Wireshark · Wireshark-commits: [Wireshark-commits] Fwd: How does wireshark filter packets

Wireshark-commits: [Wireshark-commits] Fwd: How does wireshark filter packets

From: Wenfei Wu <wenfeiwu@xxxxxxxxxxx>

Date: Tue, 29 Jan 2013 16:20:41 -0600

maybe I should send it here.

---------- Forwarded message ----------
From: Wenfei Wu <wenfeiwu@xxxxxxxxxxx>
Date: Tue, Jan 29, 2013 at 3:39 PM
Subject: How does wireshark filter packets
To: wireshark-dev@xxxxxxxxxxxxx

Hi, all,

I want to know how wireshark use the filter _expression_ to filter packets. Does it parse the packet first, and then use the filter _expression_ to check? If so, is there some intermediate data structure to store the filter _expression_? What is the algorithm?

Is there some materials about this?

Regards,

Wenfei Wu

Prev by Date: [Wireshark-commits] rev 47360: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-sna.c
Next by Date: [Wireshark-commits] rev 47361: /trunk-1.8/tools/ /trunk-1.8/tools/: git-compare-abis.sh
Previous by thread: [Wireshark-commits] rev 47360: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-sna.c
Next by thread: [Wireshark-commits] rev 47361: /trunk-1.8/tools/ /trunk-1.8/tools/: git-compare-abis.sh
Index(es):
- Date
- Thread