On 7/12/07 9:45 AM, "Gerald Combs" <[EMAIL PROTECTED]> wrote:
> If you release a
> binary dissection module, what's to stop someone from
feeding it fuzzed and
> randomized data, mapping the input and output, and
reverse-engineering the
> protocol itself? Dissectors aren't device
drivers, and the
One might be able to do as Nvidia/ATI et. al. do with their drivers. Create
the plug-in itself as a generic binary module which decodes blocks of data;
it would make no use of the Wireshark APIs and cannot include or link with
any GPL code. Then create a stub that fits between Wireshark's APIs and
Essentially, you cannot comply with point in a Wireshark plug-in DLL; in
order to compile the DLL, you must have the Wireshark source available,
parts of which are linked into the DLL. As Wireshark is GPL, so is the DLL.
--
Phil
On 7/11/07 8:46 AM, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote:
If you simply need to capture to a file for later analysis, you could simply
invoke tshark or dumpcap with the appropriate command-line options to start
capturing, and either use the appropriate options to stop capturing after a
certain time/amount, or simply kill the process (I would imagine SIGIN
The "Application failed to start because the application configuration is
incorrect" message indicates that the manifest isn't properly referencing
the MS C runtimes in binaries built in VS 2005. I fixed this on my system
adding a few commands to the makefile to import the manifest into the
binarie