev: Re: [Wireshark-dev] [PATCH v2] Add support for the CIPSO IPv4 option

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Sat, 20 Jan 2007 00:57:44 +0100 (CET)
Hi,

Checked in.

Would it be oke to put the capture file up on the Wiki on the
SampleCaptures page?

Thanx,
Jaap

On Fri, 19 Jan 2007, Paul Moore wrote:

> Attached is the an updated version of the patch I sent on January 17th.  The
> only two changes are the shift from glib-2.0 specific string functions to the
> more portable standard C library string functions as well as a small bugfix
> found during the shift.
>
> Below is the text/abstract from the original posting.
>
> ***
> This patch adds support for the IPv4 Commercial IP Security Option (CIPSO) as
> defined in the IETF draft, draft-ietf-cipso-ipsecurity-01.txt.  While this
> draft has long since expired, it has become a de-facto standard for labeled
> networking with support from several commercial Multi-Level Security (MLS)
> operating systems such as HP-UX CMW and Trusted Solaris; in addition, Linux
> Kernels 2.6.19 and later provide support for CIPSO in conjunction with
> SELinux.
>
> Copies of the expired CIPSO draft can be found at the NetLabel project page:
>
>  * http://netlabel.sf.net
>
> A sample packet capture demonstrating the three types of CIPSO tags can be
> found here:
>
>  * http://free.linux.hp.com/~pmoore/files/tcpdump_out.pcap
>
> This patch is backed against the current SVN sources and has been fuzz tested
> using the fuzz-test.sh script.  Please consider it for inclusion into the
> wireshark source tree.
>
> Thank you.
> ***
>
> --
> paul moore
> linux security @ hp
>