Wireshark mailing list archives
Re: How to properly finalize capture in a Wireshark extcap plugin?
From: Guy Harris <gharris () sonic net>
Date: Mon, 23 Nov 2020 14:57:49 -0800
On Nov 23, 2020, at 7:09 AM, Timmy Brolin <tib () hms se> wrote:
Reading up on it a bit, turns out there is no such thing as SIGTERM in Windows.
Correct.
There seems to exist several alternative ways of doing it in Windows. Such as sending WM_QUIT or WM_CLOSE on the message queue,
This assumes that the program you're trying to tell to terminate *has* a message queue to which it pays attention. Extcap programs are character-mode (console) programs, not windows programs; unless there's some hidden thread that's listening to a Windows message queue in those programs, they won't see that message.
or CTRL_BREAK_EVENT via SetConsoleCtrlHandler().
According to a comment in sig_pipe_kill() in capchild/capture_sync.c: /* Remark: This is not the preferred method of closing a process! * the clean way would be getting the process id of the child process, * then getting window handle hWnd of that process (using EnumChildWind$ * and then do a SendMessage(hWnd, WM_CLOSE, 0, 0) * * Unfortunately, I don't know how to get the process id from the * handle. OpenProcess will get an handle (not a window handle) * from the process ID; it will not get a window handle from the * process ID. (How could it? A process can have more than one * window. For that matter, a process might have *no* windows, * as a process running dumpcap, the normal child process program, * probably does.) * * Hint: GenerateConsoleCtrlEvent() will only work if both processes are * running in the same console; that's not necessarily the case for * us, as we might not be running in a console. * And this also will require to have the process id. */ so that might not work either. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- How to properly finalize capture in a Wireshark extcap plugin? Timmy Brolin (Nov 23)
- Re: How to properly finalize capture in a Wireshark extcap plugin? Dario Lombardo (Nov 23)
- Re: How to properly finalize capture in a Wireshark extcap plugin? Timmy Brolin (Nov 23)
- Re: How to properly finalize capture in a Wireshark extcap plugin? Guy Harris (Nov 23)
- Re: How to properly finalize capture in a Wireshark extcap plugin? Timmy Brolin (Nov 24)
- Re: How to properly finalize capture in a Wireshark extcap plugin? Graham Bloice (Nov 24)
- Re: How to properly finalize capture in a Wireshark extcap plugin? Timmy Brolin (Nov 24)
- Re: How to properly finalize capture in a Wireshark extcap plugin? Timmy Brolin (Nov 23)
- Re: How to properly finalize capture in a Wireshark extcap plugin? Dario Lombardo (Nov 23)