[Paul Offord <Paul.Offord@xxxxxxxxxxxx>]

Hi Krishnamurthy,

 

Wireshark uses an executable called dumpcap to perform the actual capture.  You can use dumpcap directly from the command line, and as dumpcap doesn’t build the structures that Wireshark builds you won’t have a memory problem.  You can then view the resulting pcapng file with Wireshark in the normal way.

 

You can find more information here - https://community.tribelab.com/course/view.php?id=10 – including a video explaining the use of dumpcap.

 

Best regards…Paul

 

From: Wireshark-dev [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Krishnamurthy Mayya
Sent: 29 January 2018 09:21
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>; guy@xxxxxxxxxxxx
Subject: Re: [Wireshark-dev] One quick question

 

Okay.

So, If I am sending continuos stream of data at the line rate(1gb/s) and if I am using wireshark to capture the content, it will crash after sometime

due to memory exhaustion. Is there any way to bypass this ? (Any free function/some other work around)

Any suggestion from your side would be extremely helpful. Thanks in advcane

 

Regards,

Krishnamurthy mayya

 

 

On Mon, Jan 8, 2018 at 11:05 PM, Guy Harris <guy@xxxxxxxxxxxx> wrote:

On Jan 8, 2018, at 5:29 AM, Krishnamurthy Mayya <krishnamurthymayya@xxxxxxxxx> wrote:

> epan_get_frame_ts
>
> Like the above function, is there any utility function in wireshark which fress the memory allocated for the given frame_num ?

Are you assuming that epan_get_frame_ts() returns a pointer to a freshly-allocated structure that must be freed when the caller no longer needs it?

If so, no, it doesn't.  You do not need to free the structure.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

 

______________________________________________________________________

This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.

Any views or opinions expressed are solely those of the author and do not necessarily represent those of Advance Seven Ltd. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.

Advance Seven Ltd. Registered in England & Wales numbered 2373877 at Endeavour House, Coopers End Lane, Stansted, Essex CM24 1SJ

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________