Wireshark mailing list archives

Re: Adding pcap-ng pipe support to dumpcap

From: Richard Sharpe <realrichardsharpe () gmail com>
Date: Tue, 29 Aug 2017 11:35:53 -0700

On Tue, Aug 29, 2017 at 10:50 AM, Ed Beroset <beroset () mindspring com> wrote:

On 06/16/2017 01:27 PM, Richard Sharpe wrote:


On Fri, Jun 16, 2017 at 9:36 AM, Kvidera, Evan D <EKvidera15 () winona edu>
wrote:


Hello Wireshark Devs,

My name is Evan Kvidera and I am a senior undergraduate student studying
Computer Science. I have a decent amount of programming experience, but
only
a little in C. My employer has asked me to try to add support for piping
pcap-ng captures to Wireshark.
I have read over the bug report requesting the feature,
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11370.

After reading the mailing list archives here,
https://www.mail-archive.com/wireshark-dev () wireshark org/msg33336.html,
it
looks like this addition will be nontrivial, but doable, and that the
changes necessary are all going to be in dumpcap.

I have at least a month or two of full-time work I can dedicate to this
if
necessary, although I am hoping it will not take that long.

I have read through the Wireshark Developer's Guide and looked over the
style guide for Wireshark. Is there anything else I should know before
starting development? I will try to develop this as independently as
possible, but I may have a few questions along the way.



Hi Evan,

I looked at this back in 2012 and even proposed a patch that might be
useful to you:

       http://seclists.org/wireshark/2012/May/25

No doubt it was a little too simplistic but if I find some time next
week while I am in Seattle I might try to resurrect it and see if it
works.



I've just encountered a need for this as well.  Have you made progress,
Evan?  Do you want some help?


Evan seems to have dropped off the radar. I outlined to Evan an
approach for doing this, so I could send it to Ed instead ...

-- 
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Re: Adding pcap-ng pipe support to dumpcap Ed Beroset (Aug 29)
- Re: Adding pcap-ng pipe support to dumpcap Richard Sharpe (Aug 29)
  - Re: Adding pcap-ng pipe support to dumpcap Ed Beroset (Aug 29)
    - Re: Adding pcap-ng pipe support to dumpcap Anders Broman (Aug 30)
    - Re: Adding pcap-ng pipe support to dumpcap Richard Sharpe (Aug 30)
    - Re: Adding pcap-ng pipe support to dumpcap Kvidera, Evan D (Aug 31)
- <Possible follow-ups>
- Re: Adding pcap-ng pipe support to dumpcap Stephen Donnelly (Aug 30)
  - Re: Adding pcap-ng pipe support to dumpcap Ed Beroset (Aug 30)
    - Re: Adding pcap-ng pipe support to dumpcap Guy Harris (Aug 30)
    - Re: Adding pcap-ng pipe support to dumpcap Ed Beroset (Aug 31)
    - Re: Adding pcap-ng pipe support to dumpcap Guy Harris (Aug 31)
    - Re: Adding pcap-ng pipe support to dumpcap Jeff Morriss (Aug 31)

(Thread continues...)