Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Programmatic single packet dissection

From: "Noam Dev" <noamdev@xxxxxxxxx>
Date: Tue, 1 May 2007 19:20:59 +0200
Hi,

I'm not sure if this should go in wireshark users or developers mailing lists, but i think that this is the right one.
I'm trying to create an extension to wireshark that will allow packet based dissection.

I want to create a class that can initialize the dissectors once, and then receive a data chunk of a single packet and return the XML of the dissected packet.
This is similar to Tshark.exe, but it can not receive single packets, just complete dump files (and it has to init dissectors per run).

I am pretty clueless as to where to start looking in order to do this. Could someone point me to the right direction (like, which API calls do i need to do in order to have an initialized environment, etc).

Thanks!