> >
> > Maybe someone else already looks at it?
> >
> Maybe. Is anybody on this list looking into this ?
There's just a couple of lines in the TCP graphing code that are
link-layer dependent - I wasn't able to figure out how to interact
effectively with the ethereal's packet list so I ended up simply going
through it once, picking up relevant packets and building my own packet
list. This operation is the only place where the graphing code deals
with link-layer encapsulation. So there are really 2 ways how to tackle
the problem:
- arrange things so that the code that builds the private list for
graphing purposes never sees the link-layer data - just IP and above.
- figure out how the graphing code could use the main packet list and
get rid of the private one altogether.
It might be possible to ship the first solution faster than the second
one since the second one could require a redesign.
I don't work on ethereal actively right now but if someone explains to
me what's TAP and how its API looks like I would definitely be willing
to at least help with the transition, if not code it.
pvl
