> Well. perhaps I shouldn't have used the word Luck. I ment to say, is there
> any form
> of a DTD with the intention of represent Network Segment/Packet
> transmission.
No.
As indicated, we've only started thinking about it.
> So for generic representation of network traffic, would it be safe to say, a
> network packet would be something like (with some being optional):
>
> Packet/Frame
> -premable
> - header
> * dest address
> * src address
> -frame type
> -frame data
> -CRC
Perhaps, perhaps not.
The main question that comes to mind is whether it'll just contain raw
frame data, or whether it'll contain a fully-dissected protocol tree, as
per:
Date: Wed, 01 Mar 2000 17:32:26 -0600
From: Nathan Neulinger <nneul@xxxxxxx>
To: Dan Warburton <warb@xxxxxxxxxxxxxx>
CC: Guy Harris <guy@xxxxxxxxxx>, Gilbert Ramirez <gram@xxxxxxxxxx>,
Juan Toledo <toledo@xxxxxxxxxxxxxxxxxxxxx>,
ethereal-dev@xxxxxxxx
Subject: Re: [ethereal-dev] Some more advice, brainstorming, please.
Nice idea, but I would suggest a more automatic format that could be
determined without additional code:
<packet number="1">
<timestamp relative="xxxx" absolute="xxxx">
<data tag="ether.src" value="00:c0:4f:6b:9f:e0">
...
...
</packet>
That way, it automatically gets all the information that the the
proto_tree contains.
-- Nathan
Note also that there's more than one "dest address" and "source address"
in many packets - the addresses about which I usually care are the IP
addresses, rather than the MAC addresses, although others may care about
IPX addresses, or OSI network addresses, or..., or may even care about
the MAC addresses in some situations.
(In addition, note that Ethereal generally does not get to see the frame
preamble or CRC, given that network interfaces typically, as far as I
know, don't supply those to the host.)