NAME

extcap - Extcap grammar elements

DESCRIPTION

Grammar elements:

arg (options)

argument for CLI calling

number

Reference # of argument for other values, display order

call

Literal argument to call (--call=...)

display

Displayed name

default

Default value, in proper form for type

range

Range of valid values for UI checking (min,max) in proper form

type

Argument type for UI filtering for raw, or UI type for selector:

    integer
    unsigned
    long (may include scientific / special notation)
    float
    selector (display selector table, all values as strings)
    boolean (display checkbox)
    radio (display group of radio buttons with provided values, all values as strings)
    fileselect (display a dialog to select a file from the filesystem, value as string)
    multicheck (display a textbox for selecting multiple options, values as strings)
value (options)
    Values for argument selection
    arg     Argument # this value applies to

EXAMPLES

Example 1:

    arg {number=0}{call=channel}{display=Wi-Fi Channel}{type=integer}
    arg {number=1}{call=chanflags}{display=Channel Flags}{type=radio}
    arg {number=2}{call=interface}{display=Interface}{type=selector}
    value {arg=0}{range=1,11}
    value {arg=1}{value=ht40p}{display=HT40+}
    value {arg=1}{value=ht40m}{display=HT40-}
    value {arg=1}{value=ht20}{display=HT20}
    value {arg=2}{value=wlan0}{display=wlan0}

Example 2:

    arg {number=0}{call=usbdevice}{USB Device}{type=selector}
    value {arg=0}{call=/dev/sysfs/usb/foo/123}{display=Ubertooth One sn 1234}
    value {arg=0}{call=/dev/sysfs/usb/foo/456}{display=Ubertooth One sn 8901}

Example 3:

    arg {number=0}{call=usbdevice}{USB Device}{type=selector}
    flag {failure=Permission denied opening Ubertooth device}

Security awareness

- Users running wireshark as root, we can't save you
- Dumpcap retains suid/setgid and group+x permissions to allow users in wireshark group only
- Third-party capture programs run w/ whatever privs they're installed with
- If an attacker can write to a system binary directory, we're game over anyhow
- Don't let wireshark be told to look for capture binaries somewhere else?

SEE ALSO

wireshark(1), tshark(1), dumpcap(1), androiddump(1)

NOTES

Extcap is feature of Wireshark. The latest version of Wireshark can be found at https://www.wireshark.org.

HTML versions of the Wireshark project man pages are available at: https://www.wireshark.org/docs/man-pages.