Wireshark-dev: Re: [Wireshark-dev] Capture File Archive

From: Joe McEachern <joe@xxxxxxxxxx>
Date: Wed, 1 Aug 2012 09:04:21 -0400
Hello Kurt,

The idea for having a CloudShark instance available to the Wireshark core team originally surfaced at Sharkfest. We would be happy to provide this. We'd also be happy to host it or it could live with other Wireshark resources. Our virtual appliance can run under a VM or be installed direct to hardware. We also have a hardware option we could explore. The easiest approach is running under a VM.

There are a number of work flow models that CloudShark supports. Without getting into all of this now, here are some things that would be possible.

 - set up individual CloudShark accounts for core Wireshark developers
 - set up a smaller group of CloudShark admins that can manage all aspects of CloudShark
 - capture files can be shared with groups or marked public to share with anyone
 - capture files uploads can be automated using a web API
 - tags can be used to organize captures

If someone from the core team wants to get a deeper understanding of what is possible with CloudShark, we could easily set up a hosted system and let you have a look around.

This is just an offer own our part. I am sure there will be lots of questions and the need to verify how this would work. 

We are open to any suggestions on how to move forward.

--joe



On Wed, Aug 1, 2012 at 4:51 AM, Kurt Knochner <ws.dev.list@xxxxxxxxxxxxxxxxxxx> wrote:

==> Guy Harris wrote:

I don't know whether pcapr.net accepts files that aren't in pcap (or

I mentioned pcapr just as an example. I think it would be better to host that archive in the wireshark.org domain.

Presumably you mean "what protocols are used", as pcapr doesn't take

that's what I wanted to say.

==> Jeff Morriss wrote:

FWIW tools/list_protos_in_cap.sh and tools/indexcap.py can be used to generate a "database" (flat file) of capture files and the protocols

thanks, I was not aware of those tools.

==> Jakub Zawadzki wrote:

 Thanks to Jeff and his info about tools/list_protos_in_cap.sh here is
the list:
 http://www.wireshark.org/~darkjames/capture-files.txt

Great, thanks for this.

nor I'll create nice webgui like pcapr or cloudshark have.

What about having a cloudshark system for wireshark, like cloud.wireshark.org? This could be used as a repository for the cpature file archive.

As I mentioned, the guys at cloudshark.org (presumably) offered to provide a cloudshark system to the wireshark dev team.

<cite>
We'd be interested in providing a CloudShark system to the Wireshark dev team. This would give you lots of control over your capture files and allow a capture to be public or require authentication. There are several models that could be deployed. Captures can be organized and searched using the tagging system. If anyone wants to take the lead on this, I'd be happy to talk with you and explore this possibility. You can contact us at http://appliance.cloudshark.org/contact.html
</cite>

Sounds like a compelling offer. Is anyone of the core developers willing to contact them and "negotiate the conditions"?

Such a system could be used to host the capture file archive and the uploads for ask.wireshark.org. I'm willing to particpate in setting up and "maintaining" such a system, if any help is needed.

Thanks!

Regards
Kurt

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe