Ask Your Question

Is that possible to write a user-defined script to analyze the whole packages?

asked 2020-05-06 03:05:00 +0000

Charles Chan gravatar image

updated 2020-05-06 03:23:21 +0000

I means no analyze a single PDU, but anylze the whole file of the .pcap. Just like they did under the menu of telephony.

I am using some kind of media protocol with a timestamp. and my listener reports the timestamp was wrong sometimes.

So I want to check those packages one by one and find if there were some of them in a wrong order. like the 1st one's timestamp is 2, 2nd one is 4, the 3rd one is 3. things like this.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2020-05-06 06:09:56 +0000

Jaap gravatar image

These statistics make use of the tapping mechanism, so depending on the specifics of your protocol a suitable tap may be available. As for a user-defined script, the Lua interface allows for tap access, so this could be used.

I'm not aware of a clearly documented list of available taps nor the data available on them, so that might require digging into the source code. For the Lua interface I can refer to the Listener definition only, I'm not aware of an actual example of a Lua script using this.

Alternatively you build Wireshark yourself, adding the tapping code in C. Whatever is easier for you.

edit flag offensive delete link more


Thank you for your reply.

So , I'd rather to write a simple codes to do this with libpcap. Read the codes of wireshark is a huge work for me.

Charles Chan gravatar imageCharles Chan ( 2020-05-08 06:01:21 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools


Asked: 2020-05-06 03:05:00 +0000

Seen: 388 times

Last updated: May 06 '20