Wireshark-dev: Re: [Wireshark-dev] get some information to develop a new protocol

From: Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx>
Date: Fri, 17 Sep 2010 10:40:21 -0600
On Fri, Sep 17, 2010 at 09:14:07AM +0100, Tyson Key wrote:

> P.S. I neglected to mention in my previous e-mail that there's a 
> *dbus-monitor *utility which listens on either the system bus, or the 
> session bus and dumps a textual copy of traffic to the shell. You 
> might want to reverse-engineer the mechanisms used by that for 
> capturing, and re-implement them in LibPCap or a custom application.

Another option is to add wiretap funtionality to Wireshark for that file 
format.  Some of the capture file formats Wireshark supports are text 
files instead of binary like pcap.