Maria de Fatima Requena wrote:
Does anyone know where (which files) is the code for telling skinny packets apart
I.e., the code that recognizes that a given packet is a Skinny Client
Control Protocol packet?
That's dissect_skinny() in epan/dissectors/packet-skinny.c.
and for the capture of packets in general?
The capture code is in dumpcap.c. It's compiled into a program called
dumpcap, along with some other source files; both Wireshark and TShark
run that program to do capturing. (That way, if the code that does
capturing has to run with privileges, Wireshark and TShark themselves,
with their 1.5 million lines of dissector code, don't have to run with
privileges, so if there's a vulnerability in them, the damage they can
do is limited.)