Guy Harris wrote:
On Nov 17, 2003, at 10:38 AM, Ben Greear wrote:
I have made a patch to the e1000 driver (a similar patch should work
on other drivers) to allow it to be configured to return the entire
ethernet frame, ie the FCS too. Eventually, if I can convince the kernel
folks, there will be an Ethtool ioctl to turn this on/off and query it.
Which kernel? (As in "kernel for what OS"?)
Linux 2.4.23-pre9.
In the meantime, how hard would it be for someone to add an option to
ethereal to tell it that a particular interface or session's packets
include the FCS as the last 4 bytes? Please note, I'm using a hacked up
proprietary protocol for my testing, so there is no way Ethereal can know
that the last 4 bytes are checksum....
I.e.
1) this would be done with a libpcap-format capture (e.g., done by
Ethereal);
Ethereal shows the last 4 bytes (the checksum), it just shows them as
part of the normal ethernet packet. I'm not sure if the above was question
or answer...
2) your protocol doesn't run atop 802.3+802.2 (with a length field
rather than a type field) and doesn't include a length field of its own,
so Ethereal doesn't know how much of the packet is trailer and/or FCS
and thus the existing Ethereal code to try to guess whether there's an
FCS won't always work?
With my patch, the last 4 bytes of the captured packet will always be
the FCS. Any padding (ie, you are sending a 32 byte ethernet payload
and the NIC pads it out to 60 + FCS) will come before the FCS if I
understand correctly.
So, if I just had a checkbox in ethereal that said 'FCS is last 4 bytes, always!'
then ethereal would not have to parse any protocols to decode the FCS correctly.
As mentioned, I'll try to get the feature into the Linux kernel so that ethereal
can automatically querry the interface when it starts its capture, making
the checkbox irrelevent (on these versions of Linux at least).
Make sense?
Ben
--
Ben Greear <greearb@xxxxxxxxxxxxxxx>
Candela Technologies Inc http://www.candelatech.com
