Yes, the script works. Thank you.
> c-keel@xxxxxx wrote:
> > Hi everyone.
> >
> > I am currently working with Wireshark 0.99.5.
> >
> > I know that it is possible on Unix machines to let
> Wireshark read from a pipe. I am not really sure if it is
> possible on Windows.
> >
> > For this reason I tried the following (of course I wrote a
> bit source code):
> >
> > - let wireshark capture from stdin: Wireshark.exe -k -i -
> > - let dumpcap write the file to stdout: dumpcap -i3 -w -
> > - create a Pipe with CreatePipe and when creating the processes,
> > dumpcap gets the write handle and wireshark the read handle of that
> > pipe as the corresponding output/input handles
> >
> > It works partly, but not completely:
> > - Wireshark gets started and listens on the standard input
> > - dumpcap gets started and writes to the standard output. It also
> > receives packets and flushes them to pipe
> > - when wireshark is processing the timer callback, it
> cannot find any
> > data in the pipe
> >
> > I can see the same effect if I use a named pipe like
> \\.\pipe\mypipe (with the code enabled in capture_loop.c and
> rebuild Wireshark).
> >
> > If anyone succeeded in using pipes on Windows (no matter if
> named or not) could you please give me the source code? Or is
> that just impossible because of the sources? I cannot clearly
> say if this should work or not.
>
> Wireshark reads data from dumpcap internally using CreatePipe():
> http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/capture_sync.c
>
> Named pipes work on my test machine using the attached script.
>