1 | initial version |
There is some minimal documentation on extcap here.
Extcap allows an external application to be started from the Wireshark GUI with arguments controlling the application, and provides a pipe into which the application can send a Pcap formatted file. Wireshark will then read and dissect this stream as per any other pcap file.
Your first task therefore is to make your application output a pcap, probably to a file, to test behaviour when Wireshark opens the file.
Then make your application conform to the extap interface and output the traffic to the pipe.
Then add dissectors as required to Wireshark to dissect your traffic.
I'm not sure what the link layer type will be for your traffic, but if it's not one of the supported ones (list here), you'll need to request a new DLT value, write that in your pcap value and then add a dissector for it.