Re: Custom link layer type for logging additional data

[Guy Harris <guy () alum mit edu>]

On Nov 26, 2014, at 11:43 PM, Michal Labedzki <michal.labedzki () tieto com> wrote:

> How about use "LINKTYPE/DLT WIRESHARK_UPPER_PDU"? With this one
> (+extcap) "wiretap" is complete replacement of libpcap ("Wiretap is a
> library that is being developed as a future replacement for
> libpcap" - wiretap/README).

The README is out of date.

I will update it to indicate that

        1) it is not intended to replace libpcap's capture support (and it contains no capture support, so it's *not* a 
complete replacement for libpcap; extcap will allow a program to capture traffic and supply it to dumpcap and thus to 
Wireshark/TShark, but that doesn't help other programs, and that program would still either have to call libpcap or 
duplicate libpcap's functionality itself)

and

        2) it's an alternative library for *reading and writing* capture files, but is currently only useful for those 
who don't care whether the API or ABI is stable (wiretap's API and thus ABI is still under development) and don't care 
whether the library is GPLed or not (libpcap is under the BSD license, wiretap is GPLed).

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe