This is our old Q&A Site. Please post any new questions and answers at

Looking for best way to convey my application's IPv6 packets in real-time to Wireshark. My application does not Tx/Rx packets on a conventional network or network interface that Wireshark can easily sniff. It would for example, be great to output my packets to a UDP socket that I can tell Wireshark to listen on. I feel that so many developers must have had this need, that Wireshark includes built-in support for this in some way.

asked 28 Jul '17, 17:19

mikegrobler's gravatar image

accept rate: 0%

You have two basic options:

  • on *n*x systems, you can send the UDP packets to the lo inteface and capture there (and if you choose a nice source and destination port and set a corresponding capture filter, you even won't be bothered by other traffic which exists on lo). On Windows, you need to install npcap to be able to capture at lo interface.
  • or you can encapsulate the packets in your application as pcap and feed Wireshark through an input pipe. Just remember you have to send the pcap header once, before the very first packet.
permanent link

answered 28 Jul '17, 22:38

sindy's gravatar image

accept rate: 24%

edited 28 Jul '17, 22:39

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 28 Jul '17, 17:19

question was seen: 1,796 times

last updated: 28 Jul '17, 22:39

p​o​w​e​r​e​d by O​S​Q​A