Ethereal-users: RE: [Ethereal-users] PPP data on Ethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Berin, Murat (Murat)" <mberin@xxxxxxxxxx>
Date: Tue, 5 Dec 2000 13:42:29 -0500 
I managed to get a log file out of the pppd in linux. However, when I try to
open the log file in ethereal, I get an error message: "An error occured
while reading the capture file: Uncompression error: data would overflow
buffer" Does anybody have any experiance with this?

Murat Berin

> ----------
> From: 	Guy Harris[SMTP:gharris@xxxxxxxxxxxx]
> Sent: 	Tuesday, December 05, 2000 3:07 AM
> To: 	Guy Harris
> Cc: 	Berin, Murat (Murat); 'Ethereal Users'
> Subject: 	Re: [Ethereal-users] PPP data on Ethereal
> 
> On Mon, Dec 04, 2000 at 01:56:10PM -0800, Guy Harris wrote:
> > > I am running Red Hat Linux 7.0 (Linux version 2.2.16-22) and Ethereal
> > > 0.8.14. I have a dial-up conection to my ISP and I am trying to trace
> PPP
> > > information using Ethereal. Bu but I only see information starting at
> the IP
> > > layer. How can I get the PPP information?
> > 
> > Erase your disks and install one of {Free,Net,Open}BSD, or possibly
> > BSD/OS, on your machine.  (Solaris *might* work as well; I don't know.)
> 
> Well, there may be one other alternative, albeit one that may not be
> very convenient.  The PPPD man page at
> 
> 	http://nodevice.com/sections/ManIndex/man1206.html
> 
> says:
> 
> 	record <filename>
>               Specifies that pppd should record all characters sent and
> 	      received to a file named <filename>.  This file is opened in
> 	      append mode, using the user's user-ID and permissions.  This
> 	      option is implemented using a pseudo-tty and a process to
> 	      transfer characters between the pseudo-tty and the real serial
> 	      device, so it will increase the latency and CPU overhead of
> 	      transferring data over the ppp interface.  The characters are
> 	      stored in a tagged format with timestamps, which can be
> 	      displayed in readable form using the pppdump(8) program.
> 
> Those dump files can also be read by Ethereal.
> 
> This isn't a simple capture you can start from Ethereal; I suspect that
> you'd have to configure PPPD to log to a file before you call your ISP,
> and then, after some amount of traffic has been written to the file, run
> Ethereal on that file.  Any session being logged to the file will have
> the extra overhead described in the PPPD man page, and the file might
> also take a significant amount of disk space.
> 
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>