Hi,
I am working on developing a Python-based interface to retrieve packets from a device, save them to a PCAP file, and have Wireshark do a live capture from the PCAP file. From what I have read a Pipe is the way to do this. I have found the
Wireshark wiki page detailing pipes (http://wiki.wireshark.org/CaptureSetup/Pipes), and I have attempted to implement the Python sample provided there. I am able to load the contents of my PCAP file
through the pipe once, but after the first read of the file the pipe closes, I have detailed this somewhat in my Ask Wireshark question here:
http://ask.wireshark.org/questions/34350/python-pipe-writefile-error-232-pipe-is-being-closed. Does anyone have any suggestions as to how I may modify the Python script to keep the pipe from closing?
In the mean time I have been using the method of directly printing the packets to the stdout; which works, but unreliably. Wireshark seems to randomly stop the live capture when I use this method, but the PCAP file I am also writing to
continues to be populated just fine from the same data. Are there any known problems with capturing directly from the stdout that might explain this?
Thanks.