Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Using wiretap library in a project

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Evan Huus <eapache@xxxxxxxxx>
Date: Thu, 3 Jan 2013 12:08:10 -0500
My understanding is that the libpcap interface hasn't changed at all -
as long as you have a recent version of the libpcap library your
existing code should 'just work' for pcap-ng files as well.

On Thu, Jan 3, 2013 at 11:25 AM, Neagaru Daniel <neagarudan@xxxxxxxxx> wrote:
> Yes, it would be a solution, since I didn't find anything related to pcap-ng
> in pcap(3) documentation, I thought pcap-ng is not supported yet. Where can
> I find the recent documentation regarding pcap-ng?
>
>
>
> On 01/03/2013 05:33 PM, Evan Huus wrote:
>>
>> Libpcap has limited support for pcap-ng files since version 1.1.0, and
>> solid support since 1.2.1. Is upgrading to a recent libpcap version a
>> possibility?
>>
>> If not then you should still be able to link against the wiretap
>> library and read in each packet that way.
>>
>> Cheers,
>> Evan
>>
>> On Thu, Jan 3, 2013 at 11:06 AM, Neagaru Daniel <neagarudan@xxxxxxxxx>
>> wrote:
>>>
>>> Hello!
>>>
>>> I am working on a C project, which uses the libpcap library to open the
>>> capture files. Due to wireshark's migration to pcap-ng, most of the
>>> capture
>>> files users give me, are pcap-ng format, so I can't use my code anymore,
>>> without converting every pcap-ng to libpcap. Other capture formats except
>>> pcap-ng and libpcap most probably won't be used, so I wanted to ask, is
>>> there any way to convert the format from the code, without the system()
>>> call
>>> to editcap? Or just open it as a simple libpcap file for further
>>> processing?
>>>
>>> Cheers,
>>> Daniel
>>>
>>> ___________________________________________________________________________
>>> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
>>> Archives:    http://www.wireshark.org/lists/wireshark-dev
>>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>>
>>> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>>
>>
>> ___________________________________________________________________________
>> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
>> Archives:    http://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>
>> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube