Re: Regarding wireshark design

[Richard Sharpe <realrichardsharpe () gmail com>]

On Thu, May 10, 2012 at 4:28 AM, Singh, Anand <Anand.Singh () landisgyr com> wrote:
> Hi,
>                Can you please let me know how does it talk with raw packets. Is it using existing
> TCP stack or is it directly communication with lower level drivers like phy/Mac layer. &
> Where do I find that code section where we accessing raw buffers.

Sigh. It is all in the documentation.

If we are capturing off the wire, then I believe that it uses
dumpcap.c and does not talk to packet sockets or anything like that.
It actually links to libpcap.

-- 
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe