I have written a device driver to read Infiniband packets for some properity infiniband Cards. I will getting packet to user space by reading a charector device file and even i dont want to register to netdevice .. Can please let me know as to how can i integrate my driver with wireshark .. I would like to know where can i hookup , my packet read function. and how can i register a device with wireshark , so whenever user clicks i want to start reading packets from tht device file and then get feeded to dissector .. How to virtually showup in wireshark device list it might be some data structure where i need to provide device name and corrospinding read function for the same. I would appriciate if you point me to name of file and procedure to acheive same. asked 04 Feb '11, 05:55  mdayyaz |
2 Answers:
Wireshark doesn't concern itself with packet capture, that task is delegated to dumpcap. Dumpcap itsels doesn't do the packet capture, that is done via libpcap, or WinPcap on Windows. These capture libraries, or service, is only capable of handling devices in the network domain. Therefore your character device won't be accessible. There are two ways to solve that:
From your description the last option looks the most attractive. Look at the Wireshark command line options to see how to interface with pipes. answered 04 Feb '11, 14:19  Jaap ♦ |
Actually, there's a third way to solve that: Change libpcap or WinPcap (although, as he says "character device file", he's probably not using Windows, so it's libpcap) to support your device. The best place to ask about this is the tcpdump-workers mailing list. answered 13 Feb '11, 13:43  Guy Harris ♦♦ edited 13 Feb '11, 13:43 |
