Michael Cobb wrote:
-------------------
The Ethereal project is being continued at a new site. Please go to
http://www.wireshark.org and subscribe to wireshark-users@xxxxxxxxxxxxx.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-users
-------------------
------------------------------------------------------------------------
Can anyone explain to me how Ethereal relates to Fedora?
The same way Wireshark relates to it (see the above note). This
discussion should probably be continued on the wireshark-users mailing
list; I'm sending this to that list as well.
At what OS
level is displaying a capture from? I�m not a developer, but need to be
certain that packets displayed by Ethereal are indeed being presented
from the OS to an application that is running.
Wireshark (and Ethereal) capture traffic using the libpcap library; on
Linux, that works by opening a "PF_PACKET socket", from which it
receives the packets.
Packets delivered to a PF_PACKET socket aren't necessarily delivered to
some other socket; they might be delivered to a networking protocol such
as TCP or UDP, but that won't necessarily deliver them to a socket.
I am currently sniffing and seeing the packets in Ethereal. However the
developer of the application has inserted debugging code to display when
it receives those packets, but it does not acknowledge receiving them. I
need to determine if this means the problem is OS related or application
related.
It's *probably* application-related. Are the packets TCP, UDP, or some
other protocol? Does the application have a socket open to receive
those packets?
