Re: Request for new DLT and LINKTYPE value

[Fulko Hew <fulko.hew () gmail com>]

On Tue, Apr 13, 2010 at 11:53 AM, Edgar, Thomas <thomas.edgar () pnl gov>wrote:

> On Apr 12, 2010, at 4:26 PM, Guy Harris wrote:
> > > I am posting to request a value for DLT_SERIAL and LINKTYPE_SERIAL for
> use with libpcap.  I am  >working on a project to update libpcap and
> Wireshark to capture and parse RS232 and RS485 traffic  >(written such that
> it could handle a wide range of serial protocols but targeted toward a
> specific  >application).
> > What form of packet framing are you doing?  Neither libpcap nor tcpdump
> nor Wireshark nor... can >handle a stream of bytes not ultimately broken up
> into packets of some sort.
> > The framing could be as simple as just dropping packet boundaries in at
> arbitrary points.

I don't know if you can re-use what I've done, or even piggy back on it,
but...
Been there, done that (my way)

I  had gotten a DLT for adding 'serial' comms to Wireshark / libpcap  (under
my
companies designator).  You can read about it in the file 'pcap-sita.html'
in the
libpcap distribution. It was designed to allow packet-oriented serial
protocols
to be captured, and also to communicate physical layer aspects.

Fulko
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.