https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15248
Bug ID: 15248
Summary: Tshark piping output in a cmd or powershell prompt
stops working when GeoIP is enabled
Product: Wireshark
Version: 2.6.4
Hardware: x86-64
OS: Windows 10
Status: UNCONFIRMED
Severity: Normal
Priority: Low
Component: TShark
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Build Information:
Version 2.6.4 (v2.6.4-0-g29d48ec8)
Copyright 1998-2018 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software;
see the source for copying conditions. There is NO warranty; not even for
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with Qt 5.9.5, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS
3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with MaxMind DB resolver, with
nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia,
with AirPcap, with SBC, with SpanDSP, with bcg729.
Running on 64-bit Windows 10, build 17134, with Intel(R) Core(TM) i7-7600U CPU
@ 2.80GHz (with SSE4.2), with 32647 MB of physical memory, with locale
German_Germany.1252, with WinPcap version 4.1.3 (packet.dll version
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with
GnuTLS 3.4.11, with Gcrypt 1.7.6, without AirPcap, binary plugins supported (14
loaded). Built using Microsoft Visual C++ 14.12 build 25835
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
Reproduce:
1. Configure Wireshark to NOT use GeoIP database (rename the directory
containing the maxmind dbs, do not remove the configuration inside wireshark)
2. Reboot Windows
3. Launch cmd.exe
4. with an arbitrary capture file run 'tshark -r file.pcap -Tfields -e
frame.len' which should work
5. Run 'tshark -r file.pcap -Tfields -e frame.len | sort' which should work
6. Rename the MaxMind DB directory to match the configured name inside
Wireshark prefs
7. Start Wireshark GUI, open any capture file and verify that GeoIP lookups
work
8. Go back to the cmd.exe and repeat the following commands:
9. 'tshark -r file.pcap -Tfields -e frame.len' which should work
10. 'tshark -r file.pcap -Tfields -e frame.len | sort ' which should Break and
halt without any output or return to command prompt
Check process list for mmdbresolve.exe -> once you kill all of them the CLI
should return to prompt
--
You are receiving this mail because:
You are watching all bug changes.___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <[email protected]>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:[email protected]?subject=unsubscribe
