On Mon, Dec 09, 2002 at 03:01:09PM -0500, Jim Howard wrote:
> Can ethereal currently read packets from inputs other than ethernet?
Yes. It can read packets from any networking interface whose driver
works with OS's packet capture mechanism (on UNIX) or with NDIS plus the
WinPcap driver (on Windows):
http://www.ethereal.com/media.html
People have used it to capture traffic on FDDI, Token Ring, ATM, and
IEEE 802.11 devices, for example.
> We are specifically curious about ethereal's capabilities to read packets
> over serial and USB, is this possible
Only if the serial device or USB device look like networking interfaces
and their driver supports the OS's packet capture mechanism on UNIX or
NDIS plus the WinPcap driver on Windows. For example, if you are
running PPP over the serial device, there will probably be a networking
interface corresponding to the serial device; depending on the OS, you
might or might not be able to capture on that device, as it might or
might not support the OS's packet capture mechanism on UNIX, and as it
might or might not work correctly with NDIS + the WinPcap driver on
Windows. (See the previously-mentioned URL.)
> If this is not implemented then how difficult would it be to add serial
> connectivity under a protocol that is currently implemented in ethernet?
> I.E. The protocol is already supported in Ethereal.
Currently, you wouldn't add support to Ethereal; Ethereal does not
itself include code to capture packets - it relies on libpcap and
WinPcap to supply that code, and the libpcap/WinPcap library, in turn,
rely on OS code on UNIX, and on OS code (the NDIS code) plus the WinPcap
driver on Windows.
Are you trying to capture networking traffic such as PPP, or are you
trying to capture "raw" serial or USB traffic?
