Wireshark mailing list archives
Re: Regarding Plugin attachment
From: Guy Harris <guy () alum mit edu>
Date: Wed, 12 Mar 2014 12:56:54 -0700
On Mar 11, 2014, at 10:48 PM, Nilesh Nayak <nileshnayk4 () gmail com> wrote:
But if I set the capture filter as "foo", then I should be able to capture "foo" packets.
No.
If you modify the grammar.y, scanner.l, and gencode.c files in the libpcap/WinPcap source so that it supports a capture
filter of "foo", and matches your packets, and you build {tcpdump, Wireshark, whatever} with that version of
libpcap/WinPcap (or, if it's a dynamic/shared library, install that version of libpcap/WinPcap and have it be the one
that {tcpdump, Wireshark, whatever} uses), you can set the capture filter to "foo" and capture "foo" packets.
You cannot do something in Wireshark for that.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Regarding Plugin attachment Nilesh Nayak (Mar 11)
- Re: Regarding Plugin attachment Peter Wu (Mar 11)
- Message not available
- Fwd: Regarding Plugin attachment Nilesh Nayak (Mar 11)
- Re: Regarding Plugin attachment Hadriel Kaplan (Mar 11)
- Re: Regarding Plugin attachment Nilesh Nayak (Mar 18)
- Re: Regarding Plugin attachment Nilesh Nayak (Mar 18)
- Re: Regarding Plugin attachment Anders Broman (Mar 18)
- Message not available
- Re: Regarding Plugin attachment Peter Wu (Mar 11)
- Re: Fwd: Regarding Plugin attachment Sreejith M M (Mar 12)
- Re: Regarding Plugin attachment Guy Harris (Mar 12)