Wireshark mailing list archives
Re: Windows dumpcap -i TCP@<IP>
From: James Ko <ko_2_73 () hotmail com>
Date: Wed, 3 Oct 2018 16:22:48 +0000
Just to follow up. I created bug #15149<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149> and submitted a fix for review 29894<https://code.wireshark.org/review/#/c/29894/> based on master. Do I need to create a separate patch if I need this included in the next 2.6.x release? James ________________________________ From: James Ko <jim.list () hotmail com> Sent: Wednesday, September 19, 2018 00:42 To: Developer support list for Wireshark Subject: Re: Windows dumpcap -i TCP@<IP> Actually wireshark is not running on the Linux side and this is not using rpcap. I am using the TCP@ sockets stream support built in to dumpcap rather than extcap or rpcap. On the linux side I have a TCP server which generates PCAPNG data with SHB and IDB sent to any client connecting followed by EPBs. I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04) clients. James From: Anders Broman Sent: Tuesday, September 18, 00:27 Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP> To: Developer support list for Wireshark What version of Wireshark and what Linux version on the remote side? I think some work has ben done on rpcap recently so trying out the development version is an option. https://www.wireshark.org/download/automated/win64/ Regards Anders From: Wireshark-dev <wireshark-dev-bounces () wireshark org> On Behalf Of James Ko Sent: den 18 september 2018 02:22 To: wireshark-dev () wireshark org Subject: [Wireshark-dev] Windows dumpcap -i TCP@<IP> Hi, I am trying to connect to a remote PCAPNG stream from Windows using the TCP@ socket interface but the connection closes immediately after connecting. The same dumpcap command on linux works just fine to the remote TCP socket. No errors indicating any failure are printed from dumpcap.exe C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100<mailto:TCP@192.168.1.100> -w - Capturing on 'TCP@192.168.1.100' dumcap: C:\> On the remote end running in linux I see a connect and disconnect with EPOLLHUP event. Has anyone else tried or have remote TCP socket connections working with dumpcap in Windows? James
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 04)
- Re: Windows dumpcap -i TCP@<IP> Peter Wu (Oct 04)
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 04)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)