Hi Guy,
>
> So by "tracer" do you mean that it actually dissects and displays
packets, or do you mean it captures packets and feeds them to Wireshark
or some other program to dissect?
>
It's an USB device that captures packets on the bus and feeds it to
Wireshark as a byte array starting with the (SDLC) address and ending
with FCS.
Beginning and endflag are not included and bit stuffing is removed.
>
> So what's a "raw SDLC frame"? An SNA packet using SDLC as the
link-layer?
>
Right now there is no way (afaik) to use plain SDLC in Wireshark without
looking at the payload.
A "raw" frame is a SDLC frame that is recorded by the controller on OSI
layer 1 and should be interpreted as SDLC (OSI layer 2).
We don't know the payload used in the SDLC encapsulation as there is no
payload id field in SDLC to identify the protocol of the content.
The user needs to know what the content is (e.g. BITBUS) and select the
right dissector.
>
> So are these BITBUS packets, SNA packets, or both?
>
> ("SDLC" isn't "any protocol with an address field and an SDLC-like
control field"; that definition would include HDLC, LAPB, LAPD, BITBUS,
etc..)
It depends on the used system what protocol is used inside the SDLC
encapsulation. Some systems run only a single protocol and some run
different protocols depending on e.g. source/destination address.
The user has to decide how to dissect the content of the SDLC frame with
an external dissector.
We just want to display SDLC frames like Ethernet frames without any
automatic protocol dissection.
Best regards
Freundliche Grüße
Paul Becker
____________________________________________________
ELZET 80 Mikrocomputer GmbH & Co. KG
Theaterplatz 9
D-52062 Aachen
Germany
Tel. +49-241-4016580
Fax +49-241-48480
email: bec...@elzet80.de
Please visit our web-site at http://www.elzet80.com
ELZET
=8 0=
IIIII
____________________________________________________
USt.Id. : DE 117 662 038
Handelsregister Aachen Abt. A, Nr. 8044
Komplementär & Geschäftsführung:
Giesler & Danne Bet. u. Verw. GmbH
Handelsregister Aachen Abt. B, Nr. 17317
Geschäftsführer Walter L. Giesler
Am 17.01.2017 um 20:51 schrieb Guy Harris:
On Jan 17, 2017, at 5:25 AM, Becker (ELZET80) <bec...@elzet80.de> wrote:
I think my request was a bit misleading and wrong formulated. I told you we are
working on a BITBUS tracer which in reality is a SDLC tracer that can trace
BITBUS too.
So by "tracer" do you mean that it actually dissects and displays packets, or
do you mean it captures packets and feeds them to Wireshark or some other program to
dissect?
Is there a way to use the SDLC dissector as a DLT already?
No, and if you were to do so, you probably wouldn't like the results, unless
you're using SNA on the BITBUS links.
If not we would request a DLT for SDLC communication on which we would base our
BITBUS lua dissector plugin.
You should, instead, get LINKTYPE_BITBUS/DLT_BITBUS.
I don't think thats what we want as we have raw SDLC frames coming from our usb
tracer and need to display them too.
So what's a "raw SDLC frame"? An SNA packet using SDLC as the link-layer?
We want to feed the data directly into Wireshark with an extcap component and
don't want to go the detour over ethernet packets.
The payload data should not be interpreted by default (we would write a lua
bitbus dissector for that).
So are these BITBUS packets, SNA packets, or both?
("SDLC" isn't "any protocol with an address field and an SDLC-like control
field"; that definition would include HDLC, LAPB, LAPD, BITBUS, etc..)
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
