Using RMON packet capture and filtering from Ethereal
Hi,
Among the Ethereal developers, we have talked about supporting RMON packet capture for some time, and I am motivated to start doing something about it.
A quick search suggests that libsmi is the obvious way to support what we want.
However, I want to leverage on the experience of others here.
Has anyone used libsmi to capture packets from an RMON probe or RMON capable switch or router?
Can anyone send me code fragments or outlines?
Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba
-- !! This message is brought to you via the `libsmi' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to libsmi-request@ibr.cs.tu-bs.de. !! See http://www.ibr.cs.tu-bs.de/projects/libsmi/ for more information.
Richard Sharpe writes:
Richard> Among the Ethereal developers, we have talked about Richard> supporting RMON packet capture for some time, and I am Richard> motivated to start doing something about it.
Richard> A quick search suggests that libsmi is the obvious way to Richard> support what we want.
Richard> However, I want to leverage on the experience of others here.
Richard> Has anyone used libsmi to capture packets from an RMON probe Richard> or RMON capable switch or router?
Richard> Can anyone send me code fragments or outlines?
Libsmi only provides access to the RMON data definitions. You still need to pick an SNMP library (I think ethereal has the gxsnmp code anyway) and to write some RMON configuration and retrieval code. Libsmi may help you to do this in a way such that you do not have to hard-code many OIDs and the associated information.
/js
Hi,
Richard Sharpe writes:
Richard> Among the Ethereal developers, we have talked about Richard> supporting RMON packet capture for some time, and I am Richard> motivated to start doing something about it.
Richard> A quick search suggests that libsmi is the obvious way to Richard> support what we want.
Richard> However, I want to leverage on the experience of others here.
Richard> Has anyone used libsmi to capture packets from an RMON probe Richard> or RMON capable switch or router?
Richard> Can anyone send me code fragments or outlines?
Libsmi only provides access to the RMON data definitions. You still need to pick an SNMP library
I'm not sure, if libsmi would be needed at all during runtime (for capturing, i don't thing there is any OID which needs to be resolved by name dynamically). However, it can still be used as a MIB compiler during software development.
(I think ethereal has the gxsnmp code anyway)
Not really :-) The ASN.1 dissector is derived from gxsnmp, but only the decoding part and modified to be more fault-tolerant. A second modification to support tvbufs is still outstanding...
and to write some RMON configuration and retrieval code.
That's the real hard part of the job :-)
Libsmi may help you to do this in a way such that you do not have to hard-code many OIDs and the associated information.
Dependent on your needs, this can either be during run-time or during compile-time.
Cheers, Jochen
-- !! This message is brought to you via the `libsmi' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to libsmi-request@ibr.cs.tu-bs.de. !! See http://www.ibr.cs.tu-bs.de/projects/libsmi/ for more information.
At 11:50 AM 9/18/00 +0200, Juergen Schoenwaelder wrote:
Richard Sharpe writes:
Richard> Among the Ethereal developers, we have talked about Richard> supporting RMON packet capture for some time, and I am Richard> motivated to start doing something about it.
Richard> A quick search suggests that libsmi is the obvious way to Richard> support what we want.
Richard> However, I want to leverage on the experience of others here.
Richard> Has anyone used libsmi to capture packets from an RMON probe Richard> or RMON capable switch or router?
Richard> Can anyone send me code fragments or outlines?
Libsmi only provides access to the RMON data definitions. You still need to pick an SNMP library (I think ethereal has the gxsnmp code anyway) and to write some RMON configuration and retrieval code. Libsmi may help you to do this in a way such that you do not have to hard-code many OIDs and the associated information.
Yes, I figured that out after posting, and looking again at libsmi and gxsnmp.
I am not aware, however, that the gxsnmp code is in ethereal as yet. Will have to look.
/js
-- Juergen Schoenwaelder Technical University Braunschweig schoenw@ibr.cs.tu-bs.de Dept. Operating Systems & Computer Networks Phone: +49 531 391 3289 Bueltenweg 74/75, 38106 Braunschweig, Germany Fax: +49 531 391 5936 URL:http://www.ibr.cs.tu-bs.de/~schoenw/
Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba
-- !! This message is brought to you via the `libsmi' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to libsmi-request@ibr.cs.tu-bs.de. !! See http://www.ibr.cs.tu-bs.de/projects/libsmi/ for more information.
participants (3)
-
Jochen Friedrich -
Juergen Schoenwaelder -
Richard Sharpe