Wireshark-dev: [Wireshark-dev] Simple sniffer using wireshark's code

From: José María Polvorosa Amor <jospolamo@xxxxxxxxxxx>
Date: Wed, 29 Aug 2007 11:24:34 +0000
Hello everybody!
First of all, Apologize for the inconvenience, I know there'll be people who don't mind my doubts.
Well, I'm a student and for my final project my tutor decided to do a kind of sniffer. Particularly, I have a net with four PCs, each one with 5 ethernet cards. All PCs have internet access (using 1 net card) and the rest of the cards will conect themselves with a non-specified way.
The target of this project is to obtain network features from each ethernet interface, like throughput, timers, payload and so on; the problem is that it's not for a protocol (tcp, udp or whatever port) but an application (protocols like http, ftp, so on).
I programmed a simple sniffer using libpcap: it's able to show network address, network mask, TCP's payload (then with a timer I guess I'll be able to obtain throughput) and maybe filter traffic to or from a specific port.
I'm still learning how it works, so my tutor suggested I could get information about Wireshark.
My question is: Is it possible to reuse or adapt wireshark source code to use in my project? And if it is, what's the code where the application filter each protocol? Is it possible to obtain network features (using Wireshark) like throughput and payload of a data transfer applying a filter?
The main problem I have is there are a lot of lines of source code. Could anyone help guiding me through this mess as far as possible?
 
Kind regards

Txema

"As gold which he cannot spend will make no man rich, so knowledge which he cannot apply will make no man wise"

 




Consigue el nuevo Windows Live Messenger Pruébalo