Wireshark · Wireshark-dev: Re: [Wireshark-dev] Enable monitor mode column in Wireshark GUI for Windows

Wireshark-dev: Re: [Wireshark-dev] Enable monitor mode column in Wireshark GUI for Windows

Date: Mon, 16 May 2016 01:49:07 +0800

Hi Guy,

On Sun, May 15, 2016 at 4:29 AM, Guy Harris <guy@xxxxxxxxxxxx> wrote:

On May 9, 2016, at 9:31 AM, Yang Luo <hsluoyb@xxxxxxxxx> wrote:

> I want to enable monitor mode column for Windows. Based on this post: https://www.wireshark.org/lists/wireshark-dev/201601/msg00002.html, we need to undefine the HAVE_PCAP_OPEN macro when building Wireshark for Windows.

No.

It "means that dumpcap needs to be changed to use those APIs on local adapters if they're available, regardless of whether pcap_open() is available, and to use pcap_open() *only* for remote adapters."

And that's already been done in the master branch. See caputils/capture-pcap-util.c and caputils/capture-wpcap.c.

I saw these 3 commits as below (I think these are what you mean by "that's already been done in the master branch"?):

1) Add opiton to configure HAVE_PCAP_CREATE

https://github.com/wireshark/wireshark/commit/4a408c9641cd5e5a62064d4e4f545f7fe38b7dbb

2) [WINPCAP] First step to be able to use pcap_create()

https://github.com/wireshark/wireshark/commit/1658a3520f79d63217b47015b244a82bd55d3f34

3) Set both HAVE_PCAP_CREATE and HAVE_PCAP_OPEN.

https://github.com/wireshark/wireshark/commit/b2bf9e3306d34987dfb7928964931088c2224b92

So I think the HAVE_PCAP_CREATE macro has been defined in the source code now?

And from here:

https://github.com/wireshark/wireshark/blob/07fb53b063bcd4c2c67706cf7316b625efe0767e/ui/qt/capture_interfaces_dialog.cpp#L74-L76

I saw these:

#if defined(HAVE_PCAP_CREATE)

#define SHOW_MONITOR_COLUMN 1

#endif

So SHOW_MONITOR_COLUMN should be also defined in the recent source code after those 3 commits. This should mean that monitor column will show up in the QT and GTK GUI? But in fact, I still didn't see them. I haven't changed the libpcap API in Npcap yet, but I don't think this will affect the monitor mode column?

These commits happen in 7 Jan, and Wireshark 2.0.3 which I use is released on Apr 23. So I think these commits work for 2.0.3.

Why I still didn't see the monitor column?

Cheers,

Yang

> As Guy said, it seems that the drawback for this patch is acceptable (losing support of WinPcap 4.1 earlier)

No - on Windows, it "[chooses] whether to use pcap_create() *et al* at run time" - perhaps I didn't want to have to do that at the time, but I eventually did it anyway.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

Follow-Ups:
- Re: [Wireshark-dev] Enable monitor mode column in Wireshark GUI for Windows
  - From: Alexis La Goutte
- Re: [Wireshark-dev] Enable monitor mode column in Wireshark GUI for Windows
  - From: Guy Harris

References:
- [Wireshark-dev] Enable monitor mode column in Wireshark GUI for Windows
  - From: Yang Luo
- Re: [Wireshark-dev] Enable monitor mode column in Wireshark GUI for Windows
  - From: Guy Harris

Prev by Date: Re: [Wireshark-dev] Setting OID_DOT11_CURRENT_OPERATION_MODE failed with error code 1
Next by Date: Re: [Wireshark-dev] Enable monitor mode column in Wireshark GUI for Windows
Previous by thread: Re: [Wireshark-dev] Enable monitor mode column in Wireshark GUI for Windows
Next by thread: Re: [Wireshark-dev] Enable monitor mode column in Wireshark GUI for Windows
Index(es):
- Date
- Thread