Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] source code

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Fri, 04 Apr 2008 02:22:03 -0700
Maria de Fatima Requena wrote:

Does anyone know where (which files) is the code for telling skinny packets apart

I.e., the code that recognizes that a given packet is a Skinny Client Control Protocol packet?

That's dissect_skinny() in epan/dissectors/packet-skinny.c.

and for the capture of packets in general?

The capture code is in dumpcap.c. It's compiled into a program called dumpcap, along with some other source files; both Wireshark and TShark run that program to do capturing. (That way, if the code that does capturing has to run with privileges, Wireshark and TShark themselves, with their 1.5 million lines of dissector code, don't have to run with privileges, so if there's a vulnerability in them, the damage they can do is limited.)