Wireshark-dev: [Wireshark-dev] Use Tshark as shared library

From: "Gupta, Pavan" <pgupta@xxxxxxxxxxxxxxxxxxx>
Date: Fri, 28 Mar 2008 14:42:03 +0530

Hi,

I am a newb to wireshark. We want to use Tshark for one of our projects in following way:

 

  1. Create a packet file in pcap format.
  2. Call a function in Tshark giving the pcap file as input.
  3. Tshark will dissect the contents of pcap file.
  4. Take the output form Tshark function in form of a buffer and then go on to use that information.

 

I would appreciate if someone can answer the following questions:

 

  1. Is it possible to create a .so (shared library) for Tshark so that a function giving input in pcap file format could be called from the shared library.
  2. If answer to above question is yes, which source files should I look at? Do you know the entry point in this case?

 

I have downloaded Wireshark code, but am unable to build it on x86 Solaris platform. I tried first running autogen script but it complains of having incorrect automake version. Are the following steps correct to build Wireshark:

1. Execute autogen script

2. Run configure

3. make

 

I appreciate for your time and help.

Thanking You.

Regards,

Pavan

 

 

"This email message and any attachments are confidential information of Starent Networks, Corp. The information transmitted may not be used to create or change any contractual obligations of Starent Networks, Corp. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this e-mail and its attachments by persons or entities other than the intended recipient is prohibited. If you are not the intended recipient, please notify the sender immediately -- by replying to this message or by sending an email to postmaster@xxxxxxxxxxxxxxxxxxx -- and destroy all copies of this message and any attachments without reading or disclosing their contents. Thank you."