ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP>

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: James Ko <jim.list@xxxxxxxxxxx>
Date: Thu, 4 Oct 2018 20:02:31 +0000
We're not quite there yet.  Still waiting on review and merge in master first.

Thanks,
James

From: Wireshark-dev <wireshark-dev-bounces@xxxxxxxxxxxxx> on behalf of Peter Wu <peter@xxxxxxxxxxxxx>
Sent: Thursday, October 4, 2018 12:01
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP>
 
If you want to propose backporting a fix that is already merged in master, use the Cherry-Pick option in the web interface and select the master-2.6 branch as target.

Alternatively, checkout the master-2.6 branch locally and use the git cherry-pick -x COMMIT-ID command (with an appropriate COMMIT-ID) and push the resulting commit.

Kind regards,
Peter
https://lekensteyn.nl
(pardon my brevity, top-posting and formatting, sent from my phone)


On October 4, 2018 7:34:44 PM GMT+02:00, James Ko <jim.list@xxxxxxxxxxx> wrote:
>Thanks.  I've been a bit confused myself from a concussion.
>
>Any chance I can push for this fix to be reviewed and backported in
>time for the scheduled October 10 release of 2.6.4?
>
>James
>
>
>________________________________
>From: Wireshark-dev <wireshark-dev-bounces@xxxxxxxxxxxxx> on behalf of
>Graham Bloice <graham.bloice@xxxxxxxxxxxxx>
>Sent: Wednesday, October 3, 2018 11:03
>To: Developer support list for Wireshark
>Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP>
>
>
>
>On Wed, 3 Oct 2018 at 18:58, James Ko
><ko_2_73@xxxxxxxxxxx<mailto:ko_2_73@xxxxxxxxxxx>> wrote:
>Can I petition for this as a fix rather than a feature since the -i
>TCP@ works in the Linux builds but not in Windows?
>
>James
>
>
>Sure, as I replied, I was a bit too hasty (it's been a long day) and
>confused this change with another, to me it seems to be fix suitable
>for backport.
>
>________________________________
>From: Wireshark-dev
><wireshark-dev-bounces@xxxxxxxxxxxxx<mailto:wireshark-dev-bounces@xxxxxxxxxxxxx>>
>on behalf of Graham Bloice
><graham.bloice@xxxxxxxxxxxxx<mailto:graham.bloice@xxxxxxxxxxxxx>>
>Sent: Wednesday, October 3, 2018 10:38
>To: Developer support list for Wireshark
>Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP>
>
>Ignore my last, I was confusing the change with another.  The Release
>policy still applies though.
>On Wed, 3 Oct 2018 at 18:36, Graham Bloice
><graham.bloice@xxxxxxxxxxxxx<mailto:graham.bloice@xxxxxxxxxxxxx>>
>wrote:
>
>
>On Wed, 3 Oct 2018 at 18:31, James Ko
><ko_2_73@xxxxxxxxxxx<mailto:ko_2_73@xxxxxxxxxxx>> wrote:
>Just to follow up.  I created bug
>#15149<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149> and
>submitted a fix for review
>29894<https://code.wireshark.org/review/#/c/29894/> based on master.
>
>Do I need to create a separate patch if I need this included in the
>next 2.6.x release?
>
>
>Arguably this is a feature and so would not be a candidate for backport
>to 2.6.  See the Release Policy wiki page:
>https://wiki.wireshark.org/Development/ReleasePolicy
>
>Core devs handle the backport if there is one.
>
>James
>
>________________________________
>From: James Ko <jim.list@xxxxxxxxxxx<mailto:jim.list@xxxxxxxxxxx>>
>Sent: Wednesday, September 19, 2018 00:42
>To: Developer support list for Wireshark
>Subject: Re: Windows dumpcap -i TCP@<IP>
>
>Actually wireshark is not running on the Linux side and this is not
>using rpcap.
>
>I am using the TCP@ sockets stream support built in to dumpcap rather
>than extcap or rpcap.
>
>On the linux side I have a TCP server which generates PCAPNG data with
>SHB and IDB sent to any client connecting followed by EPBs.
>
>I have wireshark/dumpcap 2.6.2 on Windows and Linux (Ubuntu 18.04)
>clients.
>
>
>James
>
>
>
>From: Anders Broman
>Sent: Tuesday, September 18, 00:27
>Subject: Re: [Wireshark-dev] Windows dumpcap -i TCP@<IP>
>To: Developer support list for Wireshark
>
>
>What version of Wireshark and what Linux version on the remote side? I
>think some work has ben done on rpcap recently so trying out the
>development version
>is an option. https://www.wireshark.org/download/automated/win64/
>Regards
>Anders
>
>From: Wireshark-dev
><wireshark-dev-bounces@xxxxxxxxxxxxx<mailto:wireshark-dev-bounces@xxxxxxxxxxxxx>>
>On Behalf Of James Ko
>Sent: den 18 september 2018 02:22
>To: wireshark-dev@xxxxxxxxxxxxx<mailto:wireshark-dev@xxxxxxxxxxxxx>
>Subject: [Wireshark-dev] Windows dumpcap -i TCP@<IP>
>
>Hi,
>
>I am trying to connect to a remote PCAPNG stream from Windows using the
>TCP@ socket interface but the connection closes immediately after
>connecting.  The same dumpcap command on linux works just fine to the
>remote TCP socket.
>
>No errors indicating any failure are printed from dumpcap.exe
>C:\>"\Program Files\Wireshark\dumpcap.exe" -i
>[email protected]<mailto:[email protected]> -w -
>Capturing on '[email protected]<mailto:[email protected]>'
>dumcap:
>
>C:\>
>
>On the remote end running in linux I see a connect and disconnect with
>EPOLLHUP event.
>
>Has anyone else tried or have remote TCP socket connections working
>with dumpcap in Windows?
>
>James
>
>
>
>
>
>
>--
>Graham Bloice
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube