Right now, the code will be public domain due to U.S. Government law since only government employees will be working on the software. The problem is that we are also trying to look to the future when we open up the development to other industry experts.
We would like to find an elegant solution to use the Wireshark dissectors without having to link in the libraries, if possible. We are totally redesigning some software that previously used a Tshark interface. This was clunky and a very brute force method. It started a Windows process, scripted a line in Tshark, collected the standard output, then had to perform text processing on the output to determine the results. The text processing was very cumbersome and led to all sorts of data errors and sometimes overflow crashes. What I am looking for is a way to have a way to filter a capture file for specific packets and then pull particular pieces of data out of those packets. The data that I need to pull out is not always what is displayed in the "single-line" packet display that Wireshark and Tshark display. Most of the data we need is only displayed in the full packet view. I've tried to use Wireshark/TShark to convert these files to PDML, but then they explode to multiple hundreds of Megabytes. I have not found a good way to process these large files. My project involves doing performance analysis on industrial Ethernet devices. Right now, I am working on cyclic jitter analysis of the EtherNet/IP protocol (CIP and ENIP). I am using a commercial network analyzer to collect the data, then I post-process the data in Tshark and some custom software. I would like to eliminate the Tshark step because of the reasons I described above. I would like to find a way under Windows to connect to Wireshark via a socket interface (or Tshark if absolutely necessary) that could maintain the binary nature of the data and allow me access to the specific data I need. -- Jim Joerg Mayer wrote: > On Wed, Mar 05, 2008 at 01:11:19PM -0500, James Gilsinn wrote: > >> I am working on a software package and would like to use the Wireshark >> packet dissectors instead of writing my own. I am a U.S. Government >> employee, so any code that I write is public domain and not subject to >> the GPL. I am trying to find out if there is a way to interface to >> Wireshark without having to compile the Wireshark libraries into my >> software. I would like to avoid the licensing issues of GPL vs. public >> domain vs. company proprietary software that may arise as part of the >> project I'm involved. >> > > Actually: If your program is in the public domain, then it should be > possible to link against the Wireshark sources. The resulting binaries > would be covered by the GPL but the sources could remain in the PD > (if it really is PD - I'd need to see the license of course). > > ciao > Joerg > -- ~ James D. Gilsinn ~ Phone: 301-975-3865 ~ ~ Electronics Engineer ~ Cell: 301-706-9985 ~ ~ NIST, Manufacturing Eng. Lab ~ Fax: 301-990-9688 ~ ~ 100 Bureau Drive, Stop 8230 ~ Email: [EMAIL PROTECTED] ~ ~ Gaithersburg, MD 20899-8230 USA ~ Web: http://www.isd.mel.nist.gov/ ~ _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
