Ethereal-users: RE: [Ethereal-users] How does Ethereal interact with Fedora Core?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Michael Cobb" <mcobb@xxxxxxx>
Date: Thu, 14 Sep 2006 08:02:54 -0400
-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-users@xxxxxxxxxxxxx.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-users
-------------------

Thanks for a response.

It is UDP Multicast.

-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of Guy Harris
Sent: Wednesday, September 13, 2006 2:26 PM
To: Ethereal user support; Community support list for Wireshark
Subject: Re: [Ethereal-users] How does Ethereal interact with Fedora Core?

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-users@xxxxxxxxxxxxx.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-users
-------------------

Michael Cobb wrote:
> -------------------
> The Ethereal project is being continued at a new site.  Please go to
> http://www.wireshark.org and subscribe to wireshark-users@xxxxxxxxxxxxx.
> Don't forget to unsubscribe from this list at
> http://www.ethereal.com/mailman/listinfo/ethereal-users
> -------------------
> 
> 
> 
> ------------------------------------------------------------------------
> 
> Can anyone explain to me how Ethereal relates to Fedora?

The same way Wireshark relates to it (see the above note).  This 
discussion should probably be continued on the wireshark-users mailing 
list; I'm sending this to that list as well.

> At what OS 
> level is displaying a capture from? I'm not a developer, but need to be 
> certain that packets displayed by Ethereal are indeed being presented 
> from the OS to an application that is running.

Wireshark (and Ethereal) capture traffic using the libpcap library; on 
Linux, that works by opening a "PF_PACKET socket", from which it 
receives the packets.

Packets delivered to a PF_PACKET socket aren't necessarily delivered to 
some other socket; they might be delivered to a networking protocol such 
as TCP or UDP, but that won't necessarily deliver them to a socket.

> I am currently sniffing and seeing the packets in Ethereal. However the 
> developer of the application has inserted debugging code to display when 
> it receives those packets, but it does not acknowledge receiving them. I 
> need to determine if this means the problem is OS related or application 
> related.

It's *probably* application-related.  Are the packets TCP, UDP, or some 
other protocol?  Does the application have a socket open to receive 
those packets?
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users