On Sat, Jul 10, 1999 at 01:54:27PM -0500, puzzled wrote:
>
>
> Now I have a problem where I might need to closely examine a token ring
> network and I am wondering how well ethereal will read token ring traces.
It examines them very well. I did most of my development on ethereal using
token-ring. The TR MAC layer is handled pretty well too; most of the common
cases are there. I didn't put all the MAC fields, but let me know if you need
them.
> I'd
> just try it, but I don't have a TR card handy and I won't buy one unless I
> am
> sure this is going to work. I suppose I'll have to do something like run
> tcpdump ... or does ethereal work directly with a token ring interface?
Tcpdump and ethereal both use libpcap for packet capturing. It's a multi-
platform library for packet capturing. The standard libpcap doesn't
understand token-ring, but you can patch it to do so. I think Paul Norton,
the Linux TR maintainer, has the patch at ftp://ftp.cts.com/users/crash/p/pnorton
Which OS are you using? Linux? Be aware that ibmtr doesn't support
promiscuous mode. Olicom's oltr does. Also, if you look at the oltr source code,
you can define a special variable for it to pass TR MAC frames up the stack, which
is good for what you're doing.
> Thanks
> in advance, and for the folks working on this - KEEP UP THE GOOD WORK!!!!
>
--gilbert
