Re: [Wireshark-dev] How to troubleshoot extcap applications?
Hi Roland, > Could we additionally add a note to README.extcap? Just in case, some > external extcap tools sumble across this as well? I think there is no README.extcap. There is just extcap.adoc, but it is about application, not about code/API. BTW I'm missing it. Or do you think any other specific document? > Also, one more thing, have you tested with tshark only or also using qt? > Qt in general redirects all std... pipes, which should not matter as we > are started through dumpcap. I tested it with Wireshark/Qt. I can retest it with tshark too, good point. > Also, please test on Windows, as it behaves a little different from > Linux/mac in the case of pipes/standard pipes I tested my try on Windows, but plan is to retest it on all three platforms (Linux/Mac/Windows) before merge. Best regards, Jirka ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] How to troubleshoot extcap applications?
This is almost certainly my fault when integrating extcap with wslog. Thanks for looking into it. I'm not sure disabling every message to stderr is a good idea. The problem space is the same as with dumpcap and that already works seamlessly. But for now muting stderr with extcap --debug is probably good enough and I can look into it later, if you prefer. On 01/12/21 13:18, Jirka Novak wrote: Hi, I noticed issue below and I propose a solution for it. Can I ask for comments? Every extcap tool has --debug and --debug-file options, but when they are used, it do "nothing". File is created, but it is empty. Later I found that it must be used with --log-level=debug to really log messages. The issue is that when you increase --log-level, it logs to console (STDERR). So when extcap is started from Wireshark, it mixes log output with packet data and wireshark gets confused and I found no way how to make it operational. In other words you can't use debug of extcap from Wireshark. In code I found that the reason is that wsutils/wscode.c writes every message to STDERR. If application registers additional file, it is copied to it too, but output to STDERR is made in every case. Applications can replace default writer to STDERR, but no extcap do it. My proposal is to modify extcap/extcap-base.c: 1) When --debug is used, set log level to debug so you don't have to add --log-level 2) If --log-file used, register custom log writer with ws_log_init_with_writer() which will discard all messages so just write to file will be made. 3) Update log init in every extcap Change is quite simple, but involves all extcaps. I already tested it and it works. I'm just not sure every extcap. I'm ready to prepare patch. Best regards, Jirka ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] How to troubleshoot extcap applications?
Could we additionally add a note to README.extcap? Just in case, some external extcap tools sumble across this as well? Also, one more thing, have you tested with tshark only or also using qt? Qt in general redirects all std... pipes, which should not matter as we are started through dumpcap. Also, please test on Windows, as it behaves a little different from Linux/mac in the case of pipes/standard pipes Change is fine by me regards Roland Am Mi., 1. Dez. 2021 um 14:36 Uhr schrieb Dario Lombardo : > I'm ok with this change. I can give you direct support for the extcaps I > wrote (sshdump/ciscodump, udpdump, randpktdump), and do my best with the > others. > > On Wed, Dec 1, 2021 at 2:18 PM Jirka Novak wrote: > >> Hi, >> >> I noticed issue below and I propose a solution for it. Can I ask for >> comments? >> >> Every extcap tool has --debug and --debug-file options, but when they >> are used, it do "nothing". File is created, but it is empty. >> Later I found that it must be used with --log-level=debug to really >> log messages. >> The issue is that when you increase --log-level, it logs to console >> (STDERR). So when extcap is started from Wireshark, it mixes log output >> with packet data and wireshark gets confused and I found no way how to >> make it operational. >> In other words you can't use debug of extcap from Wireshark. >> >> In code I found that the reason is that wsutils/wscode.c writes every >> message to STDERR. If application registers additional file, it is >> copied to it too, but output to STDERR is made in every case. >> Applications can replace default writer to STDERR, but no extcap do it. >> >> My proposal is to modify extcap/extcap-base.c: >> 1) When --debug is used, set log level to debug so you don't have to add >> --log-level >> 2) If --log-file used, register custom log writer with >> ws_log_init_with_writer() which will discard all messages so just write >> to file will be made. >> 3) Update log init in every extcap >> >> Change is quite simple, but involves all extcaps. I already tested it >> and it works. I'm just not sure every extcap. >> I'm ready to prepare patch. >> >> Best regards, >> >> Jirka >> >> ___ >> Sent via:Wireshark-dev mailing list >> Archives:https://www.wireshark.org/lists/wireshark-dev >> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev >> mailto:wireshark-dev-requ...@wireshark.org >> ?subject=unsubscribe >> > > > -- > > Naima is online. > > ___ > Sent via:Wireshark-dev mailing list > Archives:https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe > ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] How to troubleshoot extcap applications?
I'm ok with this change. I can give you direct support for the extcaps I wrote (sshdump/ciscodump, udpdump, randpktdump), and do my best with the others. On Wed, Dec 1, 2021 at 2:18 PM Jirka Novak wrote: > Hi, > > I noticed issue below and I propose a solution for it. Can I ask for > comments? > > Every extcap tool has --debug and --debug-file options, but when they > are used, it do "nothing". File is created, but it is empty. > Later I found that it must be used with --log-level=debug to really > log messages. > The issue is that when you increase --log-level, it logs to console > (STDERR). So when extcap is started from Wireshark, it mixes log output > with packet data and wireshark gets confused and I found no way how to > make it operational. > In other words you can't use debug of extcap from Wireshark. > > In code I found that the reason is that wsutils/wscode.c writes every > message to STDERR. If application registers additional file, it is > copied to it too, but output to STDERR is made in every case. > Applications can replace default writer to STDERR, but no extcap do it. > > My proposal is to modify extcap/extcap-base.c: > 1) When --debug is used, set log level to debug so you don't have to add > --log-level > 2) If --log-file used, register custom log writer with > ws_log_init_with_writer() which will discard all messages so just write > to file will be made. > 3) Update log init in every extcap > > Change is quite simple, but involves all extcaps. I already tested it > and it works. I'm just not sure every extcap. > I'm ready to prepare patch. > > Best regards, > > Jirka > ___ > Sent via:Wireshark-dev mailing list > Archives:https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe > -- Naima is online. ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] How to troubleshoot extcap applications?
Hi, I noticed issue below and I propose a solution for it. Can I ask for comments? Every extcap tool has --debug and --debug-file options, but when they are used, it do "nothing". File is created, but it is empty. Later I found that it must be used with --log-level=debug to really log messages. The issue is that when you increase --log-level, it logs to console (STDERR). So when extcap is started from Wireshark, it mixes log output with packet data and wireshark gets confused and I found no way how to make it operational. In other words you can't use debug of extcap from Wireshark. In code I found that the reason is that wsutils/wscode.c writes every message to STDERR. If application registers additional file, it is copied to it too, but output to STDERR is made in every case. Applications can replace default writer to STDERR, but no extcap do it. My proposal is to modify extcap/extcap-base.c: 1) When --debug is used, set log level to debug so you don't have to add --log-level 2) If --log-file used, register custom log writer with ws_log_init_with_writer() which will discard all messages so just write to file will be made. 3) Update log init in every extcap Change is quite simple, but involves all extcaps. I already tested it and it works. I'm just not sure every extcap. I'm ready to prepare patch. Best regards, Jirka ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe