Wireshark-dev: Re: [Wireshark-dev] Using wiretap library in a project

From: Neagaru Daniel <neagarudan@xxxxxxxxx>
Date: Thu, 03 Jan 2013 17:25:35 +0100
Yes, it would be a solution, since I didn't find anything related to pcap-ng in pcap(3) documentation, I thought pcap-ng is not supported yet. Where can I find the recent documentation regarding pcap-ng?


On 01/03/2013 05:33 PM, Evan Huus wrote:
Libpcap has limited support for pcap-ng files since version 1.1.0, and
solid support since 1.2.1. Is upgrading to a recent libpcap version a
possibility?

If not then you should still be able to link against the wiretap
library and read in each packet that way.

Cheers,
Evan

On Thu, Jan 3, 2013 at 11:06 AM, Neagaru Daniel <neagarudan@xxxxxxxxx> wrote:
Hello!

I am working on a C project, which uses the libpcap library to open the
capture files. Due to wireshark's migration to pcap-ng, most of the capture
files users give me, are pcap-ng format, so I can't use my code anymore,
without converting every pcap-ng to libpcap. Other capture formats except
pcap-ng and libpcap most probably won't be used, so I wanted to ask, is
there any way to convert the format from the code, without the system() call
to editcap? Or just open it as a simple libpcap file for further processing?

Cheers,
Daniel
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe