Hi,
some time ago I added the EyeSDN trace format to the wiretap library and
it works fine for the main application, ISDN tracing. D channel data is
decoded as Q.931 and B channel data is passed to PPP/IP decoding. All
this works fine.
Now we have added a number of applications:
a) ATM tracing on E1 lines (we have raw cell capture incl. ATM headers)
b) SS7 signalling on E1 lines
c) X.25 on B channels of E1 lines
In each of these applications, Wireshark can not select the proper
decoder because we fail to tell it which decoder to use.
Now my question:
Is there a way to dynamically select the decoder in the Wiretap module?
If I manually select ISUP as decoder (for SS7 traces), I receive
"unknown WTAP_ENCAP 17" (17 is ISDN, which I selected in our wiretap
module).
What I really would like to have is that the user can select the
decoding format depending on the knowledge of the data she captured. Is
this possible? Which WTAP_ENCAP is necessary in this case?
At the moment I could specify a different WTAP_ENCAP type for the D
channel, the B channel and for ATM traces. But the trace file does not
contain information about D channel protocol (SS7 or Q.931 for instance)
or B channel protocol (e.g. X.25 or PPP).
What is the best way to solve this? What would be the best WTAP_ENCAP
type for
the D channel,
the B channel and
ATM cells?
Thanks a lot,
Rolf
