On Mar 9, 2007, at 1:51 PM, MKS {} wrote:
I have a protocol decode libraray for a protocol I have written in
C. This parses the packet stream and decodes packets.
I wanted to use the UI and packet capture capabilities of Wireshark
to capture packes and display the messages. I wasn't interested in
the wireshark API's for parsing the data. Has anyone done this before?
Probably not, given that libwireshark is designed to, well, support
Wireshark, which is a network analyzer, and, well, decodes packets.
I would *VERY STRONGLY* suggest that if you want to use Wireshark to
parse your protocol, you write a Wireshark-style protocol decoder for
it, rather than trying to stuff into Wireshark a protocol decode
library whose decoders don't work the way Wireshark decoders do.
I.e., the code to display decoded packets in Wireshark assumes a
Wireshark protocol tree was built, so all protocol decoders for
Wireshark have to build a protocol tree.