Wireshark · Ethereal-dev: RE: [Ethereal-dev] SDL/HSD RS-232/V.35/etc Capture and Complete 7 Layer OSI for Ethereal

Ethereal-dev: RE: [Ethereal-dev] SDL/HSD RS-232/V.35/etc Capture and Complete 7 Layer OSI for

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Nisbet, Tom" <Tnisbet@xxxxxxxxxxxxxxxxxx>

Date: Mon, 19 Nov 2001 11:03:13 -0500

The think that the difficult part is the fact that most WAN traffic is
synchronous and the PC's COM port is async.  The sync data does not
have the start and stop bits that the PC's hardware is expecting.
Unless the COM port can operate in sync mode, (and I don't think
they do) you'd need to somehow get raw bits into the PC, and then
manually decode the HDLC bit-stuffing to find the flags and data.
If someone HAS managed made a COM port do this, it would be quite
an impressive hack.

A better bet would be to get your hands on a sync card for the PC.
A quick Yahoo! search turned up this one:
http://www.farsite.co.uk/OEM_WAN_communications_cards/FarSync_PCI_T2P_OEM_Ca
rd.htm

Linux may even have drivers for some HDLC cards.


-----Original Message-----
From: Ronnie Sahlberg [mailto:rsahlber@xxxxxxxxxxxxxx] 
Sent: Saturday, November 17, 2001 5:08 PM
To: Nilo Rivera; ethereal-dev@xxxxxxxxxxxx
Cc: oabad@xxxxxxxxxxxxx; Ralf.Schneider@xxxxxxxxxxx;
"ethereal-web[AT]ethereal.com"@lucent.com
Subject: Re: [Ethereal-dev] SDL/HSD RS-232/V.35/etc Capture and Complete 7
Layer OSI for Ethereal


Hi Nilo,

----- Original Message -----
From: "Nilo Rivera"
Subject: [Ethereal-dev] SDL/HSD RS-232/V.35/etc Capture and Complete 7 Layer
OSI for Ethereal


> Hi all
>
> I just started using Ethereal and Im amazed with this product.  It is 
> comparable and in some ways better than the 4 different analyzers that 
> I have. Im interested in joining ethereal's developement effort!

Thank you. We also think ethereal is good.
You are welcome to join and contribute to make ethereal even better.

>
> First: Is there a way to capture from the COM/Serial port in a PC? If 
> not, has it been discussed? My point is that most telecommunication 
> WANs use RS-232/RS-449/V.35/etc using HDLC (lapb, etc) protocol.  This 
> way all could be done from a laptop, a Y cable and the proper 
> converter if necessary.  (Im not sure of speed limits / limitations of 
> the com port and if this makes scence). Even further, would Ethereal 
> work with the proper pcmcia/usb/... device like:
>       http://www.sealevel.com/catalog/pcmciab.htm

It is just software, so anything is possible.
usb and similar are discussed from time to time but has not been implemented
yet. it would need support from the underlying os to allow capturing on
these interfaces.

Serial data would be interesting.
I guess it would require a dissector that would take one byte at a time from
the serial device and then when it had detected a full (how does it do
this?) upper layer packet, then the entire packet is pushed to higher
layers. I dont think it would be difficult at all to start with but the only
problem would be to teach it to identify different types of framing/packets
by looking at the byte stream and how to identify and recover from lost
bytes. Another thing which would be problematic but I guess could be ignored
to start with would be the signalling. ie the 104/105 etc signals. Since
this would be very different to extract from the device depending on which
link you use I think one should ignore it to start with.

Make it generic enough so that we could also use it to drop HDLC data from
timeslots in an e1/t1 for if/whenever we will start supporting those cards.

This would probably need some major infrastructure to be added to ethereal
before it is feasible.

>
> Second: I see x.25 and ISO 8073 COTP (CCITT/ITU x.224) implemented. 
> Has there been any plans to fully implement the complete OSI stack 
> (ISO 7498 or ITU x.200).  Is not widely used, but is used...specially 
> for FTAM transfers.  Im interested in adding this with time if no one 
> is working on it already, or help out.  What do you think? Is it worth 
> the effort? The protocols that would need to be added are:
>
>   ISO 8327 Session Protocol ( CCITT / ITU x.225 )
>   ISO 8823 Presentation Protocol ( CCITT / ITU x.226 )
>   ISO 8650 ACSE( CCITT / ITU x.227 )
>   Maybe a subset of FTAM after these
>

This sounds great.
It would definitely be worth the effort.

>
> Thanks a lot,
> Nilo
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx 
> http://www.ethereal.com/mailman/listinfo/ethereal-dev


_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev

Prev by Date: [Ethereal-dev] display filters and subtrees
Next by Date: [Ethereal-dev] idl2eth - preparation for recursive/embedd structs
Previous by thread: Re: [Ethereal-dev] display filters and subtrees
Next by thread: [Ethereal-dev] idl2eth - preparation for recursive/embedd structs
Index(es):
- Date
- Thread