Revision history [back]
I was trying to check if I can remove the lib dependency (wiretap, wireshark etc) from tshark
Not if you want TShark to be able to read all the file types Wireshark reads and do all the dissection Wireshark does. libwiretap is the code both Wireshark and TShark use to read capture files and libwireshark is the code both Wireshark and TShark use to dissect packets.
I.e., you'd have to write your own replacements for libwiretap and libwireshark, at which point you've pretty much written your own packet analyzer.
Or you could use tcpdump.
I was trying to check if I can remove the lib dependency (wiretap, wireshark etc) from tshark
Not if you want TShark to be able to read all the file types Wireshark reads and do all the dissection Wireshark does. libwiretap is the code both Wireshark and TShark use to read capture files and libwireshark is the code both Wireshark and TShark use to dissect packets.
I.e., you'd have to write your own replacements for libwiretap and libwireshark, at which point you've pretty much written your own packet analyzer.
Or you could use tcpdump.