Wireshark-users: Re: [Wireshark-users] Any zLinux users or idears about monitoring zLinux traffic

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Tue, 19 Jun 2007 16:21:32 -0700
On Jun 19, 2007, at 3:56 PM, Natividad, Joel wrote:
If not, any of the devs aware of any possible platform issues, should I venture to compile Wireshark on my own?
Not if whatever distribution you're using has an acceptable version of  
Wireshark available as a binary package.  (Red Hat Enterprise Linux is  
available for IBM mainframes, and, as far as I know, it has Wireshark  
RPMs; Novell's SUSE Linux Enterprise also supports the 64-bit IBM  
mainframes, and it might also have Wireshark RPMs; others such as  
CentOS might also have it.)
There is nothing about:

	Wireshark;

	GTK+ and the libraries that support it;

	GLib;

that would prevent them from running on S/390 or z/Architecture machines (they're 32-bit or larger processors, and the code has few, if any, problems with big-endian machines; occasional problems sneak in as a result of people developing primarily on PeeCee's running Windows or Linux or *BSD or... - or perhaps on MacIntels, now - but if I ever run across one I fix it pretty quickly, as *I'm* developing on a big-endian PowerBook).
Libpcap supports Linux, so, as long as the driver for your network  
adapters can supply incoming and outgoing packets to a PF_PACKET  
socket (that being what libpcap uses on 2.2 or later kernels), you  
should be able to capture traffic, although you might have to run as  
root to do it.  Whether the driver supports that is another matter; I  
don't know how "smart" mainframe network adapters are, and "smart"  
adapters might get in the way.