This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Using dumpcap without installing Wireshark

0

I learned here about the utility DumpCap to get the right ip on which Wireshark is actually captures(the syntax is DumpCap -D -M, thanks Kurt). I want to deploy it inside my open source application but if there is a better alternative I'd be very happy, since it demands to deploy all the dll's that come with Wireshark(Wireshark itself is not deployed but WinPcap does) Can someone direct me regarding and alternative? Thanks in advance I. Lesher

asked 06 Aug '12, 01:04

triplebit's gravatar image

triplebit
1777
accept rate: 0%

I want to deploy it inside my open source application

do you want to capture packets in your application or just let it print the IP addresses (dumpcap -D -M)?

(06 Aug '12, 05:49) Kurt Knochner ♦

Thanks Mr. Kurt I want it just to print the IP addresses. Regards I. Lesher

(07 Aug '12, 11:09) triplebit

I want it just to print the IP addresses

then running one of these commands would be the easiest way:

ipconfig /all | find "address"
netsh interface dump | find "address="

Available on all windows systems >= WinXP, no need to install any libraries.

Then parse the output to extract the ip addresses.

(07 Aug '12, 12:14) Kurt Knochner ♦

One Answer:

0

Then the "better alternative" might be to just use, in your application, the same WinPcap calls that dumpcap uses (I say "WinPcap" because you say "dll's" rather than "shared libraries" or "so's" or ".so's", so you're presumably doing this on Windows).

The call is pcap_findalldevs(), and it returns a list of network interfaces and, for each interface, the list of IPv4 and IPv6 addresses for the interface; here's the WinPcap documentation for it.

answered 07 Aug '12, 11:38

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%