Wireshark-users: Re: [Wireshark-users] Opening Acterna WAN capture files in wireshark

From: "Persio Pucci" <persio@xxxxxxxxx>
Date: Tue, 30 Jan 2007 19:55:19 -0200
Hi, I'll give ProConverter a try to see if it works.
 
also I'll forward to Luis a couple of files on its format, to see what is wrong.
 
Thank you all.
 
Persio

 
On 1/30/07, Guy Harris <guy@xxxxxxxxxxxx> wrote:
Persio Pucci wrote:

> is there a way to open in Wireshark files captured by an Acterna packet
> analyzer in a Frame Relay interface?

The list of file formats supported by Wireshark can be found at

       http://wiki.wireshark.org/FileFormatReference

It doesn't explicitly list Acterna's format; unless it uses one of the
formats listed there, Wireshark can't read it.

In order to enhance Wireshark to read a file format that it currently
doesn't read, somebody would need to write additional code to read that
file format.  This would require the author of that code to know what
the file format is.

If Acterna has documented the format, and you have that documentation,
we could use that to write the code to read those files.  We would need
some capture files to test it.

If they have *not* documented the format, we would have to
"reverse-engineer" the format.  As Luis Ontanon indicated, that would
require that we have capture files - we'd probably want more than one
file, so that we can look for patterns in the file format - as well as
decoded versions of those files giving time stamps, packet content, etc.
for the packets in those files.
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users