We currently produce PC-based
WAN products. These include support for synchronous protocols such as X.25, PPP
etc.
We can currently capture
frames using our own drivers/applications on Windows and linux, save this
information to file (in libpcap format) which can then subsequently be read by wireshark.
While this is useful it
would be great if we could achieve the same thing but in real-time.
I assume that this could
(technically) be achieved on Windows either by
1)
extending winpcap in someway
to enable it to capture our frames and pass them up to Wireshark
2)
sit alongside winpcap and
offer the frames up to wireshark directly ourselves
I assume 2) would require us
to produce our own capture driver (NDIS on Windows) which Wireshark would see
as a pseudo LAN driver and we could pass our WAN frames up to it using some
(libpcap-based?) format or other?
Can anyone point me in the
right direction as to how to achieve this? Developing the NDIS driver itself is
not a problem since we’ve lots of experience there – the issue is
one of interfaces and what is required in that regard in order for us to
interface to wireshark as seamlessly as possible.
The next question would then
be – how to achieve the same thing on linux?
Thanks
Will