Wireshark mailing list archives
Re: nflog in qt and gtk
From: Dario Lombardo <dario.lombardo.ml () gmail com>
Date: Fri, 19 Dec 2014 11:55:47 +0100
On Fri, Dec 19, 2014 at 11:44 AM, Peter Wu <peter () lekensteyn nl> wrote:
If I need to perform a capture, i just overwrite dumpcap with: ln -sfv /usr/bin/dumpcap /tmp/wsbuild/run/ It looks like you also avoid overwriting this file/symlink by disabling dumpcap building: cmake -DBUILD_dumpcap=0 ...
Nice suggestions, thank you.
Nope, it won't work at the moment. The problem is that NFLOG can only be opened by one user which is a kernel limitation. From net/netfilter/nfnetlink_log.c: inst = instance_lookup_get(log, group_num); if (inst && inst->peer_portid != NETLINK_CB(skb).portid) { ret = -EPERM; goto out_put; }
When wireshark-qt waits in the main screen, it shows a graph for each interface. Is it generated by "dumpcap -S -Z none"? When capture starts, those graphs are not shown anymore. Wouldn't be a solution to kill "dumpcap -S -Z none" when in capture and re-run it again when in home screen?
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- nflog in qt and gtk Dario Lombardo (Dec 18)
- Re: nflog in qt and gtk Peter Wu (Dec 18)
- Re: nflog in qt and gtk Dario Lombardo (Dec 19)
- Re: nflog in qt and gtk Peter Wu (Dec 19)
- Re: nflog in qt and gtk Dario Lombardo (Dec 19)
- Re: nflog in qt and gtk Peter Wu (Dec 19)
- Re: nflog in qt and gtk Dario Lombardo (Dec 19)
- Re: nflog in qt and gtk Peter Wu (Dec 19)
- Re: nflog in qt and gtk Dario Lombardo (Dec 23)
- Re: nflog in qt and gtk Dario Lombardo (Dec 19)
- Re: nflog in qt and gtk Peter Wu (Dec 18)