|
EtherealRe: [Ethereal-dev] Accessing libpcap files for Ethereal development |
|
||
|
|
EtherealRe: [Ethereal-dev] Accessing libpcap files for Ethereal development |
|
||
If you're just looking at packet meta-information, any environment would be good. I would even go as far as suggesting you use a scripting language, like Perl or Python, that has a libpcap module, to make your programming easier than having to program "queries" in C. However, if you're looking at the information in the protocols in the packet, you would have to either write some minimal protocol dissectors for your program (not fun), or make use of another program which dissects these protocols. Depending on your needs, hacking tcpdump or Ethereal would be the way to go. (There's also Analyzer, but I don't know the source code well enough to talk about it). Another way to go is to have tethereal do the dissection for you, and your query program can read the text or XML output of tethereal, and then do its analysis. --gilbert On Wed, 1 Dec 2004 01:33:13 -0800 (PST), Mina sina <silamsuomi@xxxxxxxxx> wrote: > > > Hi all, > I want to access contents of a libpcap file for the purpose of running > queries of my own interest which are not supported by Ethereal. What you > guys can suggest for me to do so. What environment will be good for it. > You can consider it as coming up with new features in Ethereal. > I am waiting for ur valuable guidance. > Best regards, > Silam > Finland > > ________________________________ > Do you Yahoo!? > The all-new My Yahoo! â Get yours free! > > > _______________________________________________ > Ethereal-dev mailing list > Ethereal-dev@xxxxxxxxxxxx > http://www.ethereal.com/mailman/listinfo/ethereal-dev > > >
Powered by MHonArc 2.6.10