[Winpcap-users] Using DLT_USERx link type for unknown protocol
c-keel at gmx.de
c-keel at gmx.de
Mon Jun 4 17:49:21 GMT 2007
Hello.
I am using Windows XP and WinPcap 4.0.
I want to use a protocol analyzer to analyze a protocol that WinPcap is not
able to capture. Because of that I want to adapt the WinPcap libraries to
fit my needs. I'd like to do this with as less effort as possible. I want to
use the DLT_USER0 for my protocol. The protocol defines layer 1 and 2 of the
OSI model and as already mentioned, WinPcap has no idea of it by now.
The problem is that I have to tell wpcap.dll that the link type of my
protocol is DLT_USER0. I thought I could do that in PacketGetNetType of the
packet.dll.
But there are 2 problems with that:
- I can't set DLT_USER0 in PacketGetNetType (am I already wrong here?)
- even if I could do this, unfortunately pcap_open_live from wpcap.dll calls
this function and after calling this function it checks the link type with
the effect that the unknown DLT_USER0 would be assumed to be ethernet (But
my protocol is neither ethernet nor ethernet based).
So what is the purpose of the DLT_USERx link types and how should one use
them? And what about the various other link type values defined in
pcap-bpf.h? How are they assigned?
I'd like to tell the application that it is DLT_USER0. I'd like to do that
by only changing the packet.dll because there are some changes I have to
make in it.
I'd appreciate any help on that.
Steve
More information about the Winpcap-users
mailing list