I would like to use Wireshark library apis to dissect
- Call a function in Wireshark providing the filename or
buffer as input. File/buffer will have data in pcap format. This function
should return me dissected data.
Is there any function that can be called directly? I am trying
to reverse engineer Wireshark (rather tshark) code but its taking time to
understand the finer details. Also, please share the way how I can build my
application that links to Wireshark .so libraries. Looking at tshark code, it
seems load_cap_file( ) function is the function that needs to be called, but
before that some initialization needs to be done (like initializing dissector,
etc.). The libraries that I need to link are libwiretap.so and libwireshark.so.
"This email message and any attachments are confidential information of Starent Networks, Corp. The information transmitted may not be used to create or change any contractual obligations of Starent Networks, Corp. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this e-mail and its attachments by persons or entities other than the intended recipient is prohibited. If you are not the intended recipient, please notify the sender immediately -- by replying to this message or by sending an email to [email protected] -- and destroy all copies of this message and any attachments without reading or disclosing their contents. Thank you."