Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Wireshark newbee

From: Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx>
Date: Mon, 24 Oct 2011 11:49:32 -0600
On Mon, Oct 24, 2011 at 12:44:47PM -0500, vijay wrote:

> I am looking for some information on how Wireshark uses libpcap to 
> capture the packets and dissects it i.e, the complete process from 
> packet capture from the network to displaying to the user. I searched 
> for such a resource for some time now but couldnt find one. If some 
> one knows of such a material could you pls provide me the link.

Here is an overview from the developer's manual:

http://www.wireshark.org/docs/wsdg_html_chunked/ChWorksOverview.html

For more details, review the developer's guide, doc/README.developer in 
the source code and most importantly, the source code itself.