Wireshark · Wireshark-dev: Re: [Wireshark-dev] How to push packets into libpcap (Linux) ?

Wireshark-dev: Re: [Wireshark-dev] How to push packets into libpcap (Linux) ?

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>

Date: Fri, 19 Feb 2010 20:54:59 +0100

On Thu, 18 Feb 2010 17:12:31 +0200, Ori Finkelman <orifinkelman@xxxxxxxxx>
wrote:
> Hi,
> My Linux kernel module can sometimes drop packets on their way out (at
> the IP layer).
> However, I would like to be able to catch these packets in wireshark
> even though I am dropping them.
> 
> Is there any way I can push an sk_buff directly into libpcap so I will
> get it into wireshark ?
> 
> Thanks,
> Ori

Hi,

Maybe ulogd from netfilter can help you here.
See: http://netfilter.org/projects/ulogd/index.html

Thanks,
Jaap

References:
- [Wireshark-dev] How to push packets into libpcap (Linux) ?
  - From: Ori Finkelman

Prev by Date: [Wireshark-dev] buildbot failure in Wireshark (development) on Windows-7-x64
Next by Date: Re: [Wireshark-dev] somewhat misleading error messages in -K option processing
Previous by thread: [Wireshark-dev] How to push packets into libpcap (Linux) ?
Next by thread: Re: [Wireshark-dev] How to push packets into libpcap (Linux) ?
Index(es):
- Date
- Thread