I’m working on SS7 project and reached a point where I need to create my tcap dissector/parser, So I was wondering to using wireshark dev files inside my source.
Is that possible? if yes? how can I do it? is there any tutorial available?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m working on SS7 project and reached a point where I need to create my tcap dissector/parser, So I was wondering to using wireshark dev files inside my source.
Is that possible? if yes? how can I do it? is there any tutorial available?
http://www.tcpdump.org/ has all needed information.
You’ll need to use libpcap as described here: http://www.tcpdump.org/pcap3_man.html
I guess
pcap_open_offlineis a good start, you can then use the related functions to get the structured data contained in the dump file. Using the same library, you could also capturing directly from your application.On a related note, wireshark and tshark allow to export a pcap file to xml, you could also use this format instead of the binary pcap if you’d like to.