Wireshark mailing list archives
Re: standalone packet dissection
From: Zack Elan <zelan () autovirt com>
Date: Thu, 3 Jun 2010 10:24:38 -0400
Calling libwireshark routines would amount to re-using them directly, for legal reasons - you cannot make a product out of >libwireshark without your product being GPLed.
Sorry, I should have been more clear on this point - even if linking to libwireshark were technically feasible, our product would not be a derivative from Wireshark - the Wireshark dissectors would only be called from internal unit test code to compare our dissector's output with a "known correct" one. We wouldn't be shipping anything Wireshark-related in any way.
You would have to, for example, somehow run TShark "at arm's length" as a separate process, hand the packets to it (perhaps over a >pipe), and get the dissected output, e.g. in PDML format (perhaps over another pipe).
I had used TShark before, but hadn't noticed the PDML output option. I think this will do what I want, and be cleaner than trying to call libwireshark directly. Thanks for the help. Zack ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- standalone packet dissection Zack Elan (Jun 02)
- Re: standalone packet dissection Guy Harris (Jun 02)
- Re: standalone packet dissection Zack Elan (Jun 03)
- Re: standalone packet dissection Guy Harris (Jun 02)