GinMAC Dissector for Wireshark
---------------------------------------------

Purpose:
  This dissector can be integrated into Wireshark. It then helps you to analyse
  a series of recorded packets in order to locate potential problems in GinMACs
  operation.

Version:
  This patch applies to the latest development release of Wireshark as of 
  the creation of this read me. The version is called wireshark-1.4.0rc1. 
  However, there are no good reasons why this patch should not work with newer
  versions of wireshark.

Build:
  Download and unpack wireshark. Then, apply the patch with
    patch -p0 < ginmac.patch

  This will modify the Makefiles so that the GinMAC dissector will be compiled
  when building Wireshark. Now copy the source files into Wireshark:
    cp packet-ginmac.* epan/dissectors

  That's it. Now you can build Wireshark as usual.

Usage:
  The GinMAC dissector can be used to analyse GinMAC packets wrapped in 
  ethernet frames. This is a common tactic and supported by the GINSENG 
  sniffer. In order to detect GinMAC packets, the ethernet frames have to have
  a special ethertype in their headers. By default, this ethertype is 0x809B.
  The default can be changed in the Wireshark configuration.

Example:
  In this directory, you can find an example pcap file with GinMAC data in it.
  This can be used to get a good impression of the capabilities of the 
  Wireshark dissector for GinMAC.
