Hi,
I don't wish to change wireshark. As far as I know, dumpcap and wireshark process run separately on linux...I feel same would be happening on windows too.
I don't know how the output from dumpcap goes to wireshark. I wish to replace dumpcap with my utility and want wireshark to decode the byte stream on run-time.
I don't wish to change the code of wireshark.
-satish
On Fri, Jun 5, 2009 at 12:43 AM, Guy Harris
<guy@xxxxxxxxxxxx> wrote:
On Jun 4, 2009, at 11:47 AM, Satish Chandra wrote:
> I wish to send my own byte stream to wireshark to decode instead of
> it getting from the wtap driver on the runtime.
>
> Can anyone suggest me the way to do it.
>
> I feel there is some point where wtap driver sends the packets to
> wireshark for decoding, I wish to use that point and send my own
> captured byte stream on runtime.
>
> Please inform if the problem is not clear.
Are you trying to change Wireshark to be able to do a live capture of
packets from some source not currently supported by libpcap/WinPcap,
or are you trying to change Wireshark to be able to read a file
containing packets that have already been captured?
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
--
Satish Chandra