Wireshark · Wireshark-dev: Re: [Wireshark-dev] [Spam] to start capturing externally

[Phillip Paradis <phillip.paradis@xxxxxxxxxxxxxx>]

Title: Re: [Spam] [Wireshark-dev] to start capturing externally

If you simply need to capture to a file for later analysis, you could simply invoke tshark or dumpcap with the appropriate command-line options to start capturing, and either use the appropriate options to stop capturing after a certain time/amount, or simply kill the process (I would imagine SIGINTR would work on *nix, not sure how to semi-cleanly terminate under Win32; TerminateProcess would work, though pending writes might not flush correctly...)

If you absolutely need to start/stop the GUI Wireshark, you might simply locate the appropriate hWnd and post messages to it to simulate the necessary keystrokes/clicks. (This assumes you’re running Windows; if you’re on *nix of some sort, I presume X11 provides equivalent facilities, though I have no idea what they are or how to use them.)

--
Phil


On 6/13/07 9:43 PM, "Amit.Paliwal@xxxxxxxxxxxxxxx" <Amit.Paliwal@xxxxxxxxxxxxxxx> wrote:

Hi,

I want to write an external application or interface that will give commands like start capturing and stop capturing
to the wireshark.


can anyone please help me out in this as what all are the exported methods that i can call from my application
to start and stop capturing from there.

Thanks.
______________________________________________________________________

---

_______________________________________________ Wireshark-dev mailing list Wireshark-dev@xxxxxxxxxxxxx http://www.wireshark.org/mailman/listinfo/wireshark-dev