Wireshark-bugs: [Wireshark-bugs] [Bug 7426] New: support for several file formats

           Summary: support for several file formats
           Product: Wireshark
           Version: SVN
          Platform: x86
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Capture file support (libwiretap)
        AssignedTo: [email protected]
        ReportedBy: [email protected]

vadim <[email protected]> changed:

           What    |Removed                     |Added
   Attachment #8699|                            |review_for_checkin?
              Flags|                            |

Created attachment 8699
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=8699
patches and new sources

Build Information:
wireshark 1.9.0 (SVN Rev 43549 from /trunk)

Copyright 1998-2012 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO

Compiled (32-bit) with GTK+ 2.24.8, with Cairo 1.10.2, with Pango 1.29.4, with
GLib 2.30.3, with libpcap, with libz 1.2.5, with POSIX capabilities (Linux),
with SMI 0.4.8, with c-ares 1.7.4, without Lua, with Python 2.7.3, with GnuTLS
2.12.14, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP, with PortAudio
V19-devel (built May  5 2011 11:00:47), with AirPcap.

Running on Linux 3.4.2-1.fc16.i686.PAE, with locale en_US.UTF-8, with libpcap
version 1.1.1, with libz 1.2.5, GnuTLS 2.12.14, Gcrypt 1.5.0, without AirPcap.

Built using gcc 4.6.3 20120306 (Red Hat 4.6.3-2).

Here is proposed support for several file formats.
These formats used by several IEEE 802.15.4 capturing tools.
- Texas Instument SmartRF Studio
- Ubiqua Protocol Analyzer
- Ember InSight Desktop
It is not so easy to handle this files. Modules needs to know filename.
In case of TI you cannot be sure, that format is detected correctly. The only
good way is to use file extension and file size.
In case of ubiqua, their file is sqlite3 database, so it uses libsqlite3.
In case of ember it is a zip file, with events inside.
I can attach code, but don't know is it possible to use sqlite and zzip or not.
I compiled it used dirty patch to add links to library.
Feel free to contact me if any question, ideas or recommendation to
re-implement parts of this code. Later I would like to support importing nwk
keys from these files but it is more complicated tasks, I hope we can discuss

Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.