Protocols/netlink

Linux netlink (netlink)

Linux netlink is a communication channel between Linux kernel space and user space. [To be extended].

History

The netlink socket interface appeared in Linux kernel 2.2.

Protocol dependencies

Example traffic

XXX - Add example decoded traffic for this protocol here (as plain text or Wireshark screenshot).

Wireshark

The netlink dissector is fully functional, although not all netlink families are dissected.

Preference Settings

The netlink dissector has no preference settings.

Example capture file

XXX - Add a simple example capture file to the SampleCaptures page and link from here (see below). Keep this file short, it's also a good idea to gzip it to make it even smaller, as Wireshark can open gzipped files automatically.

Display Filter

A complete list of netlink display filter fields can be found in the display filter reference

Show only the netlink based traffic:

 netlink 

Capture Filter

You cannot directly filter netlink protocols while capturing.

External links

Discussion


Imported from https://wiki.wireshark.org/Protocols/netlink on 2020-08-11 23:21:25 UTC