Re: Its possible to build and run wireshark from IDE

[Guy Harris <guy () alum mit edu>]

On Nov 8, 2018, at 12:52 AM, Dario Lombardo <lomato () gmail com> wrote:

> On Wed, Nov 7, 2018 at 5:39 PM Tomer Bar <tomer.turmanbar () gmail com> wrote:
> > i want to expose the validation of the display filter and use it like service?
> > any idea?
>
> Do you want to do it programmatically (I mean you have a C code and you want to link with wireshark in some way) or 
> can you do it running binary tshark?
> If the latter, you can run "tshark -Y FILTER" and check the return code. 2 means error in the filter. You need 
> something more that that, but it may be a starting point.

Or use "dftest FILTER" - redirect its standard output and error to the null device (/dev/null on UN*X or NUL: on 
Windows), and check the exit status - again, 2 is an error, 0 is no error:

        $ build/run/dftest 'not a valid filter' >/dev/null 2>&1
        $ echo $?
        2
        $ build/run/dftest 'ip.addr == 127.0.0.1' >/dev/null 2>&1
        $ echo $?
        0
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe