I am writing a Wireshark plugin to dissect a protocol that places multiple application-level packets in a single UDP frame. There is no enclosing protocol that indicates how many packets there are in the frame. So essentially, the payload coming down the wire will look like this: uint64 sequence1 uint64 data1 uint8 flags1 uint64 s...
How do you identify missing UDP frames in a custom Wireshark dissector? I have written a custom dissector for the CQS feed (reference page). One of our servers gaps when receiving this feed. According to Wireshark, some UDP frames are never received. I know that the frames were sent because all of our other servers are gap-free. A C...
The documentation for Lua for Wireshark claims that the Tvp class has a new_real() method. However, this method seems to not exist when I try to use it in my Lua script. I'm using Wireshark 1.3.5 (latest dev version) for Windows x64. Did the method get renamed? If so, to what? Is there a better support forum for this particular question?...
Hello guys I am capturing a network traffic and need to analyse the captured traffic. I recommended to find a JAVA API and I found the jNETpcap. I just wonder if any one has any experience related to this or have worked with jNETpcap. Any help would be much appreciated. Regards Somayeh ...
Hello, I'm doing my project of 4th year of university and the theme of this project is to realize a network analyser with web interface close to what wireshark proposes. So its necessary to mapper the wireshark library in the ruby language, that will allow me after to dissector the packets captured. I have been looking for some manual ...