fmperez@xxxxxxxxxxxxx wrote:
Hello, desire to add to the Ethereal the capacity to analyze HDLC, indicating
felt of tramasa (of dce or dte), errors of crc, aborts and other parameters
of hdlc. My question is, Ethereal or does this or I must develop it? I have
leido something on pseudo to header and there the direction would be incluída.
But not as pseudo_header is used. Which is the arhcivo format that I must
use? (I think that it does not have to be libpcap, since there it does not
have headed for the information of sense of plots)
It is true that libpcap does not have, in the header for a frame, an
indication of the direction of the frame or of any errors for the frame.
A new libpcap format:
http://www.winpcap.org/ntar/draft/PCAP-DumpFileFormat.html
will have that information, but there currently is no support for that
in Ethereal or any other software (that support is being developed).
The old Network General DOS Sniffer software's file format could be
used. It's documented in
http://www.mcafee.com/common/media/sniffer/support/sdos/operation.pdf
and includes flags for the direction and for various errors. Ethereal
would have to be modified to add those flags to a pseudo-header and to
dissect them. I've checked into the Ethereal code for reading that file
(wiretap/ngsniffer.c) some additional #defines and comments for those
flags (but no code to process them). You would need to get a recent
version of the Ethereal source from Subversion - those changes aren't in
any release of Ethereal yet.
When you say "HDLC", are you referring to a particular HDLC-like
protocol, such as LAPB for X.25, LAPD for ISDN, etc.?
