I am using jpcap for packet sniffing. In wire shark we have fields named "No", "Time", "Source", "Destination", "protocol", "Length", "Info". I am able to extract all the fields using jpcap except for info fields. Can anyone tell me how to extract this field?
Asked
Active
Viewed 244 times
1 Answers
2
Can anyone tell me how to extract this field?
- Download Wireshark.
- Read the source to everything in the
dissectorssubdirectory of theepandirectory and in the subdirectories of thepluginsdirectory. - Reimplement all of that in your program.
Easy!
More seriously, the "Info" field is not something that's calculated in a simple fashion from the packet contents; it's produced by Wireshark's packet dissection code, of which there are several million lines. It's not something you "extract"; it's something you write dissectors to produce, and duplicating that part of Wireshark would be a difficult job.