I don't think you're convincing anyone that you are actually aware of
the header formats or you'd probably be able to figure this out, which
is why Guy suggested you do a little more reading.
But I'll try to help you along a little further:
The Ethernet header is a fixed 14 bytes as follows:
000000 00 e0 1e a7 05 6f 00 10
000008 5a a0 b9 12 08 00
Since the Ethertype indicates IP, the IP header follows next:
000008 46 00
000010 03 68 00 00 00 00 0a 2e
000018 ee 33 0f 19 08 7f 0f 19
000020 03 80 94 04 00 00
Since the protocol indicated in the IP header is RSVP, the payload will
contain an RSVP header, followed by its data:
000020 10 01
000028 16 a2 0a 00 03 50 00 0c
000030 01 01 0f 19 03 80 11 01
(830 more bytes to follow ...)
I leave the rest of the details to you. Still troubled? Go back to
Guy's suggestion. :) As a quick alternative, you might want to try
looking at the information provided at the following web site, which
I've found to be helpful:
http://www.networksorcery.com <http://www.networksorcery.com/> -> RFC
SOURCEBOOK (top of page) -> Protocols (Left pane) -> I -> IP.
Good luck,
Chris
_____
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Tuesday, January 09, 2007 7:52 AM
To: wireshark-dev@wireshark.org
Subject: [Wireshark-dev] text2pcap once again
Hi Guy Harris ,
armed with what you've learned from that book about the format of
Ethernet headers and IP headers,
look at the first 14 bytes of data in the packet (you'll now know
how that produces the display
Thanks for the above suggestion especially the book.
But I'm already aware of the IP packet format , but some how I'm not
able to map the values to the different header fields .
000000 00 e0 1e a7 05 6f 00 10
000008 5a a0 b9 12 08 00 46 00
000010 03 68 00 00 00 00 0a 2e
000018 ee 33 0f 19 08 7f 0f 19
000020 03 80 94 04 00 00 10 01
000028 16 a2 0a 00 03 50 00 0c
000030 01 01 0f 19 03 80 11 01
Please correct me if I'm wrong , but as per my understanding , if I have
a file "test" with the above values as content then the below command
will generate an IP packet using these values and add some dummy
ethernet header values to it.
Command : text2pcap test test123.pcap
So could you please tell me which values from above would correspond to
IP header portions like :
1) version
2)IHL
3)TOS
4)Total length
5)Identification .......... etc .
Thanks once again for your response , hope to get some further inputs
again .
Note : This is related to the mail titled "text2pcap help needed " .
Regards ,
Vikash
The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.
www.wipro.com
-----------------------------------------
This email may contain confidential and privileged material for the
sole use of the intended recipient(s). Any review, use, retention,
distribution or disclosure by others is strictly prohibited. If you
are not the intended recipient (or authorized to receive for the
recipient), please contact the sender by reply email and delete all
copies of this message. Also, email is susceptible to data
corruption, interception, tampering, unauthorized amendment and
viruses. We only send and receive emails on the basis that we are
not liable for any such corruption, interception, tampering,
amendment or viruses or any consequence thereof._______________________________________________
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
