Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Programming against WireShark pcap processing engine

From: Per Steffensen <steff () designware dk>
Date: Fri, 11 Mar 2011 14:08:06 +0100
Hi

Thanks for you anwser, Abhik. I will consider your suggestion about exporting to PDML. Didnt even know that there where 
such a thing.

As I understand you, tshark is able to do this for me and include e.g. full SMIL and images. As I understood another answer to my question, 
tshark is not able to extract "content" (like SMIL and images). Does anyone know which one it is - is tshark able to extract 
"content" for me or not? If it is then I might be able to live with using tshark, even though is sounds more correct to me to 
integrate via API with the engine instead of integrate by calling command-line stuff.

Regards, Per Steffensen
BTW: Does anyone know how to easily reply to posts from the digest mails I get from the mailing list. I do something stupid like 
constructing a new mail with the same subject (prefixed with Re:) and doing the quoting manually. But I not sure that it even 
ends up in the right "thread" that way, and I am sure that it is not able to figure out exactly which prior post I am 
anwsering and therefore where to put my new post in the thread-tree

---- quote -----
How about exporting the captures to PDML format and then parsing the output
XML in Java? I know it is CPU intensive and the PDML files could become
quite large, but each layer (SMIL/images etc) would appear as separate
entities and by doing some searching you might be able to extract what you
want.

You could first use Wireshark to export to PDML file just to see the format
and understand if it is worth it. Then you can call tshark later to do the
conversion for you automatically.

HTH,
Abhik

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: