Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Ethereal-dev: RE: [Ethereal-dev] tektronix k12xx rf5 support

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Tim" <tim@xxxxxxxxxxxxxxx>
Date: Mon, 6 Jun 2005 09:11:42 +0100
See notes.

-----Original Message-----
From: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx] On Behalf Of Guy Harris
Sent: 06 June 2005 02:40
To: LEGO; Ethereal development
Subject: Re: [Ethereal-dev] tektronix k12xx rf5 support


LEGO wrote:

> I need ideas on how to handle  the .stk files (ethereal won't use 
> them, I hate the very same Idea behind these files). These as you 
> might know describe the protocol stack used by each source.
> 
> I haven't been able to infer if or how the encapsulation used for each

> source is written to the file.

I.e., you don't know the format of the .stk files yet?

These are complex, they define the stack used for dissection. Generated
by the user using a gui, these build a protocol stack.

E.g. mtp2, mtp3, sccp, tcap, map. 

Each layer is defined using a "filter" from the previous layer allowing
the stack to be complex dissecting multiple protocols to be handled.

> I temporarily worked arround this issue by using the USER0-15 
> encapsulations, these are handled by the DLT_USER00-15 "dissectors" I 
> checked in yesterday, in whose preferences one can set which
> protocol(s) is(are) carried by each encapsulation.
> 
> By now each .stk file used by the file is mapped to an USER encap 
> starting from USER0 in  the order they appear in the file.

So is there more than one .stk file per .rf5 file?

An stk file defines the entire stack for the trace, when building an stk
you select a number of other protocols which have their own files.

And are the .stk files written by users, by the K12xx, or by Tektronix 
(with a fixed set of .stk files)?

> The current implementation handle timestamps using 64bit integers. I 
> want to do it without 64 bit arithmetic as not every plattform 
> supports it.

Ethereal - including Wiretap - now require support for int64 and uint64,

so you can just use those.  *Printing* them requires some work, but look

for PRIu64 in packet-rsvp.c for an example of how to handle that.

The export from ethereal should use a default stk file and once the file
is loaded into k1297 or k1205 the user can define the stack used for
dissection in the k1205 / k1297.

Reading the file into ethereal we should ignore the stk information, at
the start of the rf5 file there is information regarding the capture
interfaces which may be useful in ethereal, we could discard the rest of
the information.

On the k1205/k1297 there are some conversion utilities to convert from
earlier versions of the tecktronics formats, these are very useful to
see how the conversion works as the earlier formats are much easier to
understand.

_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube