Hello Guys,
I have successfully written a program that uses the Wireshark Lib to
dissect some packets.
The thing is, through the API I was given from my boss, I can only
receive informations from the 3rd layer (IPv4, IPX, ... layer), which
confuses the dissectors, and screws the dissection.
One solution would be to allocate a temporary buffer which would include
my 3rd layer and above, plus a fake header from the 2 bottom layers; but
this would mean that I'd have to allocate memory for every packet... not
really optimized..
Is it possible to use epan_dissect_run() from an upper layer, telling
the library to start dissecting from a packet that has already been
shortened?
Thanks in advance,
Guillaume