Ethereal-users: [Ethereal-users] Remote online packet capture?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Mark Atwood <mra@xxxxxxxxx>
Date: 19 Oct 2000 10:07:19 -0700
I'm starting to see a need for what I'm doing to use ethereal to "live
capture" packets from a box that can't run ethereal. (No GTK, no space
for it, and no time to do a GTK port).

My mind ran away last night outlining a design for a "remote packet
capture protocol", where a little agent runs on a tapping box,
captures packets off a local interface, filters them, timestamps them,
encapsulates them, and then transmits them to a box running ethereal,
where the a packet capture modules receives them, and feeds them up
into the application. It would be just another packet capture "back
end", no different from being able to read different kinds of capture
files.

Before I go down this road, has anyone else walked it. Has such a
remote catpure protocol been written already (I know that RMON does it,
but thats slow, painful, and baroque), and if so, has anyone written
a "caputre module" for it?

-- 
Mark Atwood   | Freedom from want, freedom from fear, freedom from choice.
mra@xxxxxxxxx | Is that the freedom you want? 
http://www.pobox.com/~mra