Hello everyone, a newbie here who tries to understand how
ethereal is working.
I would like to use ethereal as an analyzer, but not as a sniffer,
rather to pump data into ethereal, for example using a FIFO.
This works fine. Now to what I don't understand how to do:
I have a given (telecom) stack that ethereal seem to support,
which does not include Ethernet/IP. (For example the
MTP3->SCCP->RANAP->L3 stack used in UMTS/3G.)
What I want to do is to feed ethereal such messages,
is this doable? I think it should be, most of the stuff is there.
I gueass I have to write down some header for the pcap
format that includes this somehow (??), and/or (pre-)configure
Ethereal to use this stack somehow, but I don't understand how
this works.
Is this doable? Any tips/ideas or anything similar done? I'm
not afraid to dig into the code or to add new protocols as needed,
but I was hoping to avoid it as much as possible.
Many, many thanks in advance,
//Björn Thuresson
