Hey guys...don't know if this would be the right place to ask about this but
I figure you can probably help me or point me in the right direction.
I am working on a project that interacts with a lot of alternative devices
(proprietary modems,etc) that speak some of the common protocols (IP, TCP,
UDP,etc) and was wondering how difficult is it to support these devices.
Is it just as simple as putting /dev/my_modem or /dev/modem for the device
to capture from?
And along those lines if it is simply a mater of the device/device driver in
question has to have certain hooks to use the capturing capabilites, what
kind of hooks are needed?
Would this be something that I would need to look more to the libpcap and/or
tcpdump guys? And along those lines, are there any mailing lists relating
to these two products?
Ethereal uses libpcap which outputs to tcpdump format correct? Other than
the common library, it does not rely on tcpdump for anything correct?
Also, I think I mentioned this before, but I figure I would ask again in a
slightly different direction.
When we are capturing data, all the packets in question are sent to a dump
file. In the dump file the individual information is timestamped by the
capturing (not the actuall packets).
I have used a little bit the "Follow the TCP" functionality and was
wondering if something along those lines is possible with IP and/or UDP.
How does it indentify the start and end of the TCP stream. I am guessing
that is ultimately part of the TCP packet header informatio, correct?
I am concerned about this because some of the messaging we want to capture
is UDP/IP based and not TCP/IP based.
Eric Bresie
ebresie@xxxxxxx
