Is that possible to write a user-defined script to analyze the whole packages?

retag add tags

I means no analyze a single PDU, but anylze the whole file of the .pcap. Just like they did under the menu of telephony.

I am using some kind of media protocol with a timestamp. and my listener reports the timestamp was wrong sometimes.

So I want to check those packages one by one and find if there were some of them in a wrong order. like the 1st one's timestamp is 2, 2nd one is 4, the 3rd one is 3. things like this.

These statistics make use of the tapping mechanism, so depending on the specifics of your protocol a suitable tap may be available. As for a user-defined script, the Lua interface allows for tap access, so this could be used.

I'm not aware of a clearly documented list of available taps nor the data available on them, so that might require digging into the source code. For the Lua interface I can refer to the Listener definition only, I'm not aware of an actual example of a Lua script using this.

Alternatively you build Wireshark yourself, adding the tapping code in C. Whatever is easier for you.

13.7k

Jaap

answered 2020-05-06 06:09:56 +0000

edit flag offensive 0 remove flag delete link

Comments

Thank you for your reply.

So , I'd rather to write a simple codes to do this with libpcap. Read the codes of wireshark is a huge work for me.

Charles Chan (2020-05-08 06:01:21 +0000) edit

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Is that possible to write a user-defined script to analyze the whole packages? edit

Comments

1 Answer

Comments