This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Write to file from Dissector

0

I'm trying to print a specific data inside my Wireshark Custom Dissector to a file that I can upload to a different program. I tried opening and writing to a data using fopen and fprintf but Wireshark crashes when I upload my captured packet it crashes. Is there any way I can write a print-to-file function inside a custom dissector?

asked 06 Aug '15, 14:40

J1Ronnie's gravatar image

J1Ronnie
11226
accept rate: 0%


One Answer:

0

OS and Wireshark version?

There are platform independent file I/O routines in wsutil\file_util that might be handy.

Arguably though, writing to a file in a dissector is not a good idea, it will slow down dissection and live captures. Maybe it should be driven from a user generated action, e.g. a menu option.

answered 07 Aug '15, 01:20

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

Yes, look into using a tap for that.

(07 Aug '15, 05:31) Jaap ♦