Re: (ASCEND) wddi Debug Data Format

To: Andre Beck <beck@ibh-dd.de>
Subject: Re: (ASCEND) wddi Debug Data Format
From: Larry Young <larry@zedak.com>
Date: Mon, 10 Nov 1997 08:45:42 -0500 ()
cc: Ascend Users <ascend-users@bungi.com>
In-Reply-To: <19971110113732.03040@ibh-dd.de>
Sender: owner-ascend-users@max.bungi.com

Andre,

I was in lurk mode and was fascinated to see the reference
to hex2ppp. I've been unable to compile it though, as I
am running on Linux and apparently Linux's #defines for
protocol constants have different names than those in
the include files of whatever system this code was compiled
on.  If you've been able to compile this code, can I ask
where you obtained the .h's?

Thanks,

Larry

On Mon, 10 Nov 1997, Andre Beck wrote:

> On Fri, Nov 07, 1997 at 09:34:03AM +0000, Rylan Luke wrote:
> > I am attempting to find a logon burp under NT 4 which causes my 
> > Pipeline 75 to dial out.
> > 
> > Using wddi from Diagnostics, I get a hex dump of the packet which 
> > causes the dialout.
> > 
> > I was promised a faxed document from Ascend Tech support which 
> > explains what kind of data I am looking at... it never arrived.
> > 
> > Here is the data from wddi; is this an IP packet?
> > 
> >  [0000]: 00 C0 7B 63 B1 1E 00 80 C8 86 26 F6 08 00 45 00
> >  [0010]: 00 3C E9 05 00 00 1F 01 E5 BF C0 A8 64 66 A5 E3
> >  [0020]: 02 0A 08 00 25 5C 01 00 27 00 61 62 63 64 65 66
> >  [0030]: 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72
> > 
> > I also looked on Ascend's web site, and couldn't find any documents 
> > explaining this command, or the data format.
> > 
> > Is there such a document; is this just a standard packet that I can 
> > use an RFC to decode?
> 
> It is simply a straight hexdump of a layer 2 frame, i.e. ethernet.
> It is Ethernet_II and from the protocol id 0800 you can be sure it
> indeed is IP. IP starts at offset 14 and is (as beeing IPv4) easily
> detetcted with the first nibble of a byte beeing 4 (and in most cases
> the whole byte beeing 45 due to normal [i.e. optionless] IP headers
> having 5 longwords). The rest can be analyzed if you have RFC 791, 792
> handy or with a nice little program that Phillip Vandry <vandry@Mlink.NET>
> posted to this list a while ago (http://www.mlink.net/~vandry/hex2ppp.html):
> 
> beck@micky:~ > hex2ppp/hex2ppp 
>  [0000]: 00 C0 7B 63 B1 1E 00 80 C8 86 26 F6 08 00 45 00
>  [0010]: 00 3C E9 05 00 00 1F 01 E5 BF C0 A8 64 66 A5 E3
>  [0020]: 02 0A 08 00 25 5C 01 00 27 00 61 62 63 64 65 66
>  [0030]: 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 
> 00c07b63b11e0080c88626f60800 IPv4 <len=3c> <id=e905> <ttl 31> ICMP 192.168.100.102 --> 165.227.2.10 EchoRequest <code=0> <sum=255c> <id=256> <seq=9984> 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72
> ^D
> 
> Yeah, normal ICMP echo request (i.e. ping) from 192.168.100.102 to
> 165.227.2.10 and likely to cause a dialout.
> 
> Andre.
> -- 
> 
> Kanther-Line: PGP SSH IDEA MD5 GOST RIPE-MD160 3DES RSA FEAL32 RC4
> 
> +-o-+--------------------------------------------------------+-o-+
> | o |               \\\- Brain Inside -///                   | o |
> | o |                   ^^^^^^^^^^^^^^                       | o |
> | o | Andre' Beck (ABPSoft) beck@ibh-dd.de XLink PoP Dresden | o |
> +-o-+--------------------------------------------------------+-o-+
> ++ Ascend Users Mailing List ++
> To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
> To get FAQ'd:	<http://www.nealis.net/ascend/faq>
> 

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

References:

Re: (ASCEND) wddi Debug Data Format

From: Andre Beck <beck@ibh-dd.de>

Prev by Date: (ASCEND) Patch: radiusd uses db library
Next by Date: Re: (ASCEND) wddi Debug Data Format
Prev by thread: Re: (ASCEND) wddi Debug Data Format
Next by thread: Re: (ASCEND) wddi Debug Data Format
Index(es):
- Main
- Thread