How to analyse and debug tshark source code

asked 2019-02-17 08:53:32 +0000

godbless2you gravatar image

updated 2019-02-17 08:54:33 +0000

I'm not sure whether it is appropriate to ask questions about source code debug here. If not, please tell me where I can ask. The following is my question:

tshark is a powerful and wonderful tool for protocol analysis and field extraction, however, it doesn't meet my needs as I have mentioned in another question. I try to modify it but I find there is little information about it on the Internet.

Although wireshark developer's guide v2.9.1 shows me lots of details about the dissector design, it seems provide nothing about how to modify other modules like tshark. As a newbie in this field, I don't have any idea about how to analyse the structure of tshark source code, how it interacts with wireshark main programs, and how to debug it using VS 2017.

So I hope to get any useful advice and help! Thank you!

edit retag flag offensive close merge delete