Hello everybody!
First of all, Apologize for the inconvenience, I know there'll be people who
don't mind my doubts.
Well, I'm a student and for my final project my tutor decided to do a kind of
sniffer. Particularly, I have a net with four PCs, each one with 5 ethernet
cards. All PCs have internet access (using 1 net card) and the rest of the
cards will conect themselves with a non-specified way.
The target of this project is to obtain network features from each ethernet
interface, like throughput, timers, payload and so on; the problem is that it's
not for a protocol (tcp, udp or whatever port) but an application (protocols
like http, ftp, so on).
I programmed a simple sniffer using libpcap: it's able to show network address,
network mask, TCP's payload (then with a timer I guess I'll be able to obtain
throughput) and maybe filter traffic to or from a specific port.
I'm still learning how it works, so my tutor suggested I could get information
about Wireshark.
My question is: Is it possible to reuse or adapt wireshark source code to use
in my project? And if it is, what's the code where the application filter each
protocol? Is it possible to obtain network features (using Wireshark) like
throughput and payload of a data transfer applying a filter?
The main problem I have is there are a lot of lines of source code. Could
anyone help guiding me through this mess as far as possible?
Kind regards
Txema
"As gold which he cannot spend will make no man rich, so knowledge which he
cannot apply will make no man wise"
_________________________________________________________________
Consigue el nuevo Windows Live Messenger
http://get.live.com/messenger/overview
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
