Hi all,

Subj can be download from here. It's Win32 version.

Sorry I did not create installer version so just unpack archive to any directory and start wireshark.exe.
Local installed WinPCAP required. If you do not know how to install WinPCAP just run regular WireShark installation (0.99.6 recommended). It'll do everything needed.

If you want capture from remote Windows PC go to WinPCAP installation directory on remote PC and start rpcapd.exe. Copy from your Windows PC should also work.

To remote capture from Linux PC rpcapd should be started. Check for information how to build rpcapd for linux here.


I have compiled development version of rpcapd for FC4  (can work on other linux'es as well). Available here.

You need to use -n flag for now when rpcapd started. Read documentation (link I posted above) if have any questions on rpcapd.

After you start rpcapd, lunch my version of wireshark. Go Properties->Capture->Edit..... You'll find a way to add new remote interface.
Then go to Capture->Interfaces you'll see new interface in list. It should work as regular interface.

Any feedback very appreciated. It'll push me to clean the code and release to public.

By User List I mean any interface describing text line. Currently WireShark showing in list only intefaces it found on local machine.
If you're using remote capture you need enter interface to capture from as string some times pretty long.
I add functionality to allow user enter it's own interface lines add save them to configuration file and load back
to WireShark after reload.

Hi All,

Dear friends I am new to the Wireshark community as a developer. As our final year project
we will be developing a SS7 protocol Analyzer. Here we will be developing the Hardware
Circuitry to tap a physical E1 line. We have used Dallas Maxim E1/DS1 ICs are being used to
capture the raw data and those data will be ported in to a machine using a USB IC from FTDI.

We hope to analyze the raw data we capture through WireShark. The data we capture is in the
memory and we can access them via a custom API. We hope to insert these data in to pseudo
UDP or TCP packets and analyze through WireShark.

Please instruct us how should we start about from here, asking ANY question from us. Can we know
of any documentation that is available on SS7 message decoding in WireShark, as we know it
is not there in /docs  directory.

 Also we want to know what is the starting point of dissecting the SS7 stack in the WireShark
source. We went through the dissectors included in epan especially mtp2.c and there onwards
up the stack but our impression is that for our purpose we cant start at mtp2.c since we dont
see the Frame Alignment Word of SS7 ' 01111110 ' being handled there, subsequent decoding.

Regards

Xavier

On 9/3/07, Anders Broman (AL/EAB) <anders.broman-IzeFyvvaP7pWk0Htik3J/w@public.gmane.org> wrote: