Wireshark mailing list archives
Wireshark ProCurve ERSPAN Support
From: Tim Durack <tdurack () gmail com>
Date: Wed, 13 Jan 2010 10:12:43 -0500
Before investing too much time and energy in customizing wireshark (something that might be beyond me anyway), I thought it wise to post my situation: I have a number of HP ProCurve (5400zl) switches with remote packet capture capabilities. It works much like Cisco ERSPAN, but is different of course. I would love to be able to decode these captures directly in Wireshark, but that functionality is not currently available. The remote capture is encapsulated in a standard UDP packet, in an undocumented format. Google-fu has failed to lead me towards anybody else investigating this. I can hack bash and perl scripts, but that is the limit of my coding these days. Any suggestions on how to start getting this supported in Wireshark? Thanks for your time, -- Tim:> Sent from Brooklyn, NY, United States ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Wireshark ProCurve ERSPAN Support Tim Durack (Jan 13)
- Re: Wireshark ProCurve ERSPAN Support Bill Meier (Jan 13)
- Re: Wireshark ProCurve ERSPAN Support Tim Durack (Jan 13)
- Re: Wireshark ProCurve ERSPAN Support Bill Meier (Jan 13)