PcapNG format support for dumpcap

[Roland Knall <rknall () gmail com>]

Hi

I've filed a bug report (
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11370) for support in
dumpcap and wireshark, to enable pcapng as a data format for capturing.

We would need this for an extcap interface, where we would use the packet
comments to add additional information to each packet, as otherwise we wold
have to write text files during capture, and these files are not forwarded
correctly if a customer sends in a trace. Also we have to handle to data
formats for the utility as of right now, which seems a little bit bloated.

My question therefore is, is anyone working on that, or are there reasons
why not? If noone is working on this, could one of the main developers
offer a guess on where to change the interfaces for this?

My guess so far after poking around in the code a little bit would be, that
in dumpcap itself the change would not be that big, as it seems to pass
through whatever it reads, after initially checking on the file format. The
bigger changes have to be done on the other side of the capture pipe in the
XXshark utilities.

regards,
Roland

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe