https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4576
Summary: Small enhancement for dumpcap: Read pcap data from a
Unix domain socket
Product: Wireshark
Version: unspecified
Platform: All
OS/Version: Debian
Status: NEW
Severity: Enhancement
Priority: Low
Component: Extras
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: bengen--wireshark@xxxxxxxxxxxxxxxx
Created an attachment (id=4393)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4393)
Enhancement for cap_pipe_open_live()
Build Information:
Dumpcap 1.2.6
Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GLib 2.22.4, with libpcap 1.0.0, with libz 1.2.3.4, with POSIX
capabilities (Linux).
Running on Linux 2.6.32-3-amd64, with libpcap version 1.0.0, GnuTLS 2.8.5,
Gcrypt 1.4.5.
Built using gcc 4.4.3.
--
dumpcap is able to read pcap data from pipes or files. The attached patch
enables dumpcap to connect to and read pcap data from an AF_UNIX socket. Please
consider this for inclusion in a future version.
I have successfully tested this patch on a amd64 Debian/sid box (the build
information reflects the wireshark), using the following two setups:
$ socat open:pcap unix-listen:ws.socket &
$ ./dumpcap -i ws.socket -w - | /usr/sbin/urlsnarf -n -p /dev/stdin
and
$ mknod ws.fifo
$ socat open:pcap create:ws.fifo &
$ ./dumpcap -i ws.fifo -w - | /usr/sbin/urlsnarf -n -p /dev/stdin
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.