> I am currently evaluating ethereal (binary version 0.8.16 - from the UK
> porting centre) as a gui for nettl trace files. Unfortunately when I attempt
> to read in the nettl files I get the following error:
>
> Message: nettl: network type 6 unknown or unsupported
Type 6 is, at least according to "nettl.h" in the "wiretap" directory,
NETTL_SUBSYS_NS_LS_TCP; I'm not particularly familiar with "nettl", but
that name suggests that the contents of a type 6 file might contain TCP
segments - Ethereal isn't set up to dissect TCP segments without IP
header information (a number of dissectors would expect there to be, for
example, IP source and destination addresses available).
How was that "nettl" trace file produced?
> I do manage to get a single decoded x11 packet before the error occurs
That suggests that the capture has a collection of multiple *different*
types of records in it, some of which are handled by Ethereal and some
of which aren't.
> My question is this, has anybody else had any luck using ethereal to decode
> nettl trace files, and if so, under what conditions (OS version, using a
> plugin etc)??
A plugin will not help. "Plugins" aren't pieces of code that plug into
arbitrary places in Ethereal, and make it do arbitrary new things;
they're just protocol dissectors that are loaded at run time rather than
link time - there are no plugins for capture file types, much less
plugins that *replace* the built-in readers for particular capture file
types. (Perhaps there should be, but that's another matter.)