On 3 okt 2010, at 01:08, Guy Harris wrote:
> On Oct 2, 2010, at 3:32 PM, Sake Blok wrote:
>
>> Ah... thank you for pointing me to capture-wpcap.c, I was not aware of the intermediate layer to WinPcap.
>
> Yes - we load WinPcap at run time; that dates back to before we bundled it with Wireshark, so we could ship a single binary that worked, without capture support, if you didn't have WinPcap installed and that worked, with capture support, if you did. capture-wpcap.c is a bunch of wrappers that call through pointers fetched from the run-time-loaded WinPcap.
I was able to make things work for "pcap_open_dead", but when trying to do the same for "bpf_image", I still run into problems at the linking stage where "bpf_image" can not be found. I checked the WinPcap header files and bpf_image is there.
Am I missing a link here?
> Note, BTW, that older versions of libpcap have neither pcap_compile_nopcap() nor pcap_open_dead(). I can dig up the full history (I have the impression that some versions of NetBSD have a pcap_compile_nopcap() with an extra argument, for example) at some point.
Hmmm... do we need to define "HAVE_PCAP_COMPILE_NOPCAP" and check for it? Or can we safely assume it's there in all supported platforms?
Cheers,
Sake
