Re: [Wireshark-dev] read/write capture comments from the command line
Thus wrote Guy Harris (g...@alum.mit.edu): Sounds like a job for capinfos. You're right, that's where it should go. And for capinfos, the cmdline options don't have to be aligned with wireshark/tshark/dumpcap ;-) (I assume by capture file comment you mean the comment in the first Section Header Block in a pcap-ng file, rather than the comments on packets.) Yes. I uploaded my patch to https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8574 Shouldn't be contentious. I'll check it in tomorrow or so unless someone complains. (I couldn't get capinfos to compile with USE_GOPTION defined but that's a different story...) ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] read/write capture comments from the command line
Sadly, -j is already taken for Wireshark, so you couldn't run Wireshark from the command line with -j, unless we go with either getopt_long() (pulling in a version from GNU libc for platforms that don't have it in the system library) or with g_option: I suggest using the glib functions. Otherwise we would just add more code to Wireshark and related tools for no real benefit. -- --- Dirk Jagdmann http://cubic.org/~doj - http://llg.cubic.org ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] read/write capture comments from the command line
Dirk Jagdmann skrev 2013-04-08 23:29: Sadly, -j is already taken for Wireshark, so you couldn't run Wireshark from the command line with -j, unless we go with either getopt_long() (pulling in a version from GNU libc for platforms that don't have it in the system library) or with g_option: I suggest using the glib functions. Otherwise we would just add more code to Wireshark and related tools for no real benefit. I think we have getopt_long already http://anonsvn.wireshark.org/viewvc?view=revisionrevision=41926 ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] read/write capture comments from the command line
On Apr 8, 2013, at 3:02 PM, Anders Broman a.bro...@bredband.net wrote: I think we have getopt_long already http://anonsvn.wireshark.org/viewvc?view=revisionrevision=41926 We do, so we have it available on both platforms that have it (most UN*Xes, these days) and platforms that don't (Windows, which has neither getopt() nor getopt_long(), and perhaps some current UN*Xes and older versions of other UN*Xes). We're not using it, however; did you check that in for future use, and did you have any future use in mind? ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] read/write capture comments from the command line
Guy Harris skrev 2013-04-09 00:32: On Apr 8, 2013, at 3:02 PM, Anders Broman a.bro...@bredband.net wrote: I think we have getopt_long already http://anonsvn.wireshark.org/viewvc?view=revisionrevision=41926 We do, so we have it available on both platforms that have it (most UN*Xes, these days) and platforms that don't (Windows, which has neither getopt() nor getopt_long(), and perhaps some current UN*Xes and older versions of other UN*Xes). We're not using it, however; did you check that in for future use, and did you have any future use in mind? I think it was added in conjunction with looking at https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2473 at the time I think there were discussion about using long options for various stuff. I just added it so we would have all options open as I didn't quite like the glib implementation for some reason I don't quite remember now. Regards Anders ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] read/write capture comments from the command line
On Apr 4, 2013, at 12:06 PM, Martin Kaiser li...@kaiser.cx wrote: I was asked by some people about access to capture comments from the command line tools. We identified two use cases - You have a capture file and want to display its capture file comment. Nothing but the comment, no packets etc. Sounds like a job for capinfos. (I assume by capture file comment you mean the comment in the first Section Header Block in a pcap-ng file, rather than the comments on packets.) - You start a capture from the command line and want to insert a comment into the newly created file. The reading should be an option to tshark (display the capture file comment and exit). ...or part of capinfos. I'm not sure operations that don't involve looking at any packets belong in tshark. For writing, I added a switch -j new comment to both tshark and dumpcap. Sadly, -j is already taken for Wireshark, so you couldn't run Wireshark from the command line with -j, unless we go with either getopt_long() (pulling in a version from GNU libc for platforms that don't have it in the system library) or with g_option: https://developer.gnome.org/glib/stable/glib-Commandline-option-parser.html and perhaps gtk_init_with_args(): https://developer.gnome.org/gtk2/stable/gtk2-General.html#gtk-init-with-args so that we can have long arguments (rather than digging around for unused letters for every new option) and let at least the long version of the argument be the same for TShark and Wireshark and dumpcap if they apply to two or more of them. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] read/write capture comments from the command line
Dear all, I was asked by some people about access to capture comments from the command line tools. We identified two use cases - You have a capture file and want to display its capture file comment. Nothing but the comment, no packets etc. - You start a capture from the command line and want to insert a comment into the newly created file. The reading should be an option to tshark (display the capture file comment and exit). Tshark would need a copy of cf_read_shb_comment() or a way to share it with file.c. For writing, I added a switch -j new comment to both tshark and dumpcap. It turned out that things are most simple if I add a new field initial_capture_comment to the capture_options structure. Tshark can pass the comment to dumpcap via sync_pipe_start() and dumpcap writes the SHB. I have something basic that's working. Probably, a lot of plausibility checks for the parameters are missing. E.g. supplying a comment only makes sense if we capture into one pcapng file. What do you think: Do these use cases and the approach make sense to you? And what letters should be used for the option? I know you've been cleaning up the parameters lately ;-) Best regards, Martin ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
