| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2019-01-28 | extcap: add ssh-dumpcap example | Peter Wu | 1 | -0/+108 | |
| Based on ssh-tcpdump, but uses dumpcap and supports specifying the hostname and interface through capture options. Should probably integrate that with ssh-tcpdump, but I quickly needed something working. Known issues: - On exit Wireshark assumes that stderr is an error. - dumpcap does not exit on the remote server, tracked by https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14431 - Stopping a capture, killing dumpcap and starting a capture again results in a corrupted dissection (interpreted as ERF). The pcapng file on the filesystem is ok, it is just a GUI problem. Tested with Wireshark v2.9.1rc0-558-geec3ce3bb2. | |||||
| 2016-09-24 | extcap/ssh-tcpdump: example remote tcpdump | Peter Wu | 1 | -0/+124 | |
| Requires Python 3.4, but it can be adapted for older versions. It demonstrates how "easy" it is to capture remotely over SSH when only tcpdump is installed without dumpcap (in that case you could use sshdump). Note that on stopping/restarting captures, you still get some stderr messages ("Dropped privileges", but that can be ignored). See also https://ask.wireshark.org/questions/55768/remote-interface-linux | |||||
 |
index : peter/wireshark-notes | |
| Notes and captures for patching TLS in Wireshark | Peter Wu |
| summaryrefslogtreecommitdiff |