Re: Rev 38350 Capture Options Changes - Named Pipe?

[Joerg Mayer <jmayer () loplof de>]

On Thu, Aug 11, 2011 at 07:41:25PM -0700, Guy Harris wrote:
> On Aug 11, 2011, at 6:00 AM, Joerg Mayer wrote:
>
> > While everyone seems to be adding their wishes, now that someone is actually
> > is working on that code: Would it make sense to add a button (or whatever)
> > to scan for newly created/activated interfaces? When I'm running Wireshark
> > and add a new interface (I'm on Linux and run e.g. "iw dev wlan0 interface add
> > mon0 type monitor" + "ifconfig mon0 up"
>
> Actually, in that case, if Wireshark is using libpcap 1.1.0 or later, selecting wlan0 and checking the monitor mode 
> checkbox should cause Wireshark to tell libpcap to do all that for you (by telling it to capture in monitor mode).

I'm running libpcap version 1.3.0-PRE-GIT_2011_07_06 (including the remote pcap
patch).

> > or just up an interface that was down,
> > I need to restart Wireshark for the new interface to be detected.
>
> That sounds like a bug - it shouldn't be caching the interface list in Wireshark forever; at least if you open a new 
> "Capture Options" dialog, it should re-run dumpcap to get the interface list again.
>
> It won't update the interface list on the welcome page...

It doesn't work for me on neither welcome page nor capture options page - it does
work on the interface list page - so it looks like a wireshark buglet.

> > Checking
> > for new interfaces at runtime
>
> ...but I'll see whether adding an API to libpcap to provide a way to be notified when new interfaces appear is 
> possible.  (It's going to be platform-dependent - there's probably something in Linux to do it, maybe netlink, it'd 
> probably be done in Mac OS X with the System Configuration framework, etc..)
>
> > or be shown also interfaces that are admin down would be a nice to have :-)
>
> If it's not showing them to you, it's probably not possible to capture on them; what happens if you try to run 
> tcpdump or dumpcap on them?  On OS X Snow Leopard, at least:
[...]
> BPF won't let you bind to a device that's not up; I'd have to look at other BPF implementations to see if they impose 
> similar restrictions.  I also tried it on my Ubuntu 9.10 virtual machine, and, after configuring an interface down, I 
> got the same error (ENETDOWN in both cases).

OK, that was easy to misunderstand:
If I'm on wlan0 I normally have my eth0 admin down. In order to capture on eth0
I need to ifconfig eth0 up first. I'd like to see the Interface listed and then
have libpcap do the ifconifg <int> up for me.

 Thanks!
     Joerg
-- 
Joerg Mayer                                           <jmayer () loplof de>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe