Wireshark can be run with command-line arguments. Maybe creating different batch files with all your configured command-line args will help you accomplish what you want? See the following for more details:
http://www.wireshark.org/docs/wsug_html/#ChCustCommandLine
http://www.wireshark.org/docs/man-pages/wireshark.html
As for your other questions,
http://www.wireshark.org/docs/wsug_html/#ChCustConfigProfilesSection is probably the best place to start. Once you have a profile created, set all your preferences, etc. how you want for that profile. As indicated in the user guide, invoke the profile by Edit -> Configuration Profiles (or CTRL-SHIFT-A) -> (make selection) -> OK, or by clicking on the Profile in the bottom right corner of the status bar, or by specifying the profile to use on the command-line. Interfaces are the same as any other preference. Change the default interface to be what you want for that profile. E.g., Edit -> Preferences -> Capture -> Default Interface -> (make selection) -> OK. Specify the profile you want first, then make all the options, preferences and other selections while that profile is active.
The only way I know to copy an existing profile is to do so outside of Wireshark by making a copy of the folder. To do that, go to %APPDATA%\Wireshark\Profiles\ either through the GUI or the command-line and copy the entire folder of interest. Once copied, the profile is immediately available in Wireshark for further customizing.
Hopefully this helps.
- Chris
P.S. Perhaps the wireshark-users mailing list is a better place for most of these questions? If after discussing this topic there you find some missing/incorrect functionality, then feel free to bring it to the developers' attention here. Thanks and good luck.
________________________________
From: wireshark-dev-bounces@xxxxxxxxxxxxx [wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Fred Marshall [fred@xxxxxxxxxxxxxxxxxxxxxxx]
Sent: Friday, April 09, 2010 12:41 PM
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] Profiles and Configurations
Chris Maynard's post sure pointed me to the right place it appears! Thanks for that.
But, after going through it carefully and trying things, I'm still confused about profiles and configurations and/or configuration profiles. It doesn't seem to be working very smoothly for me and that's surprising. I'll try to be as clear as possible:
1) I would like to establish, name and Save "sets of settings" (I presume that is a "profile"): interface to be used, filename, ring buffer, promiscuous, capture filter, etc. etc. (I see mention of a Configuration File but don't find such files anywhere - perhaps that's not important).
2) I would like to invoke one of these Saved sets to start a capture.
3) I would like to invoke one of these, make some changes and Save to a new one.
My perspective on a likely process would be:
1) Get Wireshark in a "state" of settings so that it's ready to capture in the manner desired.
Getting there would start by invoking a Saved state, or not, and making manual entries, etc.
2) Save the new "state" with a name so it can be recalled.
3) Invoke a saved state at any time except during a capture.
I'm not trying to reinvent the wheel here and much of what I've said above is likely "obvious" to more experienced users. But, my confusion is exactly about these kinds of steps.
- What is the recommended way to Save a Configuration Profile? How do you start? How do you end?
- What is the recommended way to invoke a Saved Configuration Profile?
- What is the relationship with Interfaces? It seems I can specify an interface and then pull up a profile so that the profile shows up in the status bar but it doesn't change the interface that matches the profile?????
Note that I'm using multiple interfaces and rather expect the interface to be part of the profile. But, maybe I'm wrong on this?
It's the proper sequence of events that seems to be eluding me or just understanding the intent of the design so I can make efficient use of it.
If I figure this out I'd likely contribute to the Wiki and/or Wishlist.
Thanks for your patience,
Fred
[snip]
CONFIDENTIALITY NOTICE: The contents of this email are confidential
and for the exclusive use of the intended recipient. If you receive this
email in error, please delete it from your system immediately and
notify us either by email, telephone or fax. You should not copy,
forward, or otherwise disclose the content of the email.
