so basically i have written a tool,and what it does is 1- capture the packets,write this into a file, initialize epan module 2- open the file using pcap_open_offline(...), then call pcap_loop(...)and in handler function for this apply read filter(for any identity present in request message) on it, call dissection utilities. 3- go to print the packet data, extract message_id. 4- now open the file again using pcap_open_offline() then call pcap_loop() and in handler function, apply this message_id as read filter to print both request and response(req and res have same message_id),call dissection utilities. 5- go to print the output. now i have this network, messages coming at approx rate of 5k per sec., and this application is taking too much time to print for any identity corresponding to read_filter.how to optimize it, as i have seen,wireshark doing same stuff, capturing then applying read_filter to print the desired output. asked 17 Jun '13, 13:27  Sanny_D |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
