Hi Would it not be easier to achieve this using an extcap interface? You can see the extcap_example in /doc as well as androiddump for examples. Such interfaces can be configured with a separate options dialog and are quite versatile, and most of all, it does not need you to change dumpcap in a way that it is still working across multiple systems.
regards, Roland On Fri, Oct 2, 2015 at 12:35 PM, Dario Lombardo <dario.lombardo...@gmail.com > wrote: > Hi list > Remote capture is not currently supported by the current wireshark under > linux. This can be achieved by ssh + pipe like this > > ssh host 'dumpcap -i bla -w -' | wireshark > > that works flawlessly but is not very user friendly. From the "remote > interfaces" in linux it is stated that remote capture is not supported. > > So I decided to implement the above command programmatically, in order to > have a remote capture under linux too. > As far as I can see this task has to be split in 2 major tasks: adding a > remote ssh support to dumpcap, and add a dialog to handle those option in > the UIs. > > I started with the first task. Using libssh I created a connection to an > ssh server that writes to a temporary named pipe (it's a child), while the > "main" dumpcap reads as usual from that. All seems to work as expected. But > before going further on I'd like to share with you what I've done so far. I > pushed a draft change here > > https://code.wireshark.org/review/#/c/10740/ > > Some examples of use of this support > > dumpcap -i ssh://sshhost/eth0 > dumpcap -i ssh://sshhost:sshport/eth2 > dumpcap -i ssh://sshhost/eth0 --remote-dumpcap-bin /another/bin/dumpcap > dumpcap -i ssh://sshhost:ssh -A user:strongpassword -w > /tmp/sshhost-capture.pcap > > What still WIP: > - manual > - autotools > - nmake > > Comments, suggestions, ideas appreciated. I'd suggest to give specific > code comments on gerrit, and keep the generic discussion here. > Thanks for your help. > Dario. > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
