Wireshark · Ethereal-dev: Re: [ethereal-dev] How do I add support for an atm interface?

Ethereal-dev: Re: [ethereal-dev] How do I add support for an atm interface?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <gharris@xxxxxxxxxxxx>

Date: Sat, 27 May 2000 00:52:00 -0700

On Fri, May 26, 2000 at 09:27:51PM -0400, Mark Clayton wrote:
> I want to add support for an interface besides eth and lo.Can someone point 
> me in a good direction to get started?  In particular, I want to add support 
> for monitoring an ATM interface.

I'm assuming that by "monitoring" you mean capturing packets from an ATM
interface, not just reading ATM captures, and am also assuming that,
given the reference to "eth" and "/sbin/insmod", you're doing this on a
Linux system.

If so, then the first thing you need to do is find out what DLT_ value
gets returned by libpcap for ATM on Linux, so you know how to plug
libpcap (which is the library Ethereal uses for capturing packets) into
Ethereal for ATM.

The atm-linux 0.65 source I downloaded a while ago seems to indicate
that it's DLT_ATM_CLIP; the Wiretap library that Ethereal uses maps this
to WTAP_ENCAP_LINUX_ATM_CLIP.

If, in fact, that's the right encapsulation - i.e., if the packets that
get handed up by libpcap are raw IP, as the code in "packet-clip.c" that
Ethereal uses to handle WTAP_ENCAP_LINUX_ATM_CLIP assumes - then all you
might need to do would be to add

	    case WTAP_ENCAP_LINUX_ATM_CLIP:
	      capture_clip(pd, &ld->counts);
	      break;

to the "case" statement in "capture_pcap_cb()" in "capture.c", and add

	#include "packet-clip.h"

right before

	#include "packet-eth.h"

in the list of includes at the top of "capture.c".

Note, though, that there's a comment I put into "dissect_clip()" that
says:

     XXX - the ATM on Linux code includes a patch to "tcpdump"
     that compares the first few bytes of the packet with the
     LLC header that Classical IP frames may have and, if there's
     a SNAP LLC header at the beginning of the packet, it gets
     the packet type from that header and uses that, otherwise
     it treats the packet as being raw IP with no link-level
     header. */

If that's the case, then you'd need to change "capture_clip()" and
"dissect_clip()" to do similar stuff; if it sees an LLC header, hand the
packet to "capture_llc()" in "capture_clip()" and to "dissect_llc()" in
"dissect_clip()", otherwise just hand it to "capture_ip()" and
"dissect_ip()" as is done now.

References:
- [ethereal-dev] How do I add support for an atm interface?
  - From: Mark Clayton

Prev by Date: Re: [ethereal-dev] Usability feature, protocol tree
Next by Date: Re: [ethereal-dev] Small patches for C++ compatability
Previous by thread: [ethereal-dev] How do I add support for an atm interface?
Next by thread: [ethereal-dev] nightly builds
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$