Wireshark · Ethereal-users: Re: [Ethereal-users] Tethereal can, Ethereal cannot

Ethereal-users: Re: [Ethereal-users] Tethereal can, Ethereal cannot

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <gharris@xxxxxxxxx>

Date: Thu, 19 May 2005 12:12:03 -0700

Ulf Lamping wrote:

I'll take a look on my debian box, so could someone explain (or point
me to info) how to use the pipe "mode"


Create the FIFO file with

	mkfifo /tmp/pipe

(really old UN*Xes might require "mknod p /tmp/pipe", but I don't knowwhether there are any interesting UN*Xes left that don't have "mkfifo").


Start up Ethereal capturing from a "device" named "/tmp/pipe".

Start up some process that writes a libpcap-format file (e.g., tcpdumpwriting to the file with "-w"), and have it write to "/tmp/pipe".

Is this all about reading from a pipe, capturing from a pipe or even both?

It's about capturing from a pipe; we don't currently support readingfrom a pipe (Wiretap requires the ability to re-read input, so it cantry reading the file as multiple file types; doing our own bufferingmight let us "seek backwards" by re-reading the buffered data).

References:
- Re: [Ethereal-users] Tethereal can, Ethereal cannot
  - From: Ulf Lamping

Prev by Date: [Ethereal-users] looking for ethereal test plan
Next by Date: Re: [Ethereal-users] Capture filter for MSN Messenger traffic
Previous by thread: Re: [Ethereal-users] Tethereal can, Ethereal cannot
Next by thread: [Ethereal-users] RE: [Ethereal-dev] G729 Silence
Index(es):
- Date
- Thread