Manualshelf

User Guide

ManualsBrandsWireshark ManualsSoftwareWireshark Wireshark - 0.99.7
101102103104105106107108109110
Core Main "glue code" that holds the other blocks together. Source
code can be found in the root directory.
Epan Ethereal Packet ANalyzer (XXX - is this correct?) the packet
analyzing engine. Source code can be found in the epan dir-
ectory.
Protocol-Tree - Keep data of the capture file protocol in-
formation.
Dissectors - The various protocol dissectors in epan/
dissectors.
Plugins - Some of the protocol dissectors are implemented
as plugins. Source code can be found at plugins.
Display-Filters - the display filter engine at epan/
dfilter.
Capture Capture engine.
Wiretap The wiretap library is used to read/write capture files in libp-
cap and a lot of other file formats. Source code in the
wiretap directory.
Win-/libpcap (not part of the
Wireshark package)
The platform dependent packet capture library, including the
capture filter engine. That's the reason why we still have dif-
ferent display and capture filter syntax, as two different filter-
ing engines are used.
How Wireshark Works
89