Wireshark · Wireshark-dev: Re: [Wireshark-dev] How to capture original packet ?

["Maynard, Chris" <Christopher.Maynard@xxxxxxxxx>]

Shunra also offers some excellent products, but I recall them being rather expensive. (http://www.shunra.com/products)
 
Most of the time I simply use Nistnet for this purpose though: http://www-x.antd.nist.gov/nistnet/ <http://www-x.antd.nist.gov/nistnet/> .  It's free.
- Chris


________________________________

From: wireshark-dev-bounces@xxxxxxxxxxxxx on behalf of Lars Ruoff
Sent: Thu 10/11/2007 5:26 AM
To: 'Developer support list for Wireshark'
Cc: 'jayesh agrawal'; sanjay.raghani@xxxxxxxxx; 'Kartik Nibjiya Studyin .... Wat else ???'
Subject: Re: [Wireshark-dev] How to capture original packet ?



Hello Vivek,

Maybe you're mxing up some things.
From what you write I conclude that what you actually might want to do is
"intercept" (=prevent that it is receptioned on a higher layer) a packet,
rather than just "capture" (=get a copy of its content) it.
If so, then Wireshark is not the tool to do it.
And I doubt that there is any tool for doing this easily.
If you want a machine that stands in a transmission path and adds delay (or
other perturbations) to packets, then what you need is probably a PC with
two network interfaces, capturing from one, applying the perturbation and
then playing back onto the other.
Some comercial solutions based on this principle exist: Netdisturb, Internet
Simlulator, ...

Regards,
Lars Ruoff


        On 10/11/07, Vivek Satpute <vivekonline86@xxxxxxxxx> wrote:

                Respected Sir/Madam,
               
                I am student of Pune University, doing project on WAN
Emulator.
               
                I have following query :
                wireshark uses the libpcap library which gives the copy of
packet.
                So, How to capture the original packet at data link layer or
network layer ?
               
                We want to experiment the behavior by adding delays to those
packets, and
                that is why we want the actual packet and a copy of packet
wont serve purpose.
               
               
                Thanks in advance.
               

                _______________________________________________
                Wireshark-dev mailing list
                Wireshark-dev@xxxxxxxxxxxxx
                http://www.wireshark.org/mailman/listinfo/wireshark-dev
               
               



_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev



-----------------------------------------
This email may contain confidential and privileged material for the
sole use of the intended recipient(s). Any review, use, retention,
distribution or disclosure by others is strictly prohibited. If you
are not the intended recipient (or authorized to receive for the
recipient), please contact the sender by reply email and delete all
copies of this message. Also, email is susceptible to data
corruption, interception, tampering, unauthorized amendment and
viruses. We only send and receive emails on the basis that we are
not liable for any such corruption, interception, tampering,
amendment or viruses or any consequence thereof.