Wireshark-dev: Re: [Wireshark-dev] Using pipes on Windows
Date: Fri, 15 Jun 2007 06:42:16 +0200
Yes, the script works. Thank you.

> [email protected] wrote:
> > Hi everyone.
> > 
> > I am currently working with Wireshark 0.99.5.
> > 
> > I know that it is possible on Unix machines to let 
> Wireshark read from a pipe. I am not really sure if it is 
> possible on Windows.
> > 
> > For this reason I tried the following (of course I wrote a 
> bit source code):
> > 
> > - let wireshark capture from stdin:      Wireshark.exe -k -i -
> > - let dumpcap write the file to stdout:  dumpcap -i3 -w -
> > - create a Pipe with CreatePipe and when creating the processes, 
> > dumpcap gets the write handle and wireshark the read handle of that 
> > pipe as the corresponding output/input handles
> > 
> > It works partly, but not completely:
> > - Wireshark gets started and listens on the standard input
> > - dumpcap gets started and writes to the standard output. It also 
> > receives packets and flushes them to pipe
> > - when wireshark is processing the timer callback, it 
> cannot find any 
> > data in the pipe
> > 
> > I can see the same effect if I use a named pipe like 
> \\.\pipe\mypipe (with the code enabled in capture_loop.c and 
> rebuild Wireshark).
> > 
> > If anyone succeeded in using pipes on Windows (no matter if 
> named or not) could you please give me the source code? Or is 
> that just impossible because of the sources? I cannot clearly 
> say if this should work or not.
> 
> Wireshark reads data from dumpcap internally using CreatePipe():
> http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/capture_sync.c
> 
> Named pipes work on my test machine using the attached script.
>