On Jun 5, 2014, at 11:34 AM, Javi Gallart <jgallart@xxxxxx> wrote:
> I started this thread some months ago : http://www.wireshark.org/lists/wireshark-users/201310/msg00001.html. According to it, usage of Lua scripts is not suitable for continuous packet capture, dumpcap is recommended for that. Does the same hold for a C application that captures network data and used libwireshark (as nextexpect does) for packet dissection?
Yes - the Lua support isn't the only part of the Wireshark dissection engine that allocates persistent data structures.
(Note that even *tcpdump*, if you're capturing-and-printing rather than capturing-and-writing-to-a-file, will, by default, allocate persistent data structures to, for example, print relative sequence numbers for TCP.)
