Kevin_Cheng@xxxxxxxxxx said:
> I have a GSM layer 3 message log file. How can I use ethereal to analysis
> it?
By writing code in Ethereal to do so.
The first thing you'll need to do is write code to read that log file.
The code in Ethereal to read network traffic files assumes that
1) by looking at the file, it can determine what type of file it is
(libpcap, Microsoft Network Monitor, DOS-based Sniffer, NetXRay or
Windows-based Sniffer, etc.)
and
2) it can read each packet as a separate entity, preferably with time
stamps, etc..
What's the detailed file format of the log file?
That might require that a new link-layer encapsulation type for the
lowest-layer protocol be added to the list of encapsulation types in
"wiretap/wtap.h".
You might then have to add dissectors for the lowest-layer protocol and
any protocols above it for which Ethereal doesn't already have dissectors.
I'm not sufficiently familiar with GSM to know what the lowest-layer
protocol would be.
Most of the GSM protocols supported by Ethereal are, I think, dissected
when they're running atop some wireline protocol used for transferring
packets on some wireline network (I guess that's for moving packets
between the antenna and other parts of the network connected over wires).
I'm assuming (perhaps incorrectly) that you're capturing non-wireline
data, as opposed to data running over Ethernet or Frame Relay or ATM
or..., where there might already be support for the programs/devices that
can capture on those networks.