Hi everyone!!
I have some question wireshark parsing.
When I try to understand PPP protocol,I find some material about it.
I can see it is Data Link layer protocol.,so I think it have no DA SA compared to the most general packet format EthernetII.
It's frame format is " Flag + Address + Control + Protocol +Information +FCS ".
The "Protocol" indicates what is the upper-layer protocol, such as IP, IPX,LCP.
By this reasoning, I guess Wireshark cann't parse PPP protocol.
But I just try to find sample packet file in Wireshark Wiki
http://wiki.wireshark.org/SampleCaptures#head-5d1cb7d95d26641c61a5ba82ab7c0c76c08133e7
I am Surprised that it have PPP file .
In PPPHandshake.cap
,the first packet is the follow ing form:
................
EthernetII:
Destination :xxxxxxxxx
Source, xxxxxxxx
Type unknown (0xc223)
PPP Challenge Handshark Authenticaiton Protocol
Code: Failure(0x04)
Identifier:0x00
Length:52
......
Is this PPP protocol???? Who knows about it ?
Thanks a lot!!!
--
=============================
=============================