|
I am new to ethereal and sniffers in
general and would appreciate help understanding several things. I have
tried hard to read as much on the net as possible before bothering you guys
here. However, the just is not much documentation out there. Any help is
appreciated. Please feel free to point me at documentation online if you know of
something that answers a question below.
Questions:
1.) Where are the dissectors actually invoked? Any
sort of architecture doc. would be wonderful.
2.) Where can I get better documentation on the
libpcap libraries. I have not found anything that gives any depth of info. For
instance, what does it mean when the callback function for pcap_loop returns
null for the packet data all the time? Or for that matter, where is the callback
even documented at all.
I'm sure I'll more specific questions as I go on,
however, I am fighting a general lack of understanding right now. Please let me
know if this is the wrong place for such posts or any leads on answering my
questions.
| 
