Ethereal-dev: Re: [ethereal-dev] packet capture from switches and other RMON devices

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: guy@xxxxxxxxxx (Guy Harris)
Date: Wed, 12 May 1999 14:52:35 -0700 (PDT)
> It would be nice to also make a service for this on NT, but I
> don't know anything about NDIS programming to capture packets.

I looked into it some at one point - Microsoft has sample code to do
that (although I'm told the sample code doesn't do all that good a job),
but that code probably has a license that'd keep you from putting it
into an open-source project.

There's also PCAUSA:

	http://www.pcausa.com/

who have the Win32 NDIS Framework package, which lets you write
code to do live packet capture; it includes drivers for Windows OT and
Windows NT (which I think are necessary to let you get at NDIS from
userland), and a kernel BPF implementation to filter the packets.