Wireshark-dev: Re: [Wireshark-dev] rs485

Date: Tue, 28 Sep 2010 12:44:53 +0200
        I have a similar problem. I want to be able to capture packets received from an ATM card. Is there a documentation available how-to enhance libpcap to be able to decode higher level messages in Wireshark (e.g. receiving AAL-2 packets from the ATM card driver, reassembling the framing protocol and sending RLC/MAC frames to wireshark or something like this)? What are the main steps, what would you recommend to start with, how are Wireshark and libpcap interworking, is an implementation already available??

> -----Ursprüngliche Nachricht-----
> Von: Guy Harris 
> Gesendet: Di. 28.09.10 (10:25)
> An: Developer support list for Wireshark 
> Betreff: Re: [Wireshark-dev] rs485
> 
> 
> On Sep 28, 2010, at 12:56 AM, Agustin Figueredo Canosa wrote:
> 
> > I´m working with a link layer protocol using rs485 interface. I
> have
> > created a dissector for my protocol and it works fine. But now I
> would
> > like (if possible) to capture packets in real time.
> > 
> > I think it´s not possible to capture live data from rs485 using
> wireshark
> > directly but if anyone have worked in it I'll be grateful for any
> help.
> 
> Ultimately, Wireshark's ability to capture from a traffic source is
> dependent on libpcap/WinPcap's ability to capture from it, which is
> dependent on the OS on which you're capturing and/or the hardware
> used for the capturing.  Modern versions of libpcap (for UN*X
> systems) and WinPcap (for Windows) support adding modules to handle
> various types of capture hardware and software (although they're
> modules compiled into the libpcap or WinPcap library, not plug-in
> modules loaded at run time).
> 
> On what operating system or operating systems do you want to do the
> capturing?  What software does it have to support RS-485?
> 
> What sort of hardware do you have to connect to the RS-485-based
> network?  An RS-485-to-USB converter, as you mention, or some other
> form of hardware (such as a serial transceiver)?
> 
> Do you want to capture traffic on an RS-485-based network that's
> neither sent to nor from the machine doing the capturing
> ("third-party" capture), or do you just want to capture traffic sent
> to or from your machine?
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list 
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
> 
> 
> -----Ursprüngliche Nachricht Ende-----




Exklusiv: Neue E-Mail-Adresse @iPhone.de jetzt verfügbar!
Sichern Sie sich jetzt ihre persönliche http://www.iphone.de/iphonemail/index.html?pid=10111947021