Wireshark · Wireshark-users: Re: [Wireshark-users] Captruing raw ethernet bytes or packets

Wireshark-users: Re: [Wireshark-users] Captruing raw ethernet bytes or packets

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Sat, 31 Oct 2009 11:26:06 -0700


On Oct 30, 2009, at 9:03 PM, Joe G (Home) wrote:

I use my own ethernet protocol. can I use Wireshark to capture theraw
bytes and ethernet packets not an standard ethernet packet?

What do you mean by "[your] own Ethernet protocol"? Do you mean thatthe frames you send out over Ethernet don't start with a standardEthernet header (6 octets of destination address, 6 octets of sourceaddress, 2 octets of type/length field)? Or do you mean that they*do* start with a standard Ethernet header, and you're running yourown protocol *on top of* a standard Ethernet header with a type field,or a standard Ethernet header with a length field and with a standard802.2 LLC header (and possibly a SNAP header)?

References:
- [Wireshark-users] Captruing raw ethernet bytes or packets
  - From: Joe G (Home)

Prev by Date: Re: [Wireshark-users] saving traces as simple ASCII file
Next by Date: Re: [Wireshark-users] can wireshark be set uip to view pause packets
Previous by thread: [Wireshark-users] Captruing raw ethernet bytes or packets
Next by thread: [Wireshark-users] Sniffing Wireless with Wireshark?
Index(es):
- Date
- Thread