Ethereal-dev: Re: [Ethereal-dev] Extract data from Ethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Ober Heim <ober@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 20 Oct 2004 01:56:16 +0100 (BST)
I use a custom lex/yacc parser for the tethereal output, yank out what 
want, and insert it into postgresql.
Then I pull the data and use graphviz to plot out all the relationships 
in SVG format. With this you can zoom, pan, and even bookmark individual 
nodes. That and a little javascript and you can do popups(tooltips) and 
other things. As an example http://www.linux.org.uk/~ober/test.html
I like to track activity of things like viruses this way.

You will need the SVG plugin for browser.
Hope this helps.


On Tue, 19 Oct 2004, Koen Smets wrote:

> Dear developers,
> 
> Together with a fellow student (at the University of Antwerp
> (Belgium), we're working on a year programming assignment. The goal is
> to write visualization tool for an mobility testbed.
> 
> I'll give you all a bit of introductory information:
> - as capturing device, we decided to use ethereal (because of the nice
> GUI and filter capabilities) so that we don't have to reinvent the
> wheel.
> - visualization tools: 
> * gnuplot (to draw packet/time plots);
> * nam (from the nsnam project -> visualize traffic in real-time animations);
> * self written tool to draw sequence diagrams (visualise traffic from
> one node to others  nodes in the topology, in function of time)
> *...
> 
> Our task is now to glue all those components together.
> 
> What we'd like to do, is write some sort of plugin to Ethereal that
> acts as a client, which main task is to deliver a server the necessary
> data we need to complete the rest of the visualisation (e.g. from the
> packet-list: #,time, source and destination).
> 
> The main application will get written in C++ using the Qt GUI. We're
> also the abilities build in Qt (QSocketdevice, QSocketnotifier...) to
> handle client/server interface.
> 
> After reading some docs about developing plugins and tapping systems,
> we noticed that most of the information is concerning about new
> protocol dissectors (that's not what we're looking for, isn't?) and so
> we didn't found an answer to our main problem: getting data from
> ethereal in a proper manner.
> 
> If this wasn't already hard enough, we also need a way to handle
> events like clicking on a packet in sequence diagram -> highlight
> packet details in ethereal...
> (we thought to write some kind of protocol and also use sockets to get
> that job done , but therefore I think we need to bind some callbacks
> from Ethereal)
> 
> Is it possible to you give us some advice, how to handle this 2
> problems? Best way to implement it (using plugins and making use of
> tapping?)
> 
> 
> Regards,
> Koen Smets
> 
>