Re: Adding a new data source

[Akos Vandra <axos88 () gmail com>]

Thanks for this info, I'll take this discussion to the mentioned list then.

Ákos

On 3 December 2011 19:02, Guy Harris <guy () alum mit edu> wrote:
> On Dec 3, 2011, at 9:40 AM, Akos Vandra wrote:
>
> > So in order to support a new data source only libpcap should be
> > modified?
>
> Ideally, yes.
>
> > I have no experience with it, so I'm not sure how wireshark
> > and libpcap are interfaced... Does libpcap offer a list of available
> > capture source for wireshark,
>
> Yes - that's pcap_findalldevs().
>
> > so it can use a new capture source
> > without any modification to wireshark?
>
> Yes.
>
> > In this case the libpcap developers would be more able to help me get started...
>
> Yes.  Join tcpdump-workers () tcpdump org:
>
>        http://www.tcpdump.org/#mailing-lists
>
> (it's a fairly low-volume list) and ask about it there.  Give details of your new packet source, including the OSes 
> on which it should be supported and the link-layer header type (if it's not one of the ones described at
>
>        http://www.tcpdump.org/linktypes.html
>
> you'll need a new link-layer header type value no matter *how* it's to be supported in Wireshark).
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe