Re: [Wireshark-dev] Windows dumpcap -i TCP@
Thanks. I've been a bit confused myself from a concussion. Any chance I can push for this fix to be reviewed and backported in time for the scheduled October 10 release of 2.6.4? James From: Wireshark-dev on behalf of Graham Bloice Sent: Wednesday, October 3, 2018 11:03 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@ On Wed, 3 Oct 2018 at 18:58, James Ko mailto:ko_2...@hotmail.com>> wrote: Can I petition for this as a fix rather than a feature since the -i TCP@ works in the Linux builds but not in Windows? James Sure, as I replied, I was a bit too hasty (it's been a long day) and confused this change with another, to me it seems to be fix suitable for backport. From: Wireshark-dev mailto:wireshark-dev-boun...@wireshark.org>> on behalf of Graham Bloice mailto:graham.blo...@trihedral.com>> Sent: Wednesday, October 3, 2018 10:38 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@ Ignore my last, I was confusing the change with another. The Release policy still applies though. On Wed, 3 Oct 2018 at 18:36, Graham Bloice mailto:graham.blo...@trihedral.com>> wrote: On Wed, 3 Oct 2018 at 18:31, James Ko mailto:ko_2...@hotmail.com>> wrote: Just to follow up. I created bug #15149<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149> and submitted a fix for review 29894<https://code.wireshark.org/review/#/c/29894/> based on master. Do I need to create a separate patch if I need this included in the next 2.6.x release? Arguably this is a feature and so would not be a candidate for backport to 2.6. See the Release Policy wiki page: https://wiki.wireshark.org/Development/ReleasePolicy Core devs handle the backport if there is one. James From: James Ko mailto:jim.l...@hotmail.com>> Sent: Wednesday, September 19, 2018 00:42 To: Developer support list for Wireshark Subject: Re: Windows dumpcap -i TCP@ Actually wireshark is not running on the Linux side and this is not using rpcap. I am using the TCP@ sockets stream support built in to dumpcap rather than extcap or rpcap. On the linux side I have a TCP server which generates PCAPNG data with SHB and IDB sent to any client connecting followed by EPBs. I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04) clients. James From: Anders Broman Sent: Tuesday, September 18, 00:27 Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@ To: Developer support list for Wireshark What version of Wireshark and what Linux version on the remote side? I think some work has ben done on rpcap recently so trying out the development version is an option. https://www.wireshark.org/download/automated/win64/ Regards Anders From: Wireshark-dev mailto:wireshark-dev-boun...@wireshark.org>> On Behalf Of James Ko Sent: den 18 september 2018 02:22 To: wireshark-dev@wireshark.org<mailto:wireshark-dev@wireshark.org> Subject: [Wireshark-dev] Windows dumpcap -i TCP@ Hi, I am trying to connect to a remote PCAPNG stream from Windows using the TCP@ socket interface but the connection closes immediately after connecting. The same dumpcap command on linux works just fine to the remote TCP socket. No errors indicating any failure are printed from dumpcap.exe C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100<mailto:TCP@192.168.1.100> -w - Capturing on 'TCP@192.168.1.100<mailto:TCP@192.168.1.100>' dumcap: C:\> On the remote end running in linux I see a connect and disconnect with EPOLLHUP event. Has anyone else tried or have remote TCP socket connections working with dumpcap in Windows? James -- Graham Bloice ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Windows dumpcap -i TCP@
Can I petition for this as a fix rather than a feature since the -i TCP@ works in the Linux builds but not in Windows? James From: Wireshark-dev on behalf of Graham Bloice Sent: Wednesday, October 3, 2018 10:38 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@ Ignore my last, I was confusing the change with another. The Release policy still applies though. On Wed, 3 Oct 2018 at 18:36, Graham Bloice mailto:graham.blo...@trihedral.com>> wrote: On Wed, 3 Oct 2018 at 18:31, James Ko mailto:ko_2...@hotmail.com>> wrote: Just to follow up. I created bug #15149<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149> and submitted a fix for review 29894<https://code.wireshark.org/review/#/c/29894/> based on master. Do I need to create a separate patch if I need this included in the next 2.6.x release? Arguably this is a feature and so would not be a candidate for backport to 2.6. See the Release Policy wiki page: https://wiki.wireshark.org/Development/ReleasePolicy Core devs handle the backport if there is one. James From: James Ko mailto:jim.l...@hotmail.com>> Sent: Wednesday, September 19, 2018 00:42 To: Developer support list for Wireshark Subject: Re: Windows dumpcap -i TCP@ Actually wireshark is not running on the Linux side and this is not using rpcap. I am using the TCP@ sockets stream support built in to dumpcap rather than extcap or rpcap. On the linux side I have a TCP server which generates PCAPNG data with SHB and IDB sent to any client connecting followed by EPBs. I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04) clients. James From: Anders Broman Sent: Tuesday, September 18, 00:27 Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@ To: Developer support list for Wireshark What version of Wireshark and what Linux version on the remote side? I think some work has ben done on rpcap recently so trying out the development version is an option. https://www.wireshark.org/download/automated/win64/ Regards Anders From: Wireshark-dev mailto:wireshark-dev-boun...@wireshark.org>> On Behalf Of James Ko Sent: den 18 september 2018 02:22 To: wireshark-dev@wireshark.org<mailto:wireshark-dev@wireshark.org> Subject: [Wireshark-dev] Windows dumpcap -i TCP@ Hi, I am trying to connect to a remote PCAPNG stream from Windows using the TCP@ socket interface but the connection closes immediately after connecting. The same dumpcap command on linux works just fine to the remote TCP socket. No errors indicating any failure are printed from dumpcap.exe C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100<mailto:TCP@192.168.1.100> -w - Capturing on 'TCP@192.168.1.100<mailto:TCP@192.168.1.100>' dumcap: C:\> On the remote end running in linux I see a connect and disconnect with EPOLLHUP event. Has anyone else tried or have remote TCP socket connections working with dumpcap in Windows? James -- Graham Bloice -- Graham Bloice ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Windows dumpcap -i TCP@
Ignore my last, I was confusing the change with another. The Release policy still applies though. On Wed, 3 Oct 2018 at 18:36, Graham Bloice wrote: > > > On Wed, 3 Oct 2018 at 18:31, James Ko wrote: > >> Just to follow up. I created bug #15149 >> <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149> and >> submitted a fix for review 29894 >> <https://code.wireshark.org/review/#/c/29894/> based on master. >> >> Do I need to create a separate patch if I need this included in the next >> 2.6.x release? >> >> > Arguably this is a feature and so would not be a candidate for backport to > 2.6. See the Release Policy wiki page: > https://wiki.wireshark.org/Development/ReleasePolicy > > Core devs handle the backport if there is one. > > >> James >> >> -- >> *From:* James Ko >> *Sent:* Wednesday, September 19, 2018 00:42 >> *To:* Developer support list for Wireshark >> *Subject:* Re: Windows dumpcap -i TCP@ >> >> Actually wireshark is not running on the Linux side and this is not using >> rpcap. >> >> I am using the TCP@ sockets stream support built in to dumpcap rather >> than extcap or rpcap. >> >> On the linux side I have a TCP server which generates PCAPNG data with >> SHB and IDB sent to any client connecting followed by EPBs. >> >> I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04) >> clients. >> >> >> James >> >> >> >> From: Anders Broman >> Sent: Tuesday, September 18, 00:27 >> Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@ >> To: Developer support list for Wireshark >> >> >> What version of Wireshark and what Linux version on the remote side? I >> think some work has ben done on rpcap recently so trying out the >> development version >> is an option. https://www.wireshark.org/download/automated/win64/ >> Regards >> Anders >> >> *From:* Wireshark-dev *On Behalf >> Of * James Ko >> *Sent:* den 18 september 2018 02:22 >> *To:* wireshark-dev@wireshark.org >> *Subject:* [Wireshark-dev] Windows dumpcap -i TCP@ >> >> Hi, >> >> I am trying to connect to a remote PCAPNG stream from Windows using the >> TCP@ socket interface but the connection closes immediately after >> connecting. The same dumpcap command on linux works just fine to the >> remote TCP socket. >> >> No errors indicating any failure are printed from dumpcap.exe >> C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100 -w - >> Capturing on 'TCP@192.168.1.100' >> dumcap: >> >> C:\> >> >> On the remote end running in linux I see a connect and disconnect with >> EPOLLHUP event. >> >> Has anyone else tried or have remote TCP socket connections working with >> dumpcap in Windows? >> >> James >> >> >> >> > > -- > Graham Bloice > -- Graham Bloice ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Windows dumpcap -i TCP@
On Wed, 3 Oct 2018 at 18:31, James Ko wrote: > Just to follow up. I created bug #15149 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149> and submitted > a fix for review 29894 <https://code.wireshark.org/review/#/c/29894/> > based on master. > > Do I need to create a separate patch if I need this included in the next > 2.6.x release? > > Arguably this is a feature and so would not be a candidate for backport to 2.6. See the Release Policy wiki page: https://wiki.wireshark.org/Development/ReleasePolicy Core devs handle the backport if there is one. > James > > -- > *From:* James Ko > *Sent:* Wednesday, September 19, 2018 00:42 > *To:* Developer support list for Wireshark > *Subject:* Re: Windows dumpcap -i TCP@ > > Actually wireshark is not running on the Linux side and this is not using > rpcap. > > I am using the TCP@ sockets stream support built in to dumpcap rather > than extcap or rpcap. > > On the linux side I have a TCP server which generates PCAPNG data with SHB > and IDB sent to any client connecting followed by EPBs. > > I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04) > clients. > > > James > > > > From: Anders Broman > Sent: Tuesday, September 18, 00:27 > Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@ > To: Developer support list for Wireshark > > > What version of Wireshark and what Linux version on the remote side? I > think some work has ben done on rpcap recently so trying out the > development version > is an option. https://www.wireshark.org/download/automated/win64/ > Regards > Anders > > *From:* Wireshark-dev *On Behalf Of > * James Ko > *Sent:* den 18 september 2018 02:22 > *To:* wireshark-dev@wireshark.org > *Subject:* [Wireshark-dev] Windows dumpcap -i TCP@ > > Hi, > > I am trying to connect to a remote PCAPNG stream from Windows using the > TCP@ socket interface but the connection closes immediately after > connecting. The same dumpcap command on linux works just fine to the > remote TCP socket. > > No errors indicating any failure are printed from dumpcap.exe > C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100 -w - > Capturing on 'TCP@192.168.1.100' > dumcap: > > C:\> > > On the remote end running in linux I see a connect and disconnect with > EPOLLHUP event. > > Has anyone else tried or have remote TCP socket connections working with > dumpcap in Windows? > > James > > > > -- Graham Bloice ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Windows dumpcap -i TCP@
Just to follow up. I created bug #15149<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149> and submitted a fix for review 29894<https://code.wireshark.org/review/#/c/29894/> based on master. Do I need to create a separate patch if I need this included in the next 2.6.x release? James From: James Ko Sent: Wednesday, September 19, 2018 00:42 To: Developer support list for Wireshark Subject: Re: Windows dumpcap -i TCP@ Actually wireshark is not running on the Linux side and this is not using rpcap. I am using the TCP@ sockets stream support built in to dumpcap rather than extcap or rpcap. On the linux side I have a TCP server which generates PCAPNG data with SHB and IDB sent to any client connecting followed by EPBs. I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04) clients. James From: Anders Broman Sent: Tuesday, September 18, 00:27 Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@ To: Developer support list for Wireshark What version of Wireshark and what Linux version on the remote side? I think some work has ben done on rpcap recently so trying out the development version is an option. https://www.wireshark.org/download/automated/win64/ Regards Anders From: Wireshark-dev On Behalf Of James Ko Sent: den 18 september 2018 02:22 To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] Windows dumpcap -i TCP@ Hi, I am trying to connect to a remote PCAPNG stream from Windows using the TCP@ socket interface but the connection closes immediately after connecting. The same dumpcap command on linux works just fine to the remote TCP socket. No errors indicating any failure are printed from dumpcap.exe C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100<mailto:TCP@192.168.1.100> -w - Capturing on 'TCP@192.168.1.100' dumcap: C:\> On the remote end running in linux I see a connect and disconnect with EPOLLHUP event. Has anyone else tried or have remote TCP socket connections working with dumpcap in Windows? James ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Windows dumpcap -i TCP@
Actually wireshark is not running on the Linux side and this is not using rpcap. I am using the TCP@ sockets stream support built in to dumpcap rather than extcap or rpcap. On the linux side I have a TCP server which generates PCAPNG data with SHB and IDB sent to any client connecting followed by EPBs. I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04) clients. James From: Anders Broman Sent: Tuesday, September 18, 00:27 Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@ To: Developer support list for Wireshark What version of Wireshark and what Linux version on the remote side? I think some work has ben done on rpcap recently so trying out the development version is an option. https://www.wireshark.org/download/automated/win64/ Regards Anders From: Wireshark-dev On Behalf Of James Ko Sent: den 18 september 2018 02:22 To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] Windows dumpcap -i TCP@ Hi, I am trying to connect to a remote PCAPNG stream from Windows using the TCP@ socket interface but the connection closes immediately after connecting. The same dumpcap command on linux works just fine to the remote TCP socket. No errors indicating any failure are printed from dumpcap.exe C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100<mailto:TCP@192.168.1.100> -w - Capturing on 'TCP@192.168.1.100' dumcap: C:\> On the remote end running in linux I see a connect and disconnect with EPOLLHUP event. Has anyone else tried or have remote TCP socket connections working with dumpcap in Windows? James ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Windows dumpcap -i TCP@
What version of Wireshark and what Linux version on the remote side? I think some work has ben done on rpcap recently so trying out the development version is an option. https://www.wireshark.org/download/automated/win64/ Regards Anders From: Wireshark-dev On Behalf Of James Ko Sent: den 18 september 2018 02:22 To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] Windows dumpcap -i TCP@ Hi, I am trying to connect to a remote PCAPNG stream from Windows using the TCP@ socket interface but the connection closes immediately after connecting. The same dumpcap command on linux works just fine to the remote TCP socket. No errors indicating any failure are printed from dumpcap.exe C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100<mailto:TCP@192.168.1.100> -w - Capturing on 'TCP@192.168.1.100' dumcap: C:\> On the remote end running in linux I see a connect and disconnect with EPOLLHUP event. Has anyone else tried or have remote TCP socket connections working with dumpcap in Windows? James ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Windows dumpcap -i TCP@
Hi, I am trying to connect to a remote PCAPNG stream from Windows using the TCP@ socket interface but the connection closes immediately after connecting. The same dumpcap command on linux works just fine to the remote TCP socket. No errors indicating any failure are printed from dumpcap.exe C:\>"\Program Files\Wireshark\dumpcap.exe" -i TCP@192.168.1.100 -w - Capturing on 'TCP@192.168.1.100' dumcap: C:\> On the remote end running in linux I see a connect and disconnect with EPOLLHUP event. Has anyone else tried or have remote TCP socket connections working with dumpcap in Windows? James ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
