I'm creating a module for Wireshark and have the first parts of the module all setup where my module looks at the current ongoing TCP connections. The next part of the module will allow the user to analyse an individual connection, for example, see all packets which are part of that connection. I was wondering if there were any functions/classes which are available to me which could be called to help with this. To be more specific if I had a source IP address and destination IP address is there any way in which to get data on all the packets in that conversation and allow me to print them to a dialog box? Please let me know if I have not made things entirely clear. Any help would be much appreciated! asked 26 Jan '17, 13:00  ModuleMan edited 26 Jan '17, 13:19 |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
Hi, Could you tell us more about how you are writing this module? Is it a C plugin or a LUA plugin?
Best regards...Paul
Hi Paul,
I am using C++ for the GUI and I have been implementing the existing GUI methods available to me so far to get a conversation item which the user selects (conv_item_t - similar to the way conversation_dialog.cpp allows filters to be selected).
Kind regards, ModuleMan