Ethereal-dev: [Ethereal-dev] Heuristic Dissectors for Serial Protocols Encapsulated in TCP
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
Gentlemen,
We
would like to use Ethereal to look at not only Ethernet traffic but also
various serial protocols which we will ship over Ethernet, encapsulated in TCP
packets. We would like to write dissectors for these various protocols (e.g.
Pan-Tilt-Zoom CCTV control, NTCIP variable message highway signs, RTMS radar
detectors, etc.). Since these protocols were intended for direct serial
connections they typically have no identification in the header as to what
protocol these devices are speaking. We plan to use terminal servers
manufactured by Digi International to translate from Ethernet network to serial
port data. Digi has a protocol called Realport that runs on top of TCP and
would have a TCP port number that would correspond to which serial port on the
Digi box the serial signal it be routed to. Knowing that a particular protocol
is being spoken on a given port of a given terminal server, we could presumably
write a dissector that would know that at this given port # and IP address a
given protocol is being spoken. Trouble is, there might be a couple dozen other
addresses/ports also talking this same protocol. And, on the next project the
addresses and ports will likely change. Is there a configuration file that
could be filled in on a project by project basis that would do this mapping?
Or,
we could put some protocol identifying characters in front of the
Start-of-Header characters in the serial protocol that would allow a heuristic
dissector to be able to identify them. Trouble here is that some of these
serial protocols can’t afford the latency hit of these extra padding characters
(e.g. Pan-Tilt-Zoom control can get sluggish and overshoot the scene you want
to move the camera to). Can we add these identifier padding characters one time
and Ethereal will learn what protocol is on what port/IP and then remember it
for future packets? If so, will it remember this configuration information or
would we have to send them again every time Ethereal is opened up?
Looking
for your ideas on how to best accomplish this objective.
Thank You,
Neal
Winblad
Sr.
Project Engineer
Transdyn
Controls, Inc.
5669
Gibraltar Dr.
Pleasanton,
CA 94588
(925)
225-1600 x134
|