tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

new interface card for wireshark

From: Jens Grimmer <jens.grimmer () ng4t com>
Date: Mon, 17 Jan 2011 17:11:08 +0100
Hi Michael,
thanks for your mail. Sorry, the default value in my thunderbird was HTML, hopefully I got now plain text... I put some more information to my text below see [notes:]. What additional information do you need in detail? 



Hi wireshark community,
I would like to ask for a new encapsulation type for libpcap files (WTAP_ENCAP_xx as well as DLT_xx value).
[note: If I'm not wrong we would nee a new, unique DLT_NG40 (>=230) value in pcap/bpf.h as well as new WTAP_ENCAP_NG40 (>=129) and WTAP_FILE_NG40 (>=61) in wiretap/wtap.h. - Sure these values need to bee unique, so I have to ask to get them reserved.]
I'm a developer at the NG4T GmbH – a start-up in Berlin, Germany founded by former Tektronix employees. We provide protocol test software, mainly running on Linux machines. For a customer project we have to integrate ATM hard/software which is not yet supported by libpcap/wireshark. Especially for AAL2 and AAL5 monitoring we have to provide additional context information. In the past weeks I prepared (locally) a couple of files (for libpcap and wireshark). What are the next steps to get these enhancements and new files into the common development cycle for common use? 
If you need more information, please send me a mail.
[note: The network interface card is the XS2010 card from Xalyo (a company in Switzerland) which carries ATM traffic. From my knowledge this card is not yet supported by libpcap/wireshark. Currently we have to monitor mainly AAL5 traffic (e.g..: here we have to provide channel information like VPI,VCI) and AAL2 traffic (e.g.: here we have to provide VPI,VCI, CID and additional context information to the FP dissector like channel type, division, direction – similar to the information provided by the Tektronix K12). I checked out the libpcap and wireshark projects from svn. For the pcap library I wrote a new pcap-ng40.c/h similar to the pcap-dag.c/h. For wireshark I made new epan/dissectors/packet-ng40.c/h and put the necessary calls to file_access.c, pcap-common.c, wtap.c and defined the pseudo- header-structure in wtap.h. So far on my test machines the modified pcap-libray as well wireshark are running fine under 32bit and 64bit Debian-Linux. Nevertheless I have to do some enhancements the next days. So I expect to have a 'check-in candidate' about end of January. For sure, all software we provide to integrate this card, is GNU public licensed.] 

Thank you very much in advance, best regards
Jens
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: