Wireshark · Wireshark-dev: Re: [Wireshark-dev] [PATCH] enable sniff on USB ports

Wireshark-dev: Re: [Wireshark-dev] [PATCH] enable sniff on USB ports

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Tue, 19 Sep 2006 19:35:25 -0700


On Sep 19, 2006, at 6:02 AM, abeni wrote:

I'm trying to plug USB sniffing support into wireshark, at least under
Linux. I have some working code (the attached patch, against revision
19257), but is quite intrusive, it uses the usbmon infrastructure and
works only on with recent Linux kernels (I think 2.6.8 or newer is
needed).

The patch build up a generic 'virtual' API for sniffing that is
'hardware agnostic'.


Why would such an API belong in Wireshark rather in libpcap?

(No, libpcap/WinPcap is not a library intended only for Ethernet, oreven only for "real" networks; it already has code for IrDA on Linux,for example. In addition, it's not intended only for devices usingthe OS's "standard" network sniffing mechanism.)

Putting the API in libpcap allows programs *other* than Wireshark touse it. In addition, libpcap's purpose is to hide platform-specificdetails from programs wanting to do capture, so the fact that yourpatch happens to be Linux-specific isn't an issue - libpcap has plentyof platform-dependent code already (such as all the pcap-*.c and fad-*.c files).

Follow-Ups:
- Re: [Wireshark-dev] [PATCH] enable sniff on USB ports
  - From: abeni

References:
- [Wireshark-dev] [PATCH] enable sniff on USB ports
  - From: abeni

Prev by Date: Re: [Wireshark-dev] WireShark crashes when I try to use a filter on my plugin dissector
Next by Date: Re: [Wireshark-dev] tshark fails to capture packet on IB interface
Previous by thread: Re: [Wireshark-dev] [PATCH] enable sniff on USB ports
Next by thread: Re: [Wireshark-dev] [PATCH] enable sniff on USB ports
Index(es):
- Date
- Thread