Wireshark · Wireshark-dev: Re: [Wireshark-dev] capturing from a named pipe - other file formats

Wireshark-dev: Re: [Wireshark-dev] capturing from a named pipe - other file formats

From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>

Date: Mon, 21 Jun 2010 13:37:31 -0400

Rolf Fiedler wrote:

At the moment wireshark only supports the libpcap trace file format whencapturing from a named pipe or stdin. I would like to extend this tosupport the EyeSDN trace file format for captures from ISDN interfaces.Would this cause any problems? What would be a good place to start? TheEyeSDN trace file format has a magic at the start so the file formatcould be detected. Or would we need an additional command line parameterto specify the format?

You'd probably need another command line argument. Figuring out thefile encapsulation requires (I believe) the ability to seek within thefile--something that doesn't work with pipes. To avoid that you'd haveto tell the software what the encapsulation is.

References:
- [Wireshark-dev] capturing from a named pipe - other file formats
  - From: Rolf Fiedler

Prev by Date: Re: [Wireshark-dev] Help:A problem when I try to compile wireshark
Next by Date: [Wireshark-dev] help regarding altering the fields of a pcap
Previous by thread: [Wireshark-dev] capturing from a named pipe - other file formats
Next by thread: [Wireshark-dev] Help! Compile failed!
Index(es):
- Date
- Thread