This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

where can I find the source code for editcap

0

I would like to know where I can find the source files for editcap. What libpcap API's are being called to convert .pcapng to .pcap with the following cmd?

editcap -F libpcap -T ether file.pcapng file.pcap

asked 28 Sep '12, 10:13

phileo99's gravatar image

phileo99
1111
accept rate: 0%


One Answer:

2

The current stable Wireshark sources, which includes the source code for editcap, can be downloaded from the Wireshark download page. If you're looking for a specific version, you can find it here. If you want to get the very latest sources, you can visit the Wireshark developer web page and follow the instructions provided. You can also view the sources online at http://anonsvn.wireshark.org/viewvc/.

answered 28 Sep '12, 10:53

cmaynard's gravatar image

cmaynard ♦♦
9.4k1038142
accept rate: 20%

And, as was pointed out in the e-mail thread on the same topic, no libpcap APIs are being called in that case, as, while Wireshark and its tools use libpcap/WinPcap to capture network traffic, they don't use it to read capture files.

(29 Sep '12, 17:17) Guy Harris ♦♦