1 | initial version |
There are two questions here.
First is answered by this article which basically explains how packet capture can be inserted in the network stack. npcap takes care of this. On Unix based systems this paper forms the basis for packet capture.
The second question can be answered by the use of tshark rather than Wireshark. It generates text output using the save dissectors as Wireshark uses.