Hi.
-----Original Message-----
From: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx]On Behalf Of Carsten
Buchenau
Sent: venerdi 9 gennaio 2004 20.22
To: Ethereal
Cc: Hartmut Mueller
Subject: [Ethereal-dev] hethereal: HTML output & control /
client-serverissue....
Hi there,
I have seen with delight that someone remembered some work I was
doing 3
years ago... the project was called hethereal and is basically a
modified tethereal to be used as cgi-bin, see
http://www.ethereal.com/lists/ethereal-dev/200104/msg00201.html
This work was part of my diploma work (I did together with Hartmut
Mueller and Tim Abenath) where we created a network protocol analyzer
with an embedded PC running on Linux, sized like a box of cigarettes.
The idea was to place this little box anywhere inside a Network and
then
connect to the HTML interface from any PC by using *any* JavaScript
enabled Web browser.
Of course we cared about all relevant security issues etc., but that's
not the point here...basically, the work relates to two discussions
that
occured on this list recently:
- HTML output (including the XML/PDML thread)
- the wish to remotely control ethereal from any computer within a
network (client-server thread)
Briefly, the old hethereal worked like this:
- read in capture file and specified read filters (supplied by using a
form interface)
- produce ONE output stream, containing ALL packet details from the
capture (after applying the read filter, of course). This was pure
JavaScript, creating JavaScript on-the-fly for the details-frame when
a
packet was chosen in the summary frame. So no need for any
re-connection
when choosing a packet and - very important - no need for any
proprietary Microsoft stuff (maybe this is of special interest to
Fulvio's students ;-) ).
This has been updated (only in our CVS, though).
In any case, there's another solution to that: use the remote capture,
which
is available in Windows, Linux and BSD.
You can find compilable sources in the WinPcap website, version 3.01
alpha.
The remote capture has one advantage: it does not add protocol
dissectors
capabilities into the network probe.
So, the machine that is going to capture the traffic has much less to
do.
Just capture (and filter), then send data back to the collector.
Among the applications that support remote capture there are Analyzer,
ntop,
snort.
Unfortunately, no Ethereal (Guy? ;-)) ).
So far for what was done 3 years ago... recently, we decided to
pick-up
our work and do a complete redesign of hethereal (by the way, the "h"
stands for html.... and please do not missspell it as heathereal ;-)
).
To do this, we have identified the following tasks:
- create XML output. This is done now with PDML (thanks guys, great
job!); and PSML should do the job for the packet summary output
- create a stylesheet to transform the XML to HTML (JavaScript),
complete re-write of the JavaScript code
- re-write the hethereal binary to include interfaces for capturing,
choosing capture-files, etc.
I am actually working on the XSL part producing JavaScript code.
That's
quite a chunk, and I will make it available to the list as soon as I
have something real to show. Right now, I can process the pure PDML
output into JavaScript, but the tree-view is still missing. I hope
that
this will then clarify where still some work is missing and how anyone
can help...
Probably I can give you some first results / a preview this weekend.
greetings,
carsten
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
