[En-Nut-Discussion] Using Ethereal/Wireshark realtime with RS232 PPP

[Brett Abbott]

Hi

I hope you all are having a great holiday break!

I see from Ernst's email (13/12, Two Nut/os boxes, see below) that it is 
possible using "SerialAnalyser" to create a PCAP file for later analysis 
with Ethereal.

Does anyone know of a working solution to capture this data realtime 
into Wireshark (formerly known as Ethereal)?  ie. a capture interface 
that takes two rx serial port interfaces (RX and TX from the single port 
being monitored).

Is there any interest in such a development?  There is an active 
Wireshark developer community but our need here is quite specialised so 
we would probably need to contribute ourselves.

Finally, does any one have the link to the "SerialAnalyser" Ernst refers 
to?  Is source available - this could assist with encouraging the 
Wireshark developers.

I use a dedicated PPP analyser application that takes a feed from the 
two serial ports but its output is not easily saved nor analysed so 
Wireshark/Ethereal would be great.

Many Thanks
Brett
-----------------------------
 From Ernst ((13/12, Two Nut/os boxes,)

The 9-pin serial I/F has a TX (transmit) and RX (receive) line (pin 3 and 2
of the DB9 connector). You need to get into the DB9 connector and tap into
pin 2 and pin 3.

If you connect these two pins to SEPARATE RX pins in two DIFFERENT serial
I/F on a PC, you could use a program like "SerialAnalyser" to listen and
capture the data (going in and out of the Ethernut) and produce a PCAP file
which in turn can be analyzed and displayed by Ethereal...

Not a very easy way, but  working.


-- 

-----------------------------------------------------------------
Brett Abbott, Managing Director, Digital Telemetry Limited
Email: Brett.Abbott at digital-telemetry.com
PO Box 24 036 Manners Street, Wellington, New Zealand
Phone +64 (4) 5666-860  Mobile +64 (21) 656-144
------------------- Commercial in confidence --------------------