Hi.
I've downloaded latest sources from SVN this morning and run the sequence
make distclean
make setup
make all
that proceeded without any errors. (build system Win7-x64, for more details see end of message)
However, Wireshark is not able to start a new capture from any interface. Instead, a dialog pops up with a dumpcap error message (see below).
It seems that Wireshark tries to start dumpcap using threads ("-t"), but dumpcap does not recognize this option. I've tracked down in source that there is a #define in dumpcap.c:
#ifdef USE_THREADS
#define OPTSTRING_t "t"
#else
#define OPTSTRING_t ""
#endif
So, two questions:
1.) how to tell the build system that "USE_THREADS" should be defined?
2.) should Wireshark start dumpcap without option "-t", if "USE_THREADS" isn't defined?
best regards
Mike
---------- dumpcap output ----------
Unknown message from dumpcap, try to show it as a string: D:\openSource\Wireshark_Source\wireshark-gtk2\dumpcap: illegal option -- t
Usage: dumpcap [options] ...
Capture interface:
-i <interface> name or idx of interface (def: first non-loopback)
-f <capture filter> packet filter in libpcap filter syntax
-s <snaplen> packet snapshot length (def: 65535)
-p don't capture in promiscuous mode
-B <buffer size> size of kernel buffer (def: 1MB)
-y <link type> link layer type (def: first appropriate)
-D print list of interfaces and exit
-L print list of link-layer types of iface and exit
-d print generated BPF code for capture filter
-S print statistics for each interface once per second
-M for -D, -L, and -S, produce machine-readable output
RPCAP options:
-r don't ignore own RPCAP traffic in capture
-u use UDP for RPCAP data transfer
-A <user>:<password> use RPCAP password authentication
-m <sampling type> use packet sampling
count:NUM - capture one packet of every NUM
timer:NUM - capture no more than 1 packet in NUM ms
Stop conditions:
-c <packet count> stop after n packets (def: infinite)
-a <autostop cond.> ... duration:NUM - stop after NUM seconds
filesize:NUM - stop this file after NUM KB
files:NUM - stop after NUM files
Output (files):
-w <filename> name of file to save (def: tempfile)
-g enable group read access on the output file(s)
-b <ringbuffer opt.> ... duration:NUM - switch to next file after NUM secs
filesize:NUM - switch to next file after NUM KB
files:NUM - ringbuffer: replace after NUM files
-n use pcapng format instead of pcap
Miscellaneous:
-t use a separate thread per interface
-q don't report packet capture counts
-v print version information and exit
-h display this help and exit
Example: dumpcap -i eth0 -a duration:60 -w output.pcap
"Capture network packets from interface eth0 until 60s passed into output.pcap"
Use Ctrl-C to stop capturing at any time.
---------- EOF dumpcap output ----------
---------- About Wireshark ----------
Version 1.7.1-AVL (SVN Rev 39772 from /trunk)
Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.22.1, with Cairo 1.10.2, with Pango 1.28.3, with
GLib 2.26.1, with WinPcap (version unknown), with libz 1.2.5, without POSIX
capabilities, with SMI 0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python,
with GnuTLS 2.10.3, with Gcrypt 1.4.6, without Kerberos, with GeoIP, with
PortAudio V19-devel (built Nov 9 2011), with AirPcap.
Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.10.3, Gcrypt 1.4.6, without AirPcap.
Built using Microsoft Visual C++ 9.0 build 21022
Wireshark is Open Source Software released under the GNU General Public License.
Check the man page and http://www.wireshark.org for more information.
---------- EOF About Wireshark ----------
