 | 1 | initial version |
The comments to Answer in your superuser link clarify that Wireshark can receive pcap-formatted data through a named pipe, allowing to use another application to capture packets on some exotic interfaces and feed Wireshark with them.
The github project seems to make use of that Wireshark's API to capture messages sent over a named pipe between two generic processes and feed them as packets in pcap encapsulation to Wireshark via another named pipe. However, this says nothing about the format and contents of the messages themselves. There is little point in sending messages with network packet headers via a named pipe, so most likely even if Wireshark can receive the messages (possibly with some UDP pseudo-headers), their contents would be proprietary so you'd have to write your own dissector to analyse them.
| | 2 | No.2 Revision |
The comments to Answer in your superuser link clarify that Wireshark can receive pcap-formatted data through a named pipe, allowing to use another application to capture packets on some exotic interfaces and feed Wireshark with them.
The github project seems to make use of that Wireshark's API to capture messages sent over a named pipe between two generic processes and feed them as packets in pcap encapsulation to Wireshark via another named pipe. However, this says nothing about the format and contents of the messages themselves. There is little point in sending messages with network packet headers via a named pipe, so most likely even if Wireshark can receive the messages (possibly (the screenshot suggests that they come with some UDP pseudo-headers), cooked Ethernet, IP and TCP headers), their contents would be proprietary so you'd have to write your own dissector to analyse them.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
