where in the sources of Wireshark I can see the calls to the pcap?

Question

I want to find the place in the code where Wireshark takes the packets that arrive to the driver.

I guess this is done using libpcap or some other API for capturing packet. I looked at the source code but I didn't find any call to any function from libpcap.

So I am searching for the place where Wireshark communicates with the pcap interface or the driver directly. I want to know what functions are called (especially for Linux).

Thanks

score 1 · Answer 1 · answered Nov 07 '14 at 18:20

1

Most of the calls are in dumpcap.c, capture-pcap-util-unix.c, capture-pcap-util.c, and capture-wpcap.c.

answered Nov 07 '14 at 18:20

where in the sources of Wireshark I can see the calls to the pcap?

1 Answers1