Wireshark mailing list archives
Re: dumpcap and bpf assembler
From: Sake Blok <sake () euronet nl>
Date: Thu, 28 May 2015 01:26:39 +0200
Hi Richard, I think I misunderstood you then. I thought you were looking for a way to write some assembly/machine code for the BPF pseudo processor. Which of course works only on the content of a packet (link layer data and upwards). I believe that anything the BPF engine can do can be accomplished by using a capture filter expression, but it can turn ugly :-) Cheers, Sake ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- dumpcap and bpf assembler Richard Stearn (May 26)
- Re: dumpcap and bpf assembler Sake Blok (May 27)
- Re: dumpcap and bpf assembler Richard Stearn (May 27)
- Re: dumpcap and bpf assembler Sake Blok (May 27)
- Re: dumpcap and bpf assembler Richard Stearn (May 28)
- Re: dumpcap and bpf assembler Guy Harris (May 28)
- Re: dumpcap and bpf assembler Sake Blok (May 29)
- Re: dumpcap and bpf assembler Richard Stearn (May 27)
- Re: dumpcap and bpf assembler Sake Blok (May 27)