summaryrefslogtreecommitdiff
path: root/doc/extcap.pod
diff options
context:
space:
mode:
Diffstat (limited to 'doc/extcap.pod')
-rw-r--r--doc/extcap.pod78
1 files changed, 78 insertions, 0 deletions
diff --git a/doc/extcap.pod b/doc/extcap.pod
new file mode 100644
index 0000000000..c6cc9bb1bc
--- /dev/null
+++ b/doc/extcap.pod
@@ -0,0 +1,78 @@
+
+=head1 NAME
+
+extcap - Extcap grammar elements
+
+=head1 SYNOPSIS
+
+Suggested config grammar elements:
+arg (options) argument for CLI calling
+number Reference # of argument for other values, display order
+call Literal argument to call (--call=...)
+display Displayed name
+default Default value, in proper form for type
+range Range of valid values for UI checking (min,max) in proper form
+type Argument type for UI filtering for raw, or UI type for selector:
+ integer
+ unsigned
+ long (may include scientific / special notation)
+float
+menu (display popup menu in UI)
+selector (display selector table, all values as strings)
+boolean (display checkbox)
+radio (display group of radio buttons with provided values, all values as strings)
+
+value (options) Values for argument selection
+ arg Argument # this value applies to
+value Passed value
+display Displayed value
+default Boolean (true if default, all others ignored, ie default=true)
+
+flag (options) external-capture level flags
+ dedicated Bypass dumpcap & mux for high speed
+ failure Failure message
+
+
+Possible grammar example:
+
+arg {number=0}{call=channel}{display=Wi-Fi Channel}{type=integer}
+arg {number=1}{call=chanflags}{display=Channel Flags}{type=radio}
+arg {number=2}{call=interface}{display=Interface}{type=selector}
+value {arg=0}{range=1,11}
+value {arg=1}{value=ht40p}{display=HT40+}
+value {arg=1}{value=ht40m}{display=HT40-}
+value {arg=1}{value=ht20}{display=HT20}
+value {arg=2}{value=wlan0}{display=wlan0}
+
+Example 2
+arg {number=0}{call=usbdevice}{USB Device}{type=selector}
+value {arg=0}{call=/dev/sysfs/usb/foo/123}{display=Ubertooth One sn 1234}
+value {arg=0}{call=”/dev/sysfs/usb/foo/456}{display=Ubertooth One sn 8901}
+
+Example 3
+arg {number=0}{call=usbdevice}{USB Device}{type=selector}
+flag {failure=Permission denied opening Ubertooth device}
+
+
+Security awareness:
+
+- Users running wireshark as root, we can’t save you
+- Dumpcap retains suid/setgid and group+x permissions to allow users in wireshark group only
+- Third-party capture programs run w/ whatever privs they’re installed with
+- If an attacker can write to a system binary directory, we’re game over anyhow
+- Don’t let wireshark be told to look for capture binaries somewhere else?
+
+Notes:
+- daemonized dumpcap?
+- multiuser?
+- sync_pipe.h commands
+- expand pipe commands to have status notifications, etc?
+- Wireshark->dumpcap options for channel control, etc?
+
+TODO
+define grammar
+write grammar to HTML mockup
+sketch interface with dumpcap
+launch external-pcap from wireshark, bypass dumpcap
+launch external-pcap from wireshark, hand fd to dumpcap
+extract netif capture as first cap source \ No newline at end of file
generated by cgit v1.2.1 (git 2.18.0) at 2024-07-04 04:27:25 +0000