Re: One quick question

[Paul Offord <Paul.Offord () advance7 com>]

Hi Krishnamurthy,

Wireshark uses an executable called dumpcap to perform the actual capture.  You can use dumpcap directly from the 
command line, and as dumpcap doesn’t build the structures that Wireshark builds you won’t have a memory problem.  You 
can then view the resulting pcapng file with Wireshark in the normal way.

You can find more information here - https://community.tribelab.com/course/view.php?id=10 – including a video 
explaining the use of dumpcap.

Best regards…Paul

From: Wireshark-dev [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Krishnamurthy Mayya
Sent: 29 January 2018 09:21
To: Developer support list for Wireshark <wireshark-dev () wireshark org>; guy () alum mit edu
Subject: Re: [Wireshark-dev] One quick question

Okay.
So, If I am sending continuos stream of data at the line rate(1gb/s) and if I am using wireshark to capture the 
content, it will crash after sometime
due to memory exhaustion. Is there any way to bypass this ? (Any free function/some other work around)
Any suggestion from your side would be extremely helpful. Thanks in advcane

Regards,
Krishnamurthy mayya


On Mon, Jan 8, 2018 at 11:05 PM, Guy Harris <guy () alum mit edu<mailto:guy () alum mit edu>> wrote:
On Jan 8, 2018, at 5:29 AM, Krishnamurthy Mayya <krishnamurthymayya () gmail com<mailto:krishnamurthymayya () gmail 
com>> wrote:

> epan_get_frame_ts
>
> Like the above function, is there any utility function in wireshark which fress the memory allocated for the given 
> frame_num ?

Are you assuming that epan_get_frame_ts() returns a pointer to a freshly-allocated structure that must be freed when 
the caller no longer needs it?

If so, no, it doesn't.  You do not need to free the structure.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org<mailto:wireshark-dev () wireshark org>>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org<mailto:wireshark-dev-request () wireshark 
org>?subject=unsubscribe


______________________________________________________________________

This message contains confidential information and is intended only for the individual named. If you are not the named 
addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if 
you have received this e-mail by mistake and delete this e-mail from your system.

Any views or opinions expressed are solely those of the author and do not necessarily represent those of Advance Seven 
Ltd. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, 
corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept 
liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.

Advance Seven Ltd. Registered in England & Wales numbered 2373877 at Endeavour House, Coopers End Lane, Stansted, Essex 
CM24 1SJ

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe