Wireshark mailing list archives
Re: Windows dumpcap -i TCP@<IP>
From: Graham Bloice <graham.bloice () trihedral com>
Date: Wed, 3 Oct 2018 19:03:56 +0100
On Wed, 3 Oct 2018 at 18:58, James Ko <ko_2_73 () hotmail com> wrote:
Can I petition for this as a fix rather than a feature since the -i TCP@ works in the Linux builds but not in Windows? James
Sure, as I replied, I was a bit too hasty (it's been a long day) and confused this change with another, to me it seems to be fix suitable for backport.
------------------------------ *From:* Wireshark-dev <wireshark-dev-bounces () wireshark org> on behalf of Graham Bloice <graham.bloice () trihedral com> *Sent:* Wednesday, October 3, 2018 10:38 *To:* Developer support list for Wireshark *Subject:* Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP> Ignore my last, I was confusing the change with another. The Release policy still applies though. On Wed, 3 Oct 2018 at 18:36, Graham Bloice <graham.bloice () trihedral com> wrote: On Wed, 3 Oct 2018 at 18:31, James Ko <ko_2_73 () hotmail com> wrote: Just to follow up. I created bug #15149 <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149> and submitted a fix for review 29894 <https://code.wireshark.org/review/#/c/29894/> based on master. Do I need to create a separate patch if I need this included in the next 2.6.x release? Arguably this is a feature and so would not be a candidate for backport to 2.6. See the Release Policy wiki page: https://wiki.wireshark.org/Development/ReleasePolicy Core devs handle the backport if there is one. James ------------------------------ *From:* James Ko <jim.list () hotmail com> *Sent:* Wednesday, September 19, 2018 00:42 *To:* Developer support list for Wireshark *Subject:* Re: Windows dumpcap -i TCP@<IP> Actually wireshark is not running on the Linux side and this is not using rpcap. I am using the TCP@ sockets stream support built in to dumpcap rather than extcap or rpcap. On the linux side I have a TCP server which generates PCAPNG data with SHB and IDB sent to any client connecting followed by EPBs. I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04) clients. James From: Anders Broman Sent: Tuesday, September 18, 00:27 Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP> To: Developer support list for Wireshark What version of Wireshark and what Linux version on the remote side? I think some work has ben done on rpcap recently so trying out the development version is an option. https://www.wireshark.org/download/automated/win64/ Regards Anders *From:* Wireshark-dev <wireshark-dev-bounces () wireshark org> *On Behalf Of *James Ko *Sent:* den 18 september 2018 02:22 *To:* wireshark-dev () wireshark org *Subject:* [Wireshark-dev] Windows dumpcap -i TCP@<IP> Hi, I am trying to connect to a remote PCAPNG stream from Windows using the TCP@ socket interface but the connection closes immediately after connecting. The same dumpcap command on linux works just fine to the remote TCP socket. No errors indicating any failure are printed from dumpcap.exe C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100 -w - Capturing on 'TCP@192.168.1.100' dumcap: C:\> On the remote end running in linux I see a connect and disconnect with EPOLLHUP event. Has anyone else tried or have remote TCP socket connections working with dumpcap in Windows? James
-- Graham Bloice
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 04)
- Re: Windows dumpcap -i TCP@<IP> Peter Wu (Oct 04)
- Re: Windows dumpcap -i TCP@<IP> James Ko (Oct 04)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)
- Re: Windows dumpcap -i TCP@<IP> Graham Bloice (Oct 03)