-$Id: README,v 1.25 2000/09/20 12:09:52 gram Exp $
+$Id$
Wiretap is a library that is being developed as a future replacement for
libpcap, the current standard Unix library for packet capturing. Libpcap
is great in that it is very platform independent and has a wonderful
BPF optimizing engine. But it has some shortcomings as well. These
-shortcomings came to a head during the development of Ethereal
-(http://ethereal.zing.org), a packet analyzer. As such, I began developing
+shortcomings came to a head during the development of Wireshark
+(http://www.wireshark.org/), a packet analyzer. As such, I began developing
wiretap so that:
1. The library can easily be amended with new packet filtering objects.
Wiretap is very good at reading many file formats, as per #2
above. Wiretap has no filter capability at present; it currently doesn't
support packet capture, so it wouldn't be useful there, and filtering
-when reading a capture file is done by Ethereal, using a more powerful
+when reading a capture file is done by Wireshark, using a more powerful
filtering mechanism than that provided by BPF.
"-tn 0x30000000"; the nettl man page for HP-UX 10.30 implies that it
should work.
+There is also basic support for nettl files containing NS_LS_DRIVER,
+NS_LS_TCP, NS_LS_UDP, NS_LS_LOOPBACK, unknown type 0xb9, and NS_LS_ICMP.
+However, NS_LS_ICMP will not be decoded since WTAP lacks a raw ICMP
+encapsulation type.
+
+
Toshiba ISDN Router
-------------------
An under-documented command that the router supports in a telnet session
--------------------------------
Gilbert
+VMS TCPTRACE
+------------
+Compaq VMS's TCPIPTRACE format is supported. This is the capture program
+that comes with TCP/IP or UCX as supplied by Compaq or Digital Equipment
+Corporation.
+
+Under UCX 4.x, it is invoked as TCPIPTRACE. Under TCPIP 5.x, it is invoked
+as TCPTRACE.
+
+TCPTRACE produces an ascii text based format, that has changed slightly over
+time.
+
+DBS Etherwatch (text format)
+----------------------------
+Text output from DBS Etherwatch is supported. DBS Etherwatch is available
+from: http://www.users.bigpond.com/dbsneddon/software.htm.
+
+Catapult DCT2000 (.out files)
+-----------------------------
+DCT2000 test systems produce ascii text-based .out files for ports
+that have logging enabled. When being read, the data part of the message is
+prefixed with a short header that provides some context (context+port,
+direction, original timestamp, etc).
+
+You can choose to suppress the reading of non-standard protocols
+(i.e. messages between layers rather than the well-known link-level protocols
+usually found on board ports).
+
-Gilbert Ramirez <gram@xiexie.org>
+Gilbert Ramirez <gram@alumni.rice.edu>
Guy Harris <guy@alum.mit.edu>
+
+STANAG 4607
+-----------
+Initial support for the STANAG 4607 protocol. Documentation at:
+http://www.nato.int/structur/AC/224/standard/4607/4607.htm
+
git.samba.org / metze / wireshark / wip.git / blobdiff