Ethernet frames must be at least 60 bytes long(plus a 4-byte FCS which
is appended by the network driver). ARP requests are not 42 bytes
long, you're seeing that because probably that padding is being
appended by the driver, after wireshark/tcpdump capture it.
Here's an interesting thread about that:
http://www.microchip.com/forums/m493473-print.aspx
You could check if this is true by sending ARP requests and capturing
them both in the receiver and transmitter hosts. For example, I'm
seeing that ARP packets sent by my host(both requests and replies) are
42 bytes long, but that's probably "an illusion" caused by what I
mentioned above.
I think what libtins is doing is right, but feel free to correct me if
I'm wrong.
> --
> You received this message because you are subscribed to the Google Groups
> "libtins" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
libtins+u...@googlegroups.com.
> For more options, visit
https://groups.google.com/groups/opt_out.