Wireshark · Wireshark-dev: Re: [Wireshark-dev] regarding packet capture

[Guillaume Bienkowski <guillaume.bienkowski@xxxxxxxxxxxx>]

Look at the epan_dissect_* functions in the epan/epan.c and 
epan/packet.c files.
The real work is done through the epan_dissect_run(..) function, but 
it's not really clear in the documentation.
You can check the example of Eloy Paris in a previous discussion here: 
http://www.wireshark.org/lists/wireshark-dev/200804/msg00022.html

I also regret the Wireshark API isn't really well documented, you have 
to find out yourself how to use it; but if you feel like writing 
something after going through these files, feel free :-)


Amit Paliwal a �crit :
> Thanx for the suggestion, I went through the directory which provides 
> very very minimal information its like hardly 20 lines written there 
> that does not suffice for my query.
>
> kindly suggest some more ways to get that understanding. What I 
> actually wana know is the all protocol information is displayed uding 
> a tree so somewhere that tree is made by taking some kinda buffer. 
> where are these maintained,i will go through the code more once i get 
> the initial point.