Thanks for this info, I'll take this discussion to the mentioned list then.
Ákos
On 3 December 2011 19:02, Guy Harris <guy@xxxxxxxxxxxx> wrote:
>
> On Dec 3, 2011, at 9:40 AM, Akos Vandra wrote:
>
>> So in order to support a new data source only libpcap should be
>> modified?
>
> Ideally, yes.
>
>> I have no experience with it, so I'm not sure how wireshark
>> and libpcap are interfaced... Does libpcap offer a list of available
>> capture source for wireshark,
>
> Yes - that's pcap_findalldevs().
>
>> so it can use a new capture source
>> without any modification to wireshark?
>
> Yes.
>
>> In this case the libpcap developers would be more able to help me get started...
>
> Yes. Join tcpdump-workers@xxxxxxxxxxx:
>
> http://www.tcpdump.org/#mailing-lists
>
> (it's a fairly low-volume list) and ask about it there. Give details of your new packet source, including the OSes on which it should be supported and the link-layer header type (if it's not one of the ones described at
>
> http://www.tcpdump.org/linktypes.html
>
> you'll need a new link-layer header type value no matter *how* it's to be supported in Wireshark).
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
