Ethereal-dev: AW: [Ethereal-dev] [Patches] Wiretap support for Catapult DCT2000 .out files
Hi Martin,
is it possible to get detailed information about the DCT2000 format?
I'm especially interested in the time format. Is it possible to give each
packet an absolute timestamp and not only a timestamp that is relative to
the time in the second line of the file?
Best regards
Claudia Becker
-----Ursprüngliche Nachricht-----
Von: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx]Im Auftrag von Martin
Mathieson
Gesendet: Mittwoch, 12. April 2006 19:14
An: Ethereal development
Betreff: [Ethereal-dev] [Patches] Wiretap support for Catapult DCT2000
.out files
Hi,
This attached patch and new files provide support for Catapult DCT2000
.out files to wiretap and ethereal.
This wiretap support (catapult_dct2000.c+h) appends a short header to
each packet giving some context, and a corresponding ethereal dissector
(packet-catapult-dct2000.c) parses this before passing the real payload
onto an existing ethereal dissector (for ethernet, ip, lapd, ppp,
frame-relay,...).
For now, there is only support for saving dct2000 files in their own
format, although I may add support for converting between dct2000 and
libpcap later.
I've also attached a short capture file (test.out) used to test each of
the supported link-type protocols. I know some of these messages show
as malformed (they are mostly taken from low-level protocol tests), but
they are enough to illustrate/verify the mapping between DCT2000
protocols and ethereal dissectors.
I've tested this with quite a few test files (I work at Catapult), and
reading/writing/merging works well for me. I've also done some testing
with mergecap and editcap (encap string is "dct2000") which seems to
work. This is the first wiretap module I've added, so any
comments/suggestions are very welcome.
Best regards,
Martin
P.S. the diff file contains small, unrelated RTCP dissector changes,
could these please be applied too...?
