File: README.DECT

package info (click to toggle)
wireshark 1.12.1+g01b65bf-4+deb8u14
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 234,068 kB
  • sloc: ansic: 1,912,971; xml: 84,598; cpp: 41,923; python: 30,175; perl: 25,286; lex: 6,416; sh: 6,406; pascal: 6,120; makefile: 3,968; yacc: 297; asm: 156; awk: 58; tcl: 35
file content (39 lines) | stat: -rw-r--r-- 1,273 bytes parent folder | download | duplicates (7)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
Description:
============
DECT pcap files can be obtained by using tools included with the linux
kernel driver for the Dosch-and-Amand COM-ON-AIR cards. The driver is
called com-on-air_cs.

Wireshark cannot directly record from the DECT HW, as the driver
currently lacks a virtual network interface.

There is ongoing work to change this (see this work by Patrick McHardy):
git clone git://git.kernel.org/pub/scm/linux/kernel/git/kaber/dect-2.6.git
git clone git://git.kernel.org/pub/scm/linux/kernel/git/kaber/libnl-dect.git
git clone git://git.kernel.org/pub/scm/libs/netlink/libnl.git
Also needed are a proper linktype value assigned by the libpcap team and
the proper patches for libpcap to support this (the value used in the
patch below is not officially assigned!):
git://git.kernel.org/pub/scm/linux/kernel/git/kaber/libpcap-dect.git

To nicely view DECT pcap files in wireshark, set up a custom layout:

Edit->Preferences...
  User Interface
    Colums

      No.      | Number
      Protocol | Protocol
      Frame    | Custom Column: dect.framenumber
      TA       | Custom Column: dect.cc.TA
      A-Field  | Custom Column: dect.cc.AField
      B-Field  | Custom Column: dect.cc.BField
  OK


Edit->Configuration Profiles...
  New
  Profile Name = dect
  OK