Re: [Wireshark-dev] Programming against WireShark pcap processing engine
Hi Per, It you can see SMIL decoded in Wireshark or JPEG data, then there should be a corresponding element in PDML as well. You will also need to use the Decode As option in tshark in case the MMSC is using a non-standard port. Regards, Abhik On Fri, Mar 11, 2011 at 5:08 PM, Per Steffensen st...@designware.dk wrote: Hi Thanks for you anwser, Abhik. I will consider your suggestion about exporting to PDML. Didnt even know that there where such a thing. As I understand you, tshark is able to do this for me and include e.g. full SMIL and images. As I understood another answer to my question, tshark is not able to extract content (like SMIL and images). Does anyone know which one it is - is tshark able to extract content for me or not? If it is then I might be able to live with using tshark, even though is sounds more correct to me to integrate via API with the engine instead of integrate by calling command-line stuff. Regards, Per Steffensen BTW: Does anyone know how to easily reply to posts from the digest mails I get from the mailing list. I do something stupid like constructing a new mail with the same subject (prefixed with Re:) and doing the quoting manually. But I not sure that it even ends up in the right thread that way, and I am sure that it is not able to figure out exactly which prior post I am anwsering and therefore where to put my new post in the thread-tree quote - How about exporting the captures to PDML format and then parsing the output XML in Java? I know it is CPU intensive and the PDML files could become quite large, but each layer (SMIL/images etc) would appear as separate entities and by doing some searching you might be able to extract what you want. You could first use Wireshark to export to PDML file just to see the format and understand if it is worth it. Then you can call tshark later to do the conversion for you automatically. HTH, Abhik ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Programming against WireShark pcap processing engine
Hi Thanks for you anwser, Abhik. I will consider your suggestion about exporting to PDML. Didnt even know that there where such a thing. As I understand you, tshark is able to do this for me and include e.g. full SMIL and images. As I understood another answer to my question, tshark is not able to extract content (like SMIL and images). Does anyone know which one it is - is tshark able to extract content for me or not? If it is then I might be able to live with using tshark, even though is sounds more correct to me to integrate via API with the engine instead of integrate by calling command-line stuff. Regards, Per Steffensen BTW: Does anyone know how to easily reply to posts from the digest mails I get from the mailing list. I do something stupid like constructing a new mail with the same subject (prefixed with Re:) and doing the quoting manually. But I not sure that it even ends up in the right thread that way, and I am sure that it is not able to figure out exactly which prior post I am anwsering and therefore where to put my new post in the thread-tree quote - How about exporting the captures to PDML format and then parsing the output XML in Java? I know it is CPU intensive and the PDML files could become quite large, but each layer (SMIL/images etc) would appear as separate entities and by doing some searching you might be able to extract what you want. You could first use Wireshark to export to PDML file just to see the format and understand if it is worth it. Then you can call tshark later to do the conversion for you automatically. HTH, Abhik ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Programming against WireShark pcap processing engine
Per Steffensen wrote: BTW: Does anyone know how to easily reply to posts from the digest mails I get from the mailing list. I do something stupid like constructing a new mail with the same subject (prefixed with Re:) and doing the quoting manually. But I not sure that it even ends up in the right thread that way, and I am sure that it is not able to figure out exactly which prior post I am anwsering and therefore where to put my new post in the thread-tree You might try to visit http://news.gmane.org/gmane.network.wireshark.devel (or .user as the case may be) and post from there to the relevant thread. I try to use gmane whenever possible to avoid having my company's disclaimer appended to my posts when using my company e-mail, but sometimes my messages don't get posted via gmane or sometimes, as in this case, I simply can not find the e-mail in gmane to respond to. - Chris -end of message- CONFIDENTIALITY NOTICE: The contents of this email are confidential and for the exclusive use of the intended recipient. If you receive this email in error, please delete it from your system immediately and notify us either by email, telephone or fax. You should not copy, forward, or otherwise disclose the content of the email. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Programming against WireShark pcap processing engine
No one? Really? The important part is not that I have to use java. Any input on how to program against the WireShark pcap processing engine is very welcome, no matter the language. I will make the java wrapper myself. Regards, Steff ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Programming against WireShark pcap processing engine
Per Steffensen wrote: Hi I am writing a Java program that has process a lot of pcap files to extract certain data - in phase one I have to extract MMS's from those pcaps. If I put some of my example pcap files into WireShare it shows me that there is an MMS and I am able to extract the different parts of the MMS (smil, images, etc) by using the WireShark GUI. Basically I want to programmatically extract those different parts of the MMS from my java program. I imagine to use the pcap processing (guess you call it dissection) part of WireShark from my java program. What is the best approach I can take? I dont want to show the WireShark GUI. Guess I could call tshark from my java program? But does tshark enable me to extract embedded data like e.g. a JPG image? I don't think you can do that from tshark. Are there better approaches? I have read a little about libwireshark. It that the way to go? How to get started on using libwireshark? Documentation? libwireshark exists but it is designed to only be used by Wireshark and its tools. As such, there really isn't any documentation about how to use it in other tools. That being said, there has been traffic on this list from people who have used libwireshark directly--with some success IIRC. I have also seen some tools on Wiki (http://wiki.wireshark.org/Tools). Are there good starting points among them? Hope for some good feedback. Also hope to eventually be able to give something back to the WireShark project. Maybe it could be done in one of the scripting environments Wireshark supports (Lua and Python)? ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Programming against WireShark pcap processing engine
How about exporting the captures to PDML format and then parsing the output XML in Java? I know it is CPU intensive and the PDML files could become quite large, but each layer (SMIL/images etc) would appear as separate entities and by doing some searching you might be able to extract what you want. You could first use Wireshark to export to PDML file just to see the format and understand if it is worth it. Then you can call tshark later to do the conversion for you automatically. HTH, Abhik On Tue, Mar 8, 2011 at 7:02 PM, Per Steffensen st...@designware.dk wrote: No one? Really? The important part is not that I have to use java. Any input on how to program against the WireShark pcap processing engine is very welcome, no matter the language. I will make the java wrapper myself. Regards, Steff ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Programming against WireShark pcap processing engine
Hi I am writing a Java program that has process a lot of pcap files to extract certain data - in phase one I have to extract MMS's from those pcaps. If I put some of my example pcap files into WireShare it shows me that there is an MMS and I am able to extract the different parts of the MMS (smil, images, etc) by using the WireShark GUI. Basically I want to programmatically extract those different parts of the MMS from my java program. I imagine to use the pcap processing (guess you call it dissection) part of WireShark from my java program. What is the best approach I can take? I dont want to show the WireShark GUI. Guess I could call tshark from my java program? But does tshark enable me to extract embedded data like e.g. a JPG image? Are there better approaches? I have read a little about libwireshark. It that the way to go? How to get started on using libwireshark? Documentation? I have also seen some tools on Wiki (http://wiki.wireshark.org/Tools). Are there good starting points among them? Hope for some good feedback. Also hope to eventually be able to give something back to the WireShark project. Regards, Steff ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
