Wireshark mailing list archives
Re: About Wiretap Library
From: Guy Harris <guy () alum mit edu>
Date: Mon, 26 Apr 2010 14:36:02 -0700
On Apr 26, 2010, at 1:24 PM, p2m p2m wrote:
I need to capture iSCSI packets (using tshark) and then open the capture files and get the data I need using a dissector to analise it.
Wireshark's capture files are in pcap format, so libpcap/WinPcap can also be used to read the raw packet data. libpcap/WinPcap are documented, and have a standard stable API for reading capture files, unlike Wiretap, whose API is subject to incompatible change. Note that libpcap/Winpcap *AND* Wiretap both just give you raw packet data; they do not do *any* dissection. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- About Wiretap Library p2m p2m (Apr 26)
- Re: About Wiretap Library Stephen Fisher (Apr 26)
- Re: About Wiretap Library p2m p2m (Apr 26)
- Re: About Wiretap Library Guy Harris (Apr 26)
- Re: About Wiretap Library p2m p2m (Apr 27)
- Re: About Wiretap Library p2m p2m (Apr 26)
- Re: About Wiretap Library Stephen Fisher (Apr 26)