Wireshark · Wireshark-dev: Re: [Wireshark-dev] wslua: reading raw file?

Wireshark-dev: Re: [Wireshark-dev] wslua: reading raw file?

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Tue, 08 Apr 2008 23:59:00 -0700

Nï¿½meth Mï¿½rton wrote:

I started to use wslua and succeed to write a simple dissector on
ethernet level. I created a .pcap header and copied my raw file after
it.

Is it possible using wslua to open a raw file which is not supported
by Wireshark, yet?

Creating a libpcap-format file header and writing after it packets thatdon't have libpcap-format packet headers is a waste of time; if you wantto write a file that programs that read libpcap format can read, put thelibpcap-format file header at the beginning of the file and then putlibpcap-format packet headers in front of the packet data for eachpacket, and if you just want a raw file, just write out the raw filewithout the libpcap-format headers - without libpcap-format per-packetheaders, the libpcap-format file header won't help you.

Follow-Ups:
- Re: [Wireshark-dev] wslua: reading raw file?
  - From: Németh Márton

References:
- [Wireshark-dev] wslua: reading raw file?
  - From: Németh Márton

Prev by Date: [Wireshark-dev] buildbot failure in OSX-10.4-PPC
Next by Date: [Wireshark-dev] buildbot failure in Windows-XP-x86
Previous by thread: [Wireshark-dev] wslua: reading raw file?
Next by thread: Re: [Wireshark-dev] wslua: reading raw file?
Index(es):
- Date
- Thread