Wireshark-users: Re: [Wireshark-users] capture packets from a java program

From: "Abhik Sarkar" <sarkar.abhik@xxxxxxxxx>
Date: Thu, 4 Dec 2008 16:11:39 +0400

> Actually we are having our own E1 line with TDM connectivity. we are trying
> to capture the E1 line, since wireshark cant recognize ISDN protocol,

Wireshark supports dissection of ISDN. I think what you mean is that Wireshark
doesn't (generally) support capture from E1 directly. If I understood
you right,
please have a look at question 7.5 at http://www.wireshark.org/faq.html

> so we do have our own API provided with the E1 card. The API program is a C
> program where the packets are captured in hexadecimal value in a command
> line.

In that case you might consider capturing the packets using the API you already
have and reformatting the packet in libpcap format with a
pseudo-header and feed it
to Wireshark or tshark through named pipes. I have never really tried
this myself, but
I have read people on the developer list discuss this approach.
Perhaps you will
find something in the mailing list archives.

>     We are planning to use Java to run the API command internally in the
> JAVA program and from the JAVA program we will send the captured hexadecimal
> packets to wireshark through Jpcap.
>     And in the above scenario, if we send the captured packets through Jpcap
> to wireshark, we need to send via Ethernet interface only, some time dummy
> packets also be included in that interface, so we will not get the real
> packets.
>
>    The final query is we need to capture the TDM protocol and 3GPP protocol
> in wireshark.
>    Can you please suggest me some good solution for this?

Please see my suggestion above. I don't think the use of jpcap would
be particularly
useful in this case.