Wireshark-dev: Re: [Wireshark-dev] hpna 3.0

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Fri, 25 Jan 2008 10:54:18 -0800
Bill Fassler wrote:

I think the dilemma here is that I used special hardware, a 2Wire USB to phone jack thingamebob that I know works with HPNA 1, but apparenlty doesn't work with HPNA 3 (yet).

So my question to you was perhaps anal now that I ponder it further. I think if I can find or modify some hardware connector

(Presumably not just meaning "connector" in the physical sense, as it'd require all the hardware to convert the electrical signaling used for HPNA into bits.)

then I am virtually positive that Wireshark could sniff it and then I could dissect it.

Only if it supplies only Ethernet frames (rather than any other type of MAC frame), and only if it supplies them as Ethernet frames (without any MAC-layer type field), and only if it appears on your host as a network adapter whose driver plugs into whatever mechanism your OS uses for packet capture.

If the last of those isn't the case, then you would have to modify libpcap/WinPcap to add code that connects to whatever driver the device has, and offers it as an additional capture device.

If the first and second of those aren't the case, then you would have to

	request a DLT_ value for HPNA from tcpdump-workers@xxxxxxxxxxx;

	modify libpcap to handle that DLT_ type;

	modify Wireshark to handle files with that DLT_ type.

I suspect your 2Wire device showed up as a network device of that support, supplying Ethernet frames - i.e., you were "sniffing HPNA" in the sense that you were sniffing the emulated Ethernet that HPNA hardware supplies to host devices, not sniffing the raw HPNA link layer.