Wireshark mailing list archives
Re: real time capture with a different application
From: Steve Karg <skarg () users sourceforge net>
Date: Sat, 26 Nov 2011 10:14:25 -0600
Hello Vijay,
Im trying to do a live capture of 802.15.4 tinyos traffic using wireshark/tshark. I use another application which captures the traffic and writes to a file.
Sounds interesting.
I used a pipe to display the traffic on tshark. It did display the traffic but stopped after displaying the capture file. Now, I will write new captures as it comes, So is there an option to tell tshark/wireshark to listen on the pipe continuously and display the capture as it gets written to the pipe?
I wrote a serial packet conversion utility that uses pipes and saves to a pcap file concurrently. Wireshark listens continuously. It was written in C and is ported to Linux and Windows: https://bacnet.svn.sourceforge.net/svnroot/bacnet/trunk/bacnet-stack/demo/mstpcap/main.c In my first try, I was saving 65535 packets at a time to the file, and that would cause the pipe to Wireshark to stop since I rewrote the header to the pipe. But I changed it to only rewrite the header to the file and not rewrite the header to the pipe, and that allowed the packets to go to the pipe and Wireshark continuously. Good luck! Steve -- http://steve.kargs.net/ ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- real time capture with a different application vijay (Nov 25)
- Re: real time capture with a different application Steve Karg (Nov 26)
- Re: real time capture with a different application Sam Roberts (Nov 26)
- Re: real time capture with a different application vijay (Nov 28)