Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-dev: [Wireshark-dev] Programmatic single packet dissection

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: "Noam Dev" <noamdev@xxxxxxxxx>
Date: Tue, 1 May 2007 19:20:59 +0200

Hi,

I'm not sure if this should go in wireshark users or developers mailing lists, but i think that this is the right one.
I'm trying to create an extension to wireshark that will allow packet based dissection.

I want to create a class that can initialize the dissectors once, and then receive a data chunk of a single packet and return the XML of the dissected packet.
This is similar to Tshark.exe, but it can not receive single packets, just complete dump files (and it has to init dissectors per run).

I am pretty clueless as to where to start looking in order to do this. Could someone point me to the right direction (like, which API calls do i need to do in order to have an initialized environment, etc).

Thanks!

  • Prev by Date: Re: [Wireshark-dev] Fwd: FW: [PATCH] New protocol dissector - Kingfisher
  • Next by Date: [Wireshark-dev] Developing with tshark
  • Previous by thread: Re: [Wireshark-dev] Fwd: FW: [PATCH] New protocol dissector - Kingfisher
  • Next by thread: [Wireshark-dev] Developing with tshark
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation