vanita disale wrote:
We need to implement HSRPv2 protocol.
Currently ethereal supports HSRPv1 ( packet-hsrp.c).
The problem is HSRPv1 acts on a different multicast address and HSRPv2
acts on a different multicast address. Hence HSRPv2 can not be made a
part of the packet-hsrp.c.
Yes, it can.
The problem is that the packets have a different format, so the code in
packet-hsrp.c that dissects HSRPv1 packets can't dissect HSRPv2 packets.
However, you could put the code to dissect HSRPv2 packets in the same
file as the code that dissects HSRPv2 packets.
So how to direct ethereal to give the packets
that it captures on the multicast address for HSRPv2 to give to our
HSRPv2 dissector?
I dont know how ethereal is made to give the packets to application
based on the ip address.
It *isn't* made to do that.
Becos it runs in promiscous mode it will just
capture every packet that comes its way.
1) Wireshark doesn't *have* to run in promiscuous mode.
2) You can use a capture filter.
But the real problem is that we
need to make it give the packets to HSRPv2 protocol whenever it receives
the packets directed to the multicast address for HSRPv2)
Are the packets for HSRPv2 sent to a particular UDP port number?
According to RFC 2281, packets for HSRPv1 are sent to port 1985; the
HSRPv1 dissector registers for that port, so traffic to port 1985 is
given to that dissector *regardless of the IP address to which it's
being sent*.
I.e., the packets are *NOT* given to the HSRPv1 dissector based on the
IP address. They're given to the HSRPv2 dissector based on the *UDP
port number*.
If HSRPv2 works the same way, then the HSRPv2 dissector can do the same
thing.
(By the way, it's now called Wireshark, not Ethereal.)
(Also, by the way, as was noted in a reply by Anders Broman in another
thread:
http://www.wireshark.org/lists/wireshark-dev/200612/msg00187.html
capture and dissection are not connected - just because Wireshark has
captured several different types of packets, that doesn't mean it can't
dissect each of those packet types correctly.)
