At work, I currently have an application which uses the libpcap API to do packet sniffing of our internal TCP messages (and to do various things with the data that's sniffed). I am considering converting this application into an application that uses wireshark instead (since the visualization of the data that wireshark provides is great, and since I'd like to take advantage of all of the other capabilities that wireshark provides). My question is: what is the best method to go about this? I see that I can either modify the C code itself or use the lua API. (I know C, and I don't know anything about lua.) I guess I would want to add dissectors, but I would also want to add the capability to trigger an event that would receive packet data and do specific things with that data. (Listener?) I guess the main question is whether to modify the C or use lua...and if you have any other specific advice that would be great. Let me know if you have any other questions about what I'm trying to accomplish. Thanks! asked 11 Aug '11, 16:06 JVo |
One Answer:
Sounds like a dissector and tap listener, although 'trigger an event that would receive packet data' is not all to clear to me. answered 12 Aug '11, 01:42 Jaap ♦ Thanks. Any thoughts on whether to use lua or modify the C++ for dissectors and listeners? (12 Aug '11, 10:31) JVo Lua or C (no C++ (!)), or even python are possible. Think about the most appropriate language for your work, organization and maintainability. I've little experience with Lua of Python in this context; using C, Wiresharks native programming language gives most power. (12 Aug '11, 11:26) Jaap ♦ |
possible duplicate