On Feb 4, 2009, at 10:25 AM, Joshua (Shiwei) Zhao wrote:

> Thanks for explaination! I'll try it out.
>
> Meanwhile, can we design a command like
>     tshark -stop XXXX  ?
> What's the difficulty there?

Well, the first difficulty is that "-stop" is equivalent to "-s -t -o -
p", so it'd have to be "--stop", and that would mean switching to
getopt_long() from getopt() in the argument parsing.  Not difficult,
but requires a little work.

On UN*X:

       The second difficulty is that "tshark --stop XXXX" wouldn't be
sufficient, unless "XXXX" was the PID of the tshark process in
question, in which case "kill -TERM XXXX" is equivalent, and it's not
entirely clear that it'd be worth the effort to do.

       If we add "--start XXXX", the next question would be whether tshark
would background itself or whether you'd have to background it
yourself or run "tshark --stop XXXX" from another terminal emulator or
login session.

       In either case, "--start XXXX", would have to write the PID of the
process to a file - "/tmp/XXXX", for example, and "tshark --stop XXXX"
would be equivalent to "kill -TERM `cat /tmp/XXXX`", and doing a
background tshark would be equivalent to "tshark {args} &" followed by
"echo $! >/tmp/XXXX".

       So much of this can be done relatively simply with existing commands.

On Windows:

       The second difficulty would be in determining how to send some
indication from one process to another that can asynchronously
interrupt the second process in such a way that lets it terminate
cleanly.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe