Using libwireshark to get Wireshark functionality programmatically

后端 未结 4 1061
眼角桃花
眼角桃花 2021-02-14 11:15

If I want to write a script that uses Wireshark\'s functionality, I use tshark. I hear there is also a libwireshark that can be used when writing a program in C but, for the lif

4条回答
  •  死守一世寂寞
    2021-02-14 11:59

    Even I have written scripts for wireshark functionality as a part of my project for automation of some things.

    The best this to do is use wireshark addons like follows:

    1. tshark to add pcap file, applying filter,but if you find any feature missing there just edit tshark.c in wireshark source code.
    2. capinfos to give details such as no of packets or file size etc. (there is a script called capinfos in wireshark source code edit it if you want more features)

    Please note add-ons work only in Linux and capinfos is written in shell script. So you can use the same shell scripts and create new scripts for better functionality.

    Even I had faced a lot of problem initially as there is no proper documentation. But once you start it goes smoothly.

提交回复
热议问题