Wireshark mailing list archives
Re: Adding pcap-ng pipe support to dumpcap
From: Roland Knall <rknall () gmail com>
Date: Wed, 22 Nov 2017 22:31:05 +0100
Thanks! On Wed, Nov 22, 2017 at 9:52 PM, James Ko <jim.list () hotmail com> wrote:
Done. https://code.wireshark.org/review/#/c/24536/ Thanks, James ------------------------------ *From:* Wireshark-dev <wireshark-dev-bounces () wireshark org> on behalf of Graham Bloice <graham.bloice () trihedral com> *Sent:* Wednesday, November 22, 2017 10:22 *To:* Developer support list for Wireshark *Subject:* Re: [Wireshark-dev] Adding pcap-ng pipe support to dumpcap On 22 November 2017 at 18:13, James Ko <jim.list () hotmail com> wrote: Attached is my patch to get this working (with caveats). To support this involved reading the the pcapng block header and parsing the just the section header block for endianess. Then just rewrites the all blocks using the original/input endianess format to the pipe without looking much further at the block contents. It only supports one interface. I don't fully understand how multiple interfaces are handled but would probably require parsing the interface description blocks as well to get the linktype and snaplen to put in the interface table. I also did not implement the use_threads option for packet processing. There is #ifdef WIN32 bits but I don't know if any of that is correct as I didn't really touch it and did not even try to compile it. I hope this gets this feature moving along. Regards, James Please submit changes as per the Wiki page: https://wiki.wireshark. org/Development/SubmittingPatches -- Graham Bloice ____________________________________________________________ _______________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject= unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Adding pcap-ng pipe support to dumpcap James Ko (Nov 22)
- Re: Adding pcap-ng pipe support to dumpcap Roland Knall (Nov 22)
- Re: Adding pcap-ng pipe support to dumpcap Roland Knall (Nov 22)
- Re: Adding pcap-ng pipe support to dumpcap Graham Bloice (Nov 22)
- Re: Adding pcap-ng pipe support to dumpcap James Ko (Nov 22)
- Re: Adding pcap-ng pipe support to dumpcap Roland Knall (Nov 22)
- Re: Adding pcap-ng pipe support to dumpcap James Ko (Nov 22)
- Re: Adding pcap-ng pipe support to dumpcap Roland Knall (Nov 22)