Re: Capture File Archive

[Joe McEachern <joe () qacafe com>]

Hello Kurt,

The idea for having a CloudShark instance available to the Wireshark core
team originally surfaced at Sharkfest. We would be happy to provide this.
We'd also be happy to host it or it could live with other Wireshark
resources. Our virtual appliance can run under a VM or be installed direct
to hardware. We also have a hardware option we could explore. The easiest
approach is running under a VM.

There are a number of work flow models that CloudShark supports. Without
getting into all of this now, here are some things that would be possible.

 - set up individual CloudShark accounts for core Wireshark developers
 - set up a smaller group of CloudShark admins that can manage all aspects
of CloudShark
 - capture files can be shared with groups or marked public to share with
anyone
 - capture files uploads can be automated using a web API
 - tags can be used to organize captures

If someone from the core team wants to get a deeper understanding of what
is possible with CloudShark, we could easily set up a hosted system and let
you have a look around.

This is just an offer own our part. I am sure there will be lots of
questions and the need to verify how this would work.

We are open to any suggestions on how to move forward.

--joe



On Wed, Aug 1, 2012 at 4:51 AM, Kurt Knochner <
ws.dev.list () nospam knochner com> wrote:

> ==> Guy Harris wrote:
>
>  I don't know whether pcapr.net accepts files that aren't in pcap (or
> >
>
> I mentioned pcapr just as an example. I think it would be better to host
> that archive in the wireshark.org domain.
>
>  Presumably you mean "what protocols are used", as pcapr doesn't take
> >
>
> that's what I wanted to say.
>
> ==> Jeff Morriss wrote:
>
>  FWIW tools/list_protos_in_cap.sh and tools/indexcap.py can be used to
> > generate a "database" (flat file) of capture files and the protocols
>
> thanks, I was not aware of those tools.
>
> ==> Jakub Zawadzki wrote:
>
>  Thanks to Jeff and his info about tools/list_protos_in_cap.sh here is
>
> > the list:
> >  http://www.wireshark.org/~**darkjames/capture-files.txt<http://www.wireshark.org/~darkjames/capture-files.txt>
>
> Great, thanks for this.
>
>  nor I'll create nice webgui like pcapr or cloudshark have.
> >
>
> What about having a cloudshark system for wireshark, like
> cloud.wireshark.org? This could be used as a repository for the cpature
> file archive.
>
> As I mentioned, the guys at cloudshark.org (presumably) offered to
> provide a cloudshark system to the wireshark dev team.
>
> <cite>
> We'd be interested in providing a CloudShark system to the Wireshark dev
> team. This would give you lots of control over your capture files and allow
> a capture to be public or require authentication. There are several models
> that could be deployed. Captures can be organized and searched using the
> tagging system. If anyone wants to take the lead on this, I'd be happy to
> talk with you and explore this possibility. You can contact us at
> http://appliance.cloudshark.**org/contact.html<http://appliance.cloudshark.org/contact.html>
> </cite>
>
> Sounds like a compelling offer. Is anyone of the core developers willing
> to contact them and "negotiate the conditions"?
>
> Such a system could be used to host the capture file archive and the
> uploads for ask.wireshark.org. I'm willing to particpate in setting up
> and "maintaining" such a system, if any help is needed.
>
> Thanks!
>
> Regards
> Kurt
>
> ______________________________**______________________________**
> _______________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    http://www.wireshark.org/**lists/wireshark-dev<http://www.wireshark.org/lists/wireshark-dev>
> Unsubscribe: 
> https://wireshark.org/mailman/**options/wireshark-dev<https://wireshark.org/mailman/options/wireshark-dev>
>             mailto:wireshark-dev-request@**wireshark.org<wireshark-dev-request () wireshark org>
> ?subject=**unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe