Re: Enable monitor mode column in Wireshark GUI for Windows

[Yang Luo <hsluoyb () gmail com>]

Hi Guy,

On Sun, May 15, 2016 at 4:29 AM, Guy Harris <guy () alum mit edu> wrote:

> On May 9, 2016, at 9:31 AM, Yang Luo <hsluoyb () gmail com> wrote:
>
> > I want to enable monitor mode column for Windows. Based on this post:
> https://www.wireshark.org/lists/wireshark-dev/201601/msg00002.html, we
> need to undefine the HAVE_PCAP_OPEN macro when building Wireshark for
> Windows.
>
> No.
>
> It "means that dumpcap needs to be changed to use those APIs on local
> adapters if they're available, regardless of whether pcap_open() is
> available, and to use pcap_open() *only* for remote adapters."
>
> And that's already been done in the master branch.  See
> caputils/capture-pcap-util.c and caputils/capture-wpcap.c.

I saw these 3 commits as below (I think these are what you mean by "that's
already been done in the master branch"?):

1) Add opiton to configure HAVE_PCAP_CREATE
https://github.com/wireshark/wireshark/commit/4a408c9641cd5e5a62064d4e4f545f7fe38b7dbb
2) [WINPCAP] First step to be able to use pcap_create()
https://github.com/wireshark/wireshark/commit/1658a3520f79d63217b47015b244a82bd55d3f34
3) Set both HAVE_PCAP_CREATE and HAVE_PCAP_OPEN.
https://github.com/wireshark/wireshark/commit/b2bf9e3306d34987dfb7928964931088c2224b92

So I think the HAVE_PCAP_CREATE macro has been defined in the source code
now?

And from here:
https://github.com/wireshark/wireshark/blob/07fb53b063bcd4c2c67706cf7316b625efe0767e/ui/qt/capture_interfaces_dialog.cpp#L74-L76

I saw these:
#if defined(HAVE_PCAP_CREATE)
#define SHOW_MONITOR_COLUMN 1
#endif

So SHOW_MONITOR_COLUMN should be also defined in the recent source code
after those 3 commits. This should mean that monitor column will show up in
the QT and GTK GUI? But in fact, I still didn't see them. I haven't changed
the libpcap API in Npcap yet, but I don't think this will affect the
monitor mode column?

These commits happen in 7 Jan, and Wireshark 2.0.3 which I use is released
on Apr 23. So I think these commits work for 2.0.3.
Why I still didn't see the monitor column?

Cheers,
Yang


> > As Guy said, it seems that the drawback for this patch is acceptable
> (losing support of WinPcap 4.1 earlier)
>
> No - on Windows, it "[chooses] whether to use pcap_create() *et al* at run
> time" - perhaps I didn't want to have to do that at the time, but I
> eventually did it anyway.
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe