2009-02-03 21:30:36 +00:00
|
|
|
Description:
|
|
|
|
============
|
2011-09-01 04:35:57 +00:00
|
|
|
DECT pcap files can be obtained by using tools included with the linux
|
2009-02-03 21:30:36 +00:00
|
|
|
kernel driver for the Dosch-and-Amand COM-ON-AIR cards. The driver is
|
|
|
|
called com-on-air_cs.
|
|
|
|
|
2011-09-01 04:35:57 +00:00
|
|
|
Wireshark cannot directly record from the DECT HW, as the driver
|
2009-02-03 21:30:36 +00:00
|
|
|
currently lacks a virtual network interface.
|
|
|
|
|
|
|
|
There is ongoing work to change this (see this work by Patrick McHardy):
|
|
|
|
git clone git://git.kernel.org/pub/scm/linux/kernel/git/kaber/dect-2.6.git
|
|
|
|
git clone git://git.kernel.org/pub/scm/linux/kernel/git/kaber/libnl-dect.git
|
|
|
|
git clone git://git.kernel.org/pub/scm/libs/netlink/libnl.git
|
|
|
|
Also needed are a proper linktype value assigned by the libpcap team and
|
|
|
|
the proper patches for libpcap to support this (the value used in the
|
|
|
|
patch below is not officially assigned!):
|
|
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/kaber/libpcap-dect.git
|
|
|
|
|
|
|
|
To nicely view DECT pcap files in wireshark, set up a custom layout:
|
|
|
|
|
|
|
|
Edit->Preferences...
|
|
|
|
User Interface
|
|
|
|
Colums
|
|
|
|
|
|
|
|
No. | Number
|
|
|
|
Protocol | Protocol
|
2010-06-11 16:11:42 +00:00
|
|
|
Frame | Custom Column: dect.framenumber
|
|
|
|
TA | Custom Column: dect.cc.TA
|
|
|
|
A-Field | Custom Column: dect.cc.AField
|
|
|
|
B-Field | Custom Column: dect.cc.BField
|
2009-02-03 21:30:36 +00:00
|
|
|
OK
|
|
|
|
|
|
|
|
|
|
|
|
Edit->Configuration Profiles...
|
|
|
|
New
|
|
|
|
Profile Name = dect
|
|
|
|
OK
|
|
|
|
|
|
|
|
|