Wireshark mailing list archives
Re: wiretap - using as a library rather than coupled with Wireshark?
From: Tim Furlong <dev.null.2007 () gmail com>
Date: Fri, 27 Nov 2015 10:09:01 -0500
Sorry if I'm just missing something, but would editcap itself do the job? editcap <in.pkt> <out.pcapng> should read your Wildpackets file and produce a pcapng file; add a "-F pcap" for pcap format instead. Can't speak to performance, but I'd be surprised if editcap were significantly slower than libwiretap itself for a straight read and write - but I've been surprised before. Now, if you were looking to use the API from another program, that's a different problem - but your email said 'on the command line', so figured it was worth mentioning. Depending on what you're doing, Wireshark itself might be a fairly large dependency for your purposes, but it'd probably be a lot easier to manage than a bespoke package (depending on what your OS and configuration infrastructure looks like) - possibly as simple as just adding 'wireshark' to a manifest/recipe/etc.). If the size is critical, you could also play around with the build options in Wireshark to see if you can just build editcap and see what the end result looks like - but then you're back to packaging it yourself. -Tim On Thu, Nov 26, 2015 at 12:30 AM, Richard Kinder <rkinder () quantenna com> wrote:
Hi all, I’m looking at making a small tool to translate .pkt files (Wildpackets, specifically the wireless traces) to pcap/pcapng format on the command line, and it seems wiretap is one of the few options available online. Question: Can the library be built independently of Wireshark? Thanks in advance for your time! Regards, Richard This email, including its contents and any attachment(s), may contain confidential information of Quantenna Communications, Inc. and is solely for the intended recipient(s). If you may have received this in error, please contact the sender and permanently delete this email, its contents and any attachment(s). ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
-- Tim Furlong tim.furlong () gmail com
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- wiretap - using as a library rather than coupled with Wireshark? Richard Kinder (Nov 25)
- Re: wiretap - using as a library rather than coupled with Wireshark? Guy Harris (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Dario Lombardo (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Guy Harris (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Dario Lombardo (Nov 27)
- Re: wiretap - using as a library rather than coupled with Wireshark? Bálint Réczey (Nov 27)
- Re: wiretap - using as a library rather than coupled with Wireshark? Bálint Réczey (Nov 27)
- Re: wiretap - using as a library rather than coupled with Wireshark? Dario Lombardo (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Guy Harris (Nov 26)
- Re: wiretap - using as a library rather than coupled with Wireshark? Guy Harris (Nov 27)
- Re: wiretap - using as a library rather than coupled with Wireshark? Richard Kinder (Nov 30)