How to write/capture a pcap file to test dissector?
Hi, we have a mature Lua dissector which we need to continue to develop and test.
We have a Client and Server pair of test programs, coded in C++ and connected via TCP/IP. We capture the exchanged packets using Wireshark in order to test the dissector.
My question is how to conveniently capture the packets. We can run on Windows (including WSL) or Linux. We want to avoid using Npcap because of license costs. I guess the obvious solution is to use 3 PCs connected to a switch, to run the client, server and Wireshark. However, that is cumbersome due to the quantity of equipment, particularly if working remotely from the test setup.
Please can anyone suggest a more elegant test configuration, requiring less hardware?
Could a loopback be configured using WSL/WSL2 in Windows, or on a Linux box, in which case all 3 apps could run on the same machine?
Could the C++ client/ server programs write packets directly to a PCAP file for later dissection by Wireshark?
We want to avoid using Npcap because of license costs.
Do you have a custom Wireshark installer? If you only have Lua dissectors, then you should be able to install the stock Wireshark installer with Npcap and not have to worry about licensing costs. From the Npcap License Agreement:
Hi Chris, thanks very much for answering my question. Your reply was very helpful. David.