On Fri, 2004-01-09 at 15:34, Guy Harris wrote:
> On Jan 9, 2004, at 6:46 AM, donnie@xxxxxxxxxxx wrote:
>
> > I was wondering, if anyone would be interested in helping to implement
> > this type of client/server model for ethereal?
>
> I'd be more interested in seeing it implemented for libpcap:
>
> http://winpcap.polito.it/docs/man/html/group__remote.html
>
> so that there's a client/server model for Ethereal, and tcpdump, and....
>
> The client-side code should work in libpcap, I think; it'd require
> changes to applications to use it. The server side code runs on
> Windows, and I think it might also work on Linux.
>
> (The scheme used to identify remote devices is extensible; it currently
> handles rpcap:{device}, for using the RPCAP protocol that the WinPcap
> people devised (it's not a Windows-specific protocol, so it should work
> on various UN*Xes and on devices running other OSes, including
> specialized embedded devices), but it might be interesting to make a
> pluggable mechanism that could also use RMON (rmon:), the Tazmen
> Sniffer Protocol that I think is used by the Network Chemistry Neutrino
> Sensor:
>
> http://www.networkchemistry.com/products/neutrino/index.html
>
> ("tzsp:") and, if somebody takes the time to reverse-engineer it,
> perhaps the protocol used by Microsoft Network Monitor ("bh:", for
> "Bloodhound"?), as well as perhaps "ssh:" to just run tcpdump or
> WinDump or tethereal or... remotely.)
It seems that someone is working on rpcap for linux already.
http://rpcap.sourceforge.net/
--
Donnie
http://www.darthik.com
Attachment:
signature.asc
Description: This is a digitally signed message part