Programming against WireShark pcap processing engine

[Per Steffensen <steff () designware dk>]

Hi

I am writing a Java program that has process a lot of pcap files to 
extract certain data - in phase one I have to extract MMS's from those 
pcaps. If I put some of my example pcap files into WireShare it shows me 
that there is an MMS and I am able to extract the different parts of the 
MMS (smil, images, etc) by using the WireShark GUI.

Basically I want to programmatically extract those different parts of 
the MMS from my java program. I imagine to use the pcap processing 
(guess you call it dissection) part of WireShark from my java program.

What is the best approach I can take?
I dont want to show the WireShark GUI. Guess I could call tshark from my 
java program? But does tshark enable me to extract embedded data like 
e.g. a JPG image?
Are there better approaches?
I have read a little about libwireshark. It that the way to go? How to 
get started on using libwireshark? Documentation?
I have also seen some tools on Wiki (http://wiki.wireshark.org/Tools). 
Are there good starting points among them?

Hope for some good feedback. Also hope to eventually be able to give 
something back to the WireShark project.

Regards, Steff


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe