On Mon, Mar 9, 2009 at 12:14 PM, Ulisses Araújo Costa <[email protected]> wrote: > Hello, > > I'm doing a project where I need to parse some packets (HTTP and some > protocols for databases). > I start doing this using the tcpdump library, and after that start to > parse all the nested packets like that: > > Ethernet -> TCP/UDP -> IPv4/IPv6 -> Application packet > > I've done part of this job using the Haskell programming language, the > problem is to start obtain information about the relation of the > packets (like temporal relation, or others). I see that wireshark > already does that job. And in fact parse all the data from one packet, > and have a great pretty printer. > > I start to read manuals for developers, and unfortunately did not find > anything that really help me. > > My question is: Could you show to me a simple program that take a > input tcpdump file (Coud also be in Online mode), and just return the > structure of the parsed packets?
I don't believe that this is possible today. I am working on a new library that might make it possible and will have SWIG interfaces for a number of scripting languages (whatever SWIG supports) but it is in the early stages at the moment. It supports the concept of parse tables that you can install at runtime. -- Regards, Richard Sharpe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
