Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] wiretap - using as a library rather than coupled with Wiresh

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Tim Furlong <dev.null.2007@xxxxxxxxx>
Date: Fri, 27 Nov 2015 10:09:01 -0500
Sorry if I'm just missing something, but would editcap itself do the job?  

editcap <in.pkt> <out.pcapng>

should read your Wildpackets file and produce a pcapng file; add a "-F pcap" for pcap format instead.

Can't speak to performance, but I'd be surprised if editcap were significantly slower than libwiretap itself for a straight read and write - but I've been surprised before.

Now, if you were looking to use the API from another program, that's a different problem - but your email said 'on the command line', so figured it was worth mentioning.

Depending on what you're doing, Wireshark itself might be a fairly large dependency for your purposes, but it'd probably be a lot easier to manage than a bespoke package (depending on what your OS and configuration infrastructure looks like) - possibly as simple as just adding 'wireshark' to a manifest/recipe/etc.).  If the size is critical, you could also play around with the build options in Wireshark to see if you can just build editcap and see what the end result looks like - but then you're back to packaging it yourself.

-Tim

On Thu, Nov 26, 2015 at 12:30 AM, Richard Kinder <rkinder@xxxxxxxxxxxxx> wrote:

Hi all,

 

I’m looking at making a small tool to translate .pkt files (Wildpackets, specifically the wireless traces) to pcap/pcapng format on the command line, and it seems wiretap is one of the few options available online.

 

Question: Can the library be built independently of Wireshark?

 

Thanks in advance for your time!

 

Regards,

Richard



This email, including its contents and any attachment(s), may contain confidential information of Quantenna Communications, Inc. and is solely for the intended recipient(s). If you may have received this in error, please contact the sender and permanently delete this email, its contents and any attachment(s).

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe



--
Tim Furlong
tim.furlong@xxxxxxxxx
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube