Do you mean to reimplement rpcapd on linux? On Fri, Oct 2, 2015 at 1:26 PM, Graham Bloice <graham.blo...@trihedral.com> wrote:
> Or look at rpcapd: > https://www.winpcap.org/docs/docs_40_2/html/group__remote.html > > On 2 October 2015 at 11:57, Roland Knall <rkn...@gmail.com> wrote: > >> Hi >> >> Would it not be easier to achieve this using an extcap interface? You can >> see the extcap_example in /doc as well as androiddump for examples. Such >> interfaces can be configured with a separate options dialog and are quite >> versatile, and most of all, it does not need you to change dumpcap in a way >> that it is still working across multiple systems. >> >> regards, >> Roland >> >> On Fri, Oct 2, 2015 at 12:35 PM, Dario Lombardo < >> dario.lombardo...@gmail.com> wrote: >> >>> Hi list >>> Remote capture is not currently supported by the current wireshark under >>> linux. This can be achieved by ssh + pipe like this >>> >>> ssh host 'dumpcap -i bla -w -' | wireshark >>> >>> that works flawlessly but is not very user friendly. From the "remote >>> interfaces" in linux it is stated that remote capture is not supported. >>> >>> So I decided to implement the above command programmatically, in order >>> to have a remote capture under linux too. >>> As far as I can see this task has to be split in 2 major tasks: adding a >>> remote ssh support to dumpcap, and add a dialog to handle those option in >>> the UIs. >>> >>> I started with the first task. Using libssh I created a connection to an >>> ssh server that writes to a temporary named pipe (it's a child), while the >>> "main" dumpcap reads as usual from that. All seems to work as expected. But >>> before going further on I'd like to share with you what I've done so far. I >>> pushed a draft change here >>> >>> https://code.wireshark.org/review/#/c/10740/ >>> >>> Some examples of use of this support >>> >>> dumpcap -i ssh://sshhost/eth0 >>> dumpcap -i ssh://sshhost:sshport/eth2 >>> dumpcap -i ssh://sshhost/eth0 --remote-dumpcap-bin /another/bin/dumpcap >>> dumpcap -i ssh://sshhost:ssh -A user:strongpassword -w >>> /tmp/sshhost-capture.pcap >>> >>> What still WIP: >>> - manual >>> - autotools >>> - nmake >>> >>> Comments, suggestions, ideas appreciated. I'd suggest to give specific >>> code comments on gerrit, and keep the generic discussion here. >>> Thanks for your help. >>> Dario. >>> >>> > > -- > Graham Bloice > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe