Wireshark

Javier Cardona javier at cozybit.com
Mon Feb 25 15:09:36 EST 2008 

Ricardo,

On 2/25/08, Ricardo Carrano <carrano at ricardocarrano.com> wrote:
> Applies the patch and compiled but failed to execute (on Ubuntu)...
>
> 14:43:34          Err  file about_dlg.c: line 250 (splash_update): assertion
> failed: (ul_sofar <= ul_count)
> Aborted (core dumped)
>
> Any ideas? Has someone tried this on Ubuntu?

Oh, I just commented out that assertion and it all worked with a fuss:

(lt-wireshark:32429): Gtk-CRITICAL **: gtk_progress_set_percentage:
assertion `percentage >= 0 && percentage <= 1.0' failed

Who cares if the progress bar goes beyond 100%... :)

Javier


> On Mon, Feb 25, 2008 at 4:37 AM, John Watlington <wad at laptop.org> wrote:
> >
> > A version of wireshark which is patched to monitor the new mesh
> > protocol is available at:
> >
> > (older, F7 version)
> > http://dev.laptop.org/~wad/wireshark-0.99.5.mesh.patch
> > http://dev.laptop.org/~wad/wireshark-0.99.5-1.i386.rpm
> >
> http://dev.laptop.org/~wad/wireshark-gnome-0.99.5-1.i386.rpm
> >
> > (current, F8 version)
> > http://dev.laptop.org/~wad/wireshark-0.99.7.mesh.patch
> > http://dev.laptop.org/~wad/wireshark-0.99.7.mesh.i386.rpm
> >
> http://dev.laptop.org/~wad/wireshark-gnome-0.99.7.mesh.i386.rpm
> >
> > I'm still not seeing RREQ traffic, but I haven't played
> > around with the new version much.
> >
> > Enjoy,
> > wad
> >
> >
> >
> >
> > On Feb 21, 2008, at 2:54 PM, Javier Cardona wrote:
> >
> > > On 2/21/08, John Watlington <wad at laptop.org> wrote:
> > >>
> > >>  Thanks for the reply.   What is your estimate of the difficulty
> > >>  in supporting the new mesh format ?
> > >>
> > >>  We were really hoping to examine the simple mesh traffic
> > >>  carefully next week, and this puts a big crimp in those plans.
> > >
> > > It would take me about three hours, including testing, generating the
> > > patch, etc.  I don't have that time this week but may work on it early
> > > next week.
> > >
> > > Javier
> > >
> > >>  wad
> > >>
> > >>
> > >>  On Feb 21, 2008, at 1:20 PM, Javier Cardona wrote:
> > >>
> > >>> John,
> > >>>
> > >>> The patch was up to date up until we had to change the format of
> > >>> broadcast traffic.  It has not been updated since.  Unicast traffic
> > >>> should still be parsed correctly.  Please contact Ronak if you
> > >>> want us
> > >>> to work on this.
> > >>>
> > >>> Cheers,
> > >>>
> > >>> Javier
> > >>>
> > >>> On 2/21/08, John Watlington <wad at laptop.org> wrote:
> > >>>>
> > >>>>  Yeah, but I was hoping not to have to parse each packet
> > >>>> manually to
> > >>>>  determine if it is carrying data (TCP,UDP,etc.) or Path/Route
> > >>>> discovery
> > >>>>  traffic.
> > >>>>
> > >>>>  So nobody has patched wireshark to actually decipher mesh
> > >>>> traffic ?
> > >>>>
> > >>>>  wad
> > >>>>
> > >>>>
> > >>>>  On Feb 21, 2008, at 9:31 AM, Ricardo Carrano wrote:
> > >>>>
> > >>>>> Isn't the LLC traffic what you're looking for?
> > >>>>> I see a lot of multicast traffic on your file, particularly to
> > >>>>> 01:00:5e:7f:47:31. They are LLC.
> > >>>>>
> > >>>>> On Thu, Feb 21, 2008 at 10:38 AM, John Watlington <wad at laptop.org>
> > >>>>> wrote:
> > >>>>>
> > >>>>> My screen looks like the screen shot you sent when looking at
> > >>>>> that data.   I can see the mesh headers on the pings.
> > >>>>>
> > >>>>> Take a look at the data I pointed to.   It tried to record a
> > >>>>> session
> > >>>>> of a number of laptops collaborating.   I set the capture mask
> > >>>>> to 7 (beacons, link layer, and data).   But all I see in wireshark
> > >>>>> is beacons and LLC traffic.
> > >>>>>
> > >>>>> Given your data and screenshot, this is user error not misapplied
> > >>>>> patch...   Still, is there any way to dig deeper into simple mesh
> > >>>>> traffic ?
> > >>>>>
> > >>>>> wad
> > >>>>>
> > >>>>> On Feb 21, 2008, at 8:15 AM, Ricardo Carrano wrote:
> > >>>>>
> > >>>>>> <capture.dump>
> > >>>>>
> > >>>>>
> > >>>>
> > >>>>
> > >>>
> > >>>
> > >>> --
> > >>> Javier Cardona
> > >>> cozybit Inc.
> > >>
> > >>
> > >
> > >
> > > --
> > > Javier Cardona
> > > cozybit Inc.
> >
> >
>
>


-- 
Javier Cardona
cozybit Inc.

More information about the Devel mailing list