Ethereal-users: Re: [Ethereal-users] tethereal -D output

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Mon, 10 Nov 2003 11:49:01 -0800

On Nov 10, 2003, at 6:59 AM, Loïc Minier wrote:


 [ I'm controlling a tethereal subprocess from a Java program and I
 wonder in which charset the output of "tethereal -D" is encoded under
 Windows, and under unices. ]
The order in which whatever mechanism supplies the list of interfaces supplies them.
The mechanism is OS-dependent, and version-of-Ethereal and version-of-libpcap-dependent on at least some platforms (on Linux, older versions of Ethereal always used SIOCGIFCONF, but that only returned interfaces that had IP addresses; newer versions of Ethereal will use "pcap_findalldevs()", if present in libpcap, and that will probably use "/proc/net/dev", if present, unless the Linux system has "getifaddrs()", in which case it'll use that).
There are no guarantees as to the order in which they're returned, except that it'll put UNIX-style loopback interfaces at the end. 


 I wonder if there is a specific format a programmer might expect for
 the output (besides the number of the interface followed by a dot and
 a space).


No.  That output is intended for humans, and is subject to change.


 Is there another source for this listing as tethereal?
With newer versions of libpcap/WinPcap, there's "pcap_findalldevs()". I don't know whether any of the Java interfaces to libpcap/WinPcap, such as jpcap, support it. They probably should (and should fall back on the mechanisms "pcap_findalldevs()" uses, if "pcap_findalldevs()" itself isn't present).
Is there a way to get separate listings for the interfaces names, their 
 description, and their number?


Not in Tethereal.


 Also, I'm disappointed that different versions of tethereal won't
 output the list in the same interface order.


See above.


 Last question, why ain't there any "any" interface under windows?
For the same reason that there isn't an "any" interface on any other non-Linux platform. The way the Linux capture mechanism works, it's possible to say "show me packets" without specifying an interface on which to capture packets; that means that you get packets from all interfaces. Other OSes don't happen to work that way.