Hi Emmanuel (thanks for the insight on the French way to using first and
last names, BTW ;-) )
On 09/06/2010 07:49 PM, Emmanuel Thierry wrote:
[...]
I have understood Guy's considerations about my bad use of wireshark.
Unfortunately, I couldn't refactor the whole wrapping few days before
the project delivery. However, I'd like some details about Guy's
proponal. Considering that I passed only the application layer part
of the packet, should I create a fake frame type with no layer 2, 3,
nor 4 headers ?
I'd like to know more about this too even though I have yet to
call_dissector_only() directly ;-)
Moreover, my current use of libwireshark permits to my app to link to
a 1.2 version of Wireshark without the need of modifying it. This is
a very important property for its use in an external program. We
should document a reliable and clean way to do this.
Yup, having a document on how to use the epan API would be nicer than
having to look at the source ;-)
This topic is linked with the "independent epan" debate. During this
project, I realized that there were some limitations for making an
independent dissecting library.
Could you elaborate on this; what limitations did you find?
I plan to compare with the latest
version (I have built my project on the 1.2).
There were very few changes from 1.2 to 1.4 from an external application
point of view. I'm happy to compare notes once you're done to make sure
we both didn't miss anything.
I know that this is not the priority for the project, but can the
team accept to organize a work group on this subject ? Is the team
interested in that some members study this point ? I would be glad to
share my uncommon but successful experience.
I think the first thing you and I can do to help is to write a
README.api or similar (like on the Wireshark wiki) that helps others
attempting to write an external application that uses libwireshark services.
Cheers,
Eloy Paris.-
netexpect.org
