george wrote:
I would like to realtime-decode the IP-Package from this CHDLC-UDP and
forward it to an other interface for analysing purpose by an other 3rd
party analyser, which only can interpret "normal" IP streams.
e.g. something like this
->Ethereal_CMD_Mode(eth0) > [Ethreal_Filter_UDP_Decode] > TCPREPLAY(eth1)
Am I totally wrong with this solution?
Yes - a dissector for a protocol, such as UDP, doesn't do anything other
than set columns in the packet list pane and/or construct a protocol
tree to display in the packet details pane. It doesn't send the packet
to a file, or do anything such as that.
If you want to convert a capture containing CHDLC-over-UDP into a CHDLC
capture, you'd have to add code to Ethereal to do that, or write your
own program to do that. Note that the plugin mechanism in Ethereal
currently supports *ONLY* dissectors; a "save this CHDLC-over-UDP
traffic as a libpcap CHDLC capture" would have to be done as a tap, but
there's currently no support for taps as plugins.
