Ethereal-dev: Re: [Ethereal-dev] Flexible file formats

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Ed Warnicke <hagbard@xxxxxxxxxxxxxxxxxxx>
Date: Sat, 23 Dec 2000 11:57:40 -0500 (EST)
For an even more impressive example of the response time on 
open source software, check out 

http://www.ethereal.com/lists/ethereal-dev/200011/msg00030.html

and follow the thread.  

In a nutshell, I had a problem, sent an email at about 10pm on a Saturday
night complaining about it, and had TWO fixes to my problem checked 
into CVS by TWO separate people by 6am Sunday morning.  

I wish you luck in your project.  It's always good to be able to 
capture from more sources.  I'd personally love to code an extention to 
libpcap to handle sniffing DOCSIS (data over cable system interface 
specification) if I could only come across hardware that I thought could 
appropriately pull the bits off the wire.

Ed

On Sat, 23 Dec 2000, Peter Dons Tychsen wrote:

> Sounds like pcap is the way to go.
> 
> Thanks for your fast response time. These things are funny. I send tons of
> mail to big professional network compoanies. = no response or dumb response.
> 
> Then i post 1 message on a freeware mailinglist, and i get the response i
> need the next day. WOW.
> 
> Keep it up.
> 
> Peter, Intel, Denmark
> 
> 
> ----- Original Message -----
> From: "Guy Harris" <gharris@xxxxxxxxxxxx>
> To: <donpedro@xxxxxx>
> Cc: <ethereal-dev@xxxxxxxxxxxx>
> Sent: Friday, December 22, 2000 10:24 PM
> Subject: Re: [Ethereal-dev] Flexible file formats
> 
> 
> > On Fri, Dec 22, 2000 at 05:05:07PM +0100, Peter Dons Tychsen wrote:
> > > I am creating a packet trace (sniffer) function for a series of
> > > routers. The router supports many different interfaces (ISDN/WAN/LAN)
> > > and protcols (IP/TCP/PPP/HLDC....). In what file format should i save
> > > the output in to be as compatible with ethereal as possible. What
> > > format is most flexible?
> >
> > As Gilbert suggested, libpcap format is probably the best choice.  One
> > of the things that makes it flexible is that libpcap is open source and
> > actively being developed.
> >
> > Currently, the link-layer formats it supports (other than those that are
> > "software-defined", such as DLT_NULL, which is used for loopback
> > devices) include:
> >
> > Ethernet
> >
> > Token Ring
> >
> > FDDI
> >
> > SLIP
> >
> > PPP (several different flavors, depending on what parts of the
> > header show up; the one you want may be DLT_PPP_SERIAL, which
> > originally came from NetBSD, and which can be used either for
> > traffic with a PPP header or for traffic with a Cisco
> > point-to-point HDLC header as described in section 4.3.1 of RFC
> > 1547)
> >
> > IEEE 802.11 wireless LAN
> 
> 
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>