This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Resently, i want to develop a software just like wireshark. but i do not have much knowledge about GTK/PYTHON, i am a windows user. I wonder to know how thoese technology assemble together in wireshark. i want to do this in VS2010 and use sharppcap, but there is not much parse, can some one give me some advice about how to develop such a software in windows? thanks very much.

This question is marked "community wiki".

asked 07 Mar '11, 06:46

underwater0909's gravatar image

underwater0909
1111
accept rate: 0%


If you want to write something just like Wireshark, the first thing to do is to find enough time to write about 2.8 million lines of code. You might be able to reduce the number of lines of code to write if you develop code to read protocol description languages such as ASN.1, one of the DCE RPC interface description languages (OSF's IDL, Microsoft's MIDL, or Samba's PIDL), rpcgen, and perhaps a language for protocols not natively described in such a language, and dissect those protocols by reading a description of the protocol.

I.e., writing software "just like Wireshark" is not an easy task. It would take many pages worth of answer here just to give you enough advice to be useful at all. The GUI part is probably one of the easier parts - there may be a lot of code to write, but it's probably pretty mechanical. Writing code to dissect packets and to display the results is the hard part.

permanent link

answered 07 Mar '11, 18:24

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×4
×1

question asked: 07 Mar '11, 06:46

question was seen: 2,665 times

last updated: 07 Mar '11, 18:24

p​o​w​e​r​e​d by O​S​Q​A