Ethereal-dev: Re: [Ethereal-dev] Ethereal Client/Server Model

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Fri, 9 Jan 2004 12:34:55 -0800

On Jan 9, 2004, at 6:46 AM, donnie@xxxxxxxxxxx wrote:


I was wondering, if anyone would be interested in helping to implement
this type of client/server model for ethereal?


I'd be more interested in seeing it implemented for libpcap:

	http://winpcap.polito.it/docs/man/html/group__remote.html

so that there's a client/server model for Ethereal, and tcpdump, and....
The client-side code should work in libpcap, I think; it'd require changes to applications to use it. The server side code runs on Windows, and I think it might also work on Linux.
(The scheme used to identify remote devices is extensible; it currently handles rpcap:{device}, for using the RPCAP protocol that the WinPcap people devised (it's not a Windows-specific protocol, so it should work on various UN*Xes and on devices running other OSes, including specialized embedded devices), but it might be interesting to make a pluggable mechanism that could also use RMON (rmon:), the Tazmen Sniffer Protocol that I think is used by the Network Chemistry Neutrino Sensor: 

	http://www.networkchemistry.com/products/neutrino/index.html
("tzsp:") and, if somebody takes the time to reverse-engineer it, perhaps the protocol used by Microsoft Network Monitor ("bh:", for "Bloodhound"?), as well as perhaps "ssh:" to just run tcpdump or WinDump or tethereal or... remotely.)