Hello out there, I created a kernel probe module and I want to watch the
outputs of this module with pcap/Wireshark. Just like usbmon. So I
defined a char device in the dev-directory /dev/kpnode from which the
pcap interface can read the output of that module. In order to enable
Wireshark to read from this device, I started to place a handler
function into libpcap:
In pcap.c I put in
#ifdef PCAP_SUPPORT_KPNODE
#include "pcap-kpnode.h"
#endif
and later:
#ifdef PCAP_SUPPORT_KPNODE
{ kpnode_findalldevs, kpnode_create },
#endif
further down:
#ifdef PCAP_SUPPORT_KPNODE
|| strstr(device, "kpnode") != NULL
#endif
The functions kpnode_findalldevs and kpnode_create are in my files
pcap-kpnode.c and pcap-kpnode.h. They are not finished yet but the
subject of this mail is for now, how to connect these functions into
libpcap and Wireshark so that they are evoked if a device /dev/kpnode
emerges.
Further I added an entry to configure.ac: AC_DEFINE(PCAP_SUPPORT_KPNODE,
1, [target host supports Linux kpmode])
Im not sure if editing the autoconf input file is too much, because I
don't want to commit my changes to other platforms, it's just a small
project of my own. But there are also some entries for USBMON in e.x.
CMakeList.txt and more. After execution of the configure script I put
manually my files into the EXTRA_DIST list.
But so far, when I build the pcap library not even the symbol kpnode
appears in the binary but there is an object file of my handler file
pcap-kpnode.c. So my changes are not in the library. I use the master
branch sources of last week and gcc version 11.2.0 of Debian testing.
What did I miss to integrate my handlers into pcap library?
Thank you in advance
BR /Christian