Wireshark-dev: Re: [Wireshark-dev] hpna 3.0
From: Bill Fassler <bill.fassler@xxxxxxxxx>
Date: Fri, 25 Jan 2008 06:11:34 -0800 (PST)
Guy et al -

If you go back a year or so ago to when I first came onto the mailing list I was actually sniffing HPNA, but it was HPNA 1.0.  We developed a protocol that rode on top of HPNA and that is the plug-in that I wrote for Wireshark.  I never submitted it because upstream because I didn't think it would be useful for anyone else.  As far as I know there is currently only one product on the market using this proprietary protocol riding on HPNA 1 and if your not involved in the development and troubleshooting process then it wouldn't be useful.

I think the dilemma here is that I used special hardware, a 2Wire USB to phone jack thingamebob that I know works with HPNA 1, but apparenlty doesn't work with HPNA 3 (yet).

So my question to you was perhaps anal now that I ponder it further.  I think if I can find or modify some hardware connector then I am virtually positive that Wireshark could sniff it and then I could dissect it.

There is no immediate need for me to do this and now that I realize what might be involved I am hoping I won't ever have to do it, at least not until 2Wire comes out with their next generation USB=>Phone Jack thingygingy that'll do HPNA 3.

Bill

Guy Harris <guy@xxxxxxxxxxxx> wrote:
Bill Fassler wrote:
> Hey guys, I haven't done any Wireshark plugins or anything in quite a
> while, but am still part of the mailing list...
>
> Someone just asked me if Wireshark sniffs HPNA 3.0

"Sniffs HPNA 3.0" in what sense?

Wireshark does two things - capture traffic, and dissect and analyze
traffic.

The traffic it can capture depends mostly on the capabilities of:

the hardware it's using to capture;

the operating system it's running on;

the driver for the hardware it's using to capture;

the version of libpcap/WinPcap it's using.

If you want to plug directly into a phone wire or coax cable, without
any USB or Ethernet bridge to your HPNA network, and sniff the traffic
on that, you will probably need specialized hardware, and, unless that
hardware appears to the host as a regular network adapter, you'd
probably also need a specialized version of libpcap/WinPcap to talk to
that hardware.

If that hardware supplies MAC-layer packets, complete with the 8-bit
frame type field, you'd then require changes to Wireshark to be able to
capture those frames, much less dissect them.

If, however, you have a USB HPNA adapter on a personal computer, that
would probably show up as an Ethernet interface, and if you have a
HomePNA-to-Ethernet bridge, that would *definitely* be an Ethernet
interface. In that case, capturing should probably Just Work, although
the only frames you'd see would be Ethernet frames.

As for dissection, Wireshark knows nothing about non-Ethernet HPNA
frames, and I don't see any dissector that handles HPNA link-layer
control frames (Ethertype 0x886c). Whether you'd get any of those
frames with a USB HPNA adapter, or an Ethernet interface plugged into a
HomePNA-to-Ethernet bridge, is another matter; if not, and that's the
hardware you have, then it's irrelevant whether Wireshark could dissect
non-Ethernet HPNA frames or HPNA link-layer control frames, as you won't
see them - i.e. Wireshark is just capturing on what it thinks is an
Ethernet.
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev


Looking for last minute shopping deals? Find them fast with Yahoo! Search.