forceple.blogg.se - Analyze wireshark capture

This is the only part that is to execute with elevated privileges. The wiretap library is used to read and write capture files in libpcap, pcapng, and many other file formats.

Display Filters – The display filter engine at epan/dfilter.

Dissector Plugins – Support for implementing dissectors as separate modules.

Dissectors – The various protocol dissectors in epan/dissectors.

Protocol Tree – Dissection information for an individual packet.

Source code can be found in the epan directory. Source code can be found in the root directory.Įnhanced Packet Analyzer-the packet-analyzing engine.

Main “glue code” that holds the other blocks together. Source code can be found in the ui/qt directory. Handling of all user input/output (all windows, dialogs and such). Because of that, it is very easy for people to add new protocols to Wireshark, either as plugins, or built into the source, and they often do!

Wireshark is an open source software project and you can freely use Wireshark on any number of computers you like, without worrying about license keys or fees or such.Īll source code is freely available under the GPL.