Wireshark · Wireshark-dev: Re: [Wireshark-dev] Programming against WireShark pcap processing engine

Wireshark-dev: Re: [Wireshark-dev] Programming against WireShark pcap processing engine

From: Abhik Sarkar <sarkar.abhik@xxxxxxxxx>

Date: Wed, 9 Mar 2011 10:48:27 +0400

How about exporting the captures to PDML format and then parsing the output XML in Java? I know it is CPU intensive and the PDML files could become quite large, but each layer (SMIL/images etc) would appear as separate entities and by doing some searching you might be able to extract what you want.

You could first use Wireshark to export to PDML file just to see the format and understand if it is worth it. Then you can call tshark later to do the conversion for you automatically.

HTH,
Abhik

On Tue, Mar 8, 2011 at 7:02 PM, Per Steffensen <steff@xxxxxxxxxxxxx> wrote:

No one? Really?

The important part is not that I have to use java. Any input on how to program against the WireShark pcap processing engine is very welcome, no matter the language. I will make the java wrapper myself.

Regards, Steff
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

References:
- Re: [Wireshark-dev] Programming against WireShark pcap processing engine
  - From: Per Steffensen

Prev by Date: Re: [Wireshark-dev] Portable Linux Wireshark with custom dissectors - possible ?
Next by Date: Re: [Wireshark-dev] Different wireshark behaviour on Linux as on Windows
Previous by thread: Re: [Wireshark-dev] Programming against WireShark pcap processing engine
Next by thread: [Wireshark-dev] Eliminate annoying color filter dialog
Index(es):
- Date
- Thread