Capturing stream protocols

[Justas Poderys <jp () seminte lt>]

Hi all,

Sorry if this is a newbie question, I am just getting used to working
with tcpdump.

What I am doing is a device for capturing data from Common Channel
Signaling link in E1/T1 systems. I can extract each byte from a CCS
channel in each frame.
<...>
Then I can use Wireshark for decoding actual data. I am lost in between
extraction of CCS data and forming libpcap format packets for Wireshark
to decode.

Is there a library or something, that can do it for me, so I won't have
to reinvent the wheel? I am using traces in pcap format from a
commercial E1 board as an example, and I can clearly see where raw data
is put in the packet. What troubles me, is how to know how many bytes of
raw data is to be put in each packet?

Another solution I can think of is to wait for first RR byte and dump it
into a packet with single byte. Then to dump everything traveling same
direction into another pcap packet, until I see another RR. Maybe
someone with an experience in LAPD can comment this approach?

I am sorry if my description in confusing, and I would be more than glad
to clarify it.

Thanks,
Justin

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.