Wireshark mailing list archives
Re: Windows dumpcap -i TCP@<IP>
From: Peter Wu <peter () lekensteyn nl>
Date: Thu, 04 Oct 2018 21:01:52 +0200
If you want to propose backporting a fix that is already merged in master, use the Cherry-Pick option in the web interface and select the master-2.6 branch as target. Alternatively, checkout the master-2.6 branch locally and use the git cherry-pick -x COMMIT-ID command (with an appropriate COMMIT-ID) and push the resulting commit. Kind regards, Peter https://lekensteyn.nl (pardon my brevity, top-posting and formatting, sent from my phone) On October 4, 2018 7:34:44 PM GMT+02:00, James Ko <jim.list () hotmail com> wrote:
Thanks. I've been a bit confused myself from a concussion. Any chance I can push for this fix to be reviewed and backported in time for the scheduled October 10 release of 2.6.4? James ________________________________ From: Wireshark-dev <wireshark-dev-bounces () wireshark org> on behalf of Graham Bloice <graham.bloice () trihedral com> Sent: Wednesday, October 3, 2018 11:03 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP> On Wed, 3 Oct 2018 at 18:58, James Ko <ko_2_73 () hotmail com<mailto:ko_2_73 () hotmail com>> wrote: Can I petition for this as a fix rather than a feature since the -i TCP@ works in the Linux builds but not in Windows? James Sure, as I replied, I was a bit too hasty (it's been a long day) and confused this change with another, to me it seems to be fix suitable for backport. ________________________________ From: Wireshark-dev <wireshark-dev-bounces () wireshark org<mailto:wireshark-dev-bounces () wireshark org>> on behalf of Graham Bloice <graham.bloice () trihedral com<mailto:graham.bloice () trihedral com>> Sent: Wednesday, October 3, 2018 10:38 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP> Ignore my last, I was confusing the change with another. The Release policy still applies though. On Wed, 3 Oct 2018 at 18:36, Graham Bloice <graham.bloice () trihedral com<mailto:graham.bloice () trihedral com>> wrote: On Wed, 3 Oct 2018 at 18:31, James Ko <ko_2_73 () hotmail com<mailto:ko_2_73 () hotmail com>> wrote: Just to follow up. I created bug #15149<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149> and submitted a fix for review 29894<https://code.wireshark.org/review/#/c/29894/> based on master. Do I need to create a separate patch if I need this included in the next 2.6.x release? Arguably this is a feature and so would not be a candidate for backport to 2.6. See the Release Policy wiki page: https://wiki.wireshark.org/Development/ReleasePolicy Core devs handle the backport if there is one. James ________________________________ From: James Ko <jim.list () hotmail com<mailto:jim.list () hotmail com>> Sent: Wednesday, September 19, 2018 00:42 To: Developer support list for Wireshark Subject: Re: Windows dumpcap -i TCP@<IP> Actually wireshark is not running on the Linux side and this is not using rpcap. I am using the TCP@ sockets stream support built in to dumpcap rather than extcap or rpcap. On the linux side I have a TCP server which generates PCAPNG data with SHB and IDB sent to any client connecting followed by EPBs. I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04) clients. James From: Anders Broman Sent: Tuesday, September 18, 00:27 Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP> To: Developer support list for Wireshark What version of Wireshark and what Linux version on the remote side? I think some work has ben done on rpcap recently so trying out the development version is an option. https://www.wireshark.org/download/automated/win64/ Regards Anders From: Wireshark-dev <wireshark-dev-bounces () wireshark org<mailto:wireshark-dev-bounces () wireshark org>> On Behalf Of James Ko Sent: den 18 september 2018 02:22 To: wireshark-dev () wireshark org<mailto:wireshark-dev () wireshark org> Subject: [Wireshark-dev] Windows dumpcap -i TCP@<IP> Hi, I am trying to connect to a remote PCAPNG stream from Windows using the TCP@ socket interface but the connection closes immediately after connecting. The same dumpcap command on linux works just fine to the remote TCP socket. No errors indicating any failure are printed from dumpcap.exe C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100<mailto:TCP@192.168.1.100> -w - Capturing on 'TCP@192.168.1.100<mailto:TCP@192.168.1.100>' dumcap: C:\> On the remote end running in linux I see a connect and disconnect with EPOLLHUP event. Has anyone else tried or have remote TCP socket connections working with dumpcap in Windows? James -- Graham Bloice
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 04)
- Re: Windows dumpcap -i TCP@<IP> Peter Wu (Oct 04)
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 04)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)