ademar wrote:
maybe that is a silly question but I would like to know why Ethereal
don�t show the header of the applicvation level (OSI model) ?
Ethereal doesn't show the headers of abstract OSI-model levels; it shows
the headers of protocols for which it has dissectors.
For example, in an HTTP packet sent over an Ethernet using IPv4, it will
show the headers for HTTP, TCP, IPv4, and Ethernet. Ethernet happens to
be at the data link layer level, but it's shown as an Ethernet header,
not a "data link layer" header. Similarly, the IPv4 header is shown as
an IPv4 header, not a "network level" header, and the TCP header is
shown as a TCP header, not a "transport level" header.
If there exists, in Ethereal, a dissector for a protocol considered to
be at the "application level", and Ethereal can recognize a packet as
being for that protocol, it will show the headers for that protocol. It
does not contain dissectors for every single protocol ever conceived by
anybody, as
1) some of those protocols are private and unpublished, so
reverse-engineering would be necessary to write a dissector;
2) reverse-engineering takes time and traffic for the protocol and at
least enough knowledge to try to guess what the traffic is;
3) even if a protocol is documented, it'd take time to implement a
dissector, and time isn't free.
As such, it is quite possible that, for some given application-level
protocol, Ethereal won't have a dissector for it, and thus won't be able
to show its headers except as raw data.
(Note also that protocols don't necessarily fit neatly into the OSI
model. If you're using a Web browser to look at some HTML text, HTTP is
arguably the application level protocol. If, however, you're using
XML-RPC for some Web services application, HTTP isn't really the
application level protocol - the application level protocol is whatever
protocol is defined atop XML-RPC.)
Which *particular* application-level protocols were you referring to?