ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Ethereal-dev: [Ethereal-dev] Re: [Ethereal-users] wiretap library

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <guy@xxxxxxxxxx>
Date: Tue, 16 Oct 2001 13:43:54 -0700 (PDT)
(This is arguably a development question rather than a user question, so
I'm replying to ethereal-dev.)

> I am thinking of using wtap in order to decode generic sniffer module trace 
> files that contain data that winpcap cannot handle in an application I've 
> developed.
> 
> I was wondering if wtap can be used in applications other than ethereal,

It's used in editcap, but that's distributed as part of Ethereal, it's
not an independent application.

It could, in theory, be used in applications not bundled with Ethereal;
note, however, that we do not guarantee that the API won't change in
future releases (and we might not make any such guarantee unless and
until we release it as a package separate from Ethereal itself).  If you
use it yourself, you take upon yourself the burden of updating your
application if the API changes.

> and if anyone has attempted that.

I know of nobody who has done so.

> Also I would really like to know if the callback function for wtap_loop()has 
> to be declared as extern

No - it can be static to the function that calls "wtap_loop()".

> and if it has to be in C and not a C++ method like 
> the one needed for pcap_loop().

If "wtap_loop()" looks like "pcap_loop()", be assured that this is not a
coincidence - we modeled it after "pcap_loop()", to some degree.

Both it and "pcap_loop()" are written in C, and are incapable of making
C++ method calls.  They can call any function that behaves like a C
function of type

	void (*)(u_char *, const struct pcap_pkthdr *, const u_char *)

and

	void (*)(u_char*, const struct wtap_pkthdr*, long,
	    union wtap_pseudo_header *pseudo_header, const u_char *)

respectively; a C++ method can be called only if it has the *EXACT* same
*binary* calling sequence, and I rather doubt that's the case for any
C++ compiler.

I.e., the answer is almost certainly "yes, it has to be in C", and it
couldn't be otherwise.

You would have to have an ordinary C++ function with that calling
sequence (assuming that a C++ function would have the same binary
calling sequence as a C function with the same type) somehow invoke the
method.

Another alternative is to just use "wtap_read()", rather than having a
loop with a callback function.  You might, however, have to modify
"wtap.h" to have 

	#ifdef __cplusplus
	extern "C" {
	#endif

		...

	#ifdef __cplusplus
	}
	#endif

wrappers around it.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube