Is that possible to write a user-defined script to analyze the whole packages?

I means no analyze a single PDU, but anylze the whole file of the .pcap. Just like they did under the menu of telephony.

I am using some kind of media protocol with a timestamp. and my listener reports the timestamp was wrong sometimes.

So I want to check those packages one by one and find if there were some of them in a wrong order. like the 1st one's timestamp is 2, 2nd one is 4, the 3rd one is 3. things like this.

answered May 6 '0

Jaap

13782 ●715 ●115

These statistics make use of the tapping mechanism, so depending on the specifics of your protocol a suitable tap may be available. As for a user-defined script, the Lua interface allows for tap access, so this could be used.

I'm not aware of a clearly documented list of available taps nor the data available on them, so that might require digging into the source code. For the Lua interface I can refer to the Listener definition only, I'm not aware of an actual example of a Lua script using this.

Alternatively you build Wireshark yourself, adding the tapping code in C. Whatever is easier for you.

link

Comments

Thank you for your reply.

So , I'd rather to write a simple codes to do this with libpcap. Read the codes of wireshark is a huge work for me.

Charles Chan ( May 8 '0 )

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Is that possible to write a user-defined script to analyze the whole packages?

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

Is that possible to write a user-defined script to analyze the whole packages? savecancel

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

Is that possible to write a user-defined script to analyze the whole packages?