I have a 2 questions- 1. I need to a write a C program through which I need to monitor the network packets of the Tshark, in the LINUX. How could I do this?? 2. Is it possible to monitor the rate at which the packets are flowing in the network, if yes how could I do this. Please answer these questions. asked 26 Jun '13, 18:03  rahuulbp |
One Answer:
Wireshark (and tshark) are packet analysers, not network traffic monitors. You are probably looking at the wrong tools for your task. answered 27 Jun '13, 02:25  grahamb ♦ |
Yes i understand, but I need to count the number of packets from the terminal window in the tshark and write a C program accordingly. My question is how can we count the number of packets of the tshark and connect/map that to the C program.
Have a look at dumpcap. That outputs the packets seen as a count and unlike tshark won't run out of memory if capturing for an extended length of time.
I guess your C program could spawn dumpcap and grab the stdout to inspect the packet count.