Wireshark mailing list archives

Re: Cannot get external capture (extcap) interface to work with my new plugin.

From: Roland Knall <rknall () gmail com>
Date: Sun, 30 Dec 2018 18:18:27 +0100

Hi

Have you properly closed the pipe after sending the packets? It looks more
like an issue in flushing the pipe, then a code error. tshark handles this
a little bit different then wireshark, so that might be the reason, why it
did work on the CLI.

Try flushing the pipe immediately after every packet. Otherwise, without
the code nothing much can be said.

kind regards
Roland

Am So., 30. Dez. 2018 um 17:39 Uhr schrieb hdv <henri.de.veer () gmail com>:

Hello,

I'm developing a new extcap interface as described in chapter 8.2.1 of the
developers guide. The goal is to implement a plugin so I can directly
attach it to a CAN bus sniffing device called "AnaGate CAN" (see
http://www.anagate.de/)

Until now all went well, I can see my new interface in the main wireshark
window, select it, all choose all options etc.

I just implemented 2 dummy packets in my plugin before I continue to
access the real target hardware (to avoid the hassle of setting up a
working CAN network). The intention is to check if the interface is correct
between my program and the main wireshark code.

When running my capture interface as follow:

extcap\anagate.exe  --host=192.168.2.51 --port=5001 --fifo=myfifo --capture

I nicely get a file (in libpcap format)  "myfifo" with a header and 2 CAN
bus packets, which I can open in wireshark and show me the correct
content.  (See attached file)

But when I start the capture from wireshark itself no packets are shown
and no errors at all. The status bar says "Life capture in progress" and at
the right "No Packets".

When running it via tshark with: tshark -i 4   It does return the 2
packets. So that is weird.

P.S. The random packet generator plugin does work, so the core wireshark
code does not look broken.

So what is going on here? Any pointers on how to debug this in the core
wireshark code.

Can anyone give me an advice how to proceed?

Thanks,

Henri


Wireshark version build:

Version 2.9.0 (v2.9.0rc0-990-g27a1906c)

Copyright 1998-2018 Gerald Combs <gerald () wireshark org>
<gerald () wireshark org> and contributors. License GPLv2+: GNU GPL version
2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free
software; see the source for copying conditions. There is NO warranty; not
even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.11.1, with WinPcap (4_1_3), with GLib 2.52.2,
with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with
GnuTLS 3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with MaxMind DB
resolver, with nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.4,
with QtMultimedia, with AirPcap, with SBC, with SpanDSP, with bcg729.

Running on 64-bit Windows 8.1, build 9600, with Intel(R) Core(TM)
i7-3632QM CPU @ 2.20GHz (with SSE4.2), with 8084 MB of physical memory,
with locale Dutch_Netherlands.1252, with WinPcap version 4.1.3 (packet.dll
version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b
(20091008), with GnuTLS 3.4.11, with Gcrypt 1.7.6, with AirPcap 4.1.0 build
1622, binary plugins supported (14 loaded). Built using Microsoft Visual
C++ 14.0 build 24215


<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> 
Virusvrij.
www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient>
<#m_9187531828630989062_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Cannot get external capture (extcap) interface to work with my new plugin. hdv (Dec 30)
- Re: Cannot get external capture (extcap) interface to work with my new plugin. Roland Knall (Dec 30)