diff --git a/CMakeLists.txt b/CMakeLists.txt index 721da58e5b..22e0d94d5a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1345,8 +1345,6 @@ ws_find_package(WinSparkle ENABLE_WINSPARKLE HAVE_SOFTWARE_UPDATE) find_package( Asciidoctor 1.5 ) -find_package(POD REQUIRED) - find_package(DOXYGEN) # The SpeexDSP resampler is required iff building wireshark or sharkd. @@ -1939,41 +1937,45 @@ set(INSTALL_FILES smi_modules wka docbook/ws.css - ${CMAKE_BINARY_DIR}/doc/AUTHORS-SHORT - ${CMAKE_BINARY_DIR}/doc/androiddump.html - ${CMAKE_BINARY_DIR}/doc/udpdump.html - ${CMAKE_BINARY_DIR}/doc/capinfos.html - ${CMAKE_BINARY_DIR}/doc/captype.html - ${CMAKE_BINARY_DIR}/doc/ciscodump.html - ${CMAKE_BINARY_DIR}/doc/dftest.html - ${CMAKE_BINARY_DIR}/doc/dumpcap.html - ${CMAKE_BINARY_DIR}/doc/editcap.html - ${CMAKE_BINARY_DIR}/doc/extcap.html - ${CMAKE_BINARY_DIR}/doc/mergecap.html - ${CMAKE_BINARY_DIR}/doc/randpkt.html - ${CMAKE_BINARY_DIR}/doc/randpktdump.html - ${CMAKE_BINARY_DIR}/doc/etwdump.html - ${CMAKE_BINARY_DIR}/doc/rawshark.html - ${CMAKE_BINARY_DIR}/doc/reordercap.html - ${CMAKE_BINARY_DIR}/doc/sshdump.html - ${CMAKE_BINARY_DIR}/doc/text2pcap.html - ${CMAKE_BINARY_DIR}/doc/tshark.html - ${CMAKE_BINARY_DIR}/doc/wireshark.html - ${CMAKE_BINARY_DIR}/doc/wireshark-filter.html ) -if(MAXMINDDB_FOUND) - list(APPEND INSTALL_FILES ${CMAKE_BINARY_DIR}/doc/mmdbresolve.html) -endif() - -if (BUILD_corbaidl2wrs) - list(APPEND INSTALL_FILES ${CMAKE_BINARY_DIR}/doc/idl2wrs.html) -endif() -if (BUILD_xxx2deb) +if (ASCIIDOCTOR_FOUND) list(APPEND INSTALL_FILES - ${CMAKE_BINARY_DIR}/doc/asn2deb.html - ${CMAKE_BINARY_DIR}/doc/idl2deb.html + ${CMAKE_BINARY_DIR}/doc/AUTHORS-SHORT + ${CMAKE_BINARY_DIR}/doc/androiddump.html + ${CMAKE_BINARY_DIR}/doc/udpdump.html + ${CMAKE_BINARY_DIR}/doc/capinfos.html + ${CMAKE_BINARY_DIR}/doc/captype.html + ${CMAKE_BINARY_DIR}/doc/ciscodump.html + ${CMAKE_BINARY_DIR}/doc/dftest.html + ${CMAKE_BINARY_DIR}/doc/dumpcap.html + ${CMAKE_BINARY_DIR}/doc/editcap.html + ${CMAKE_BINARY_DIR}/doc/extcap.html + ${CMAKE_BINARY_DIR}/doc/mergecap.html + ${CMAKE_BINARY_DIR}/doc/randpkt.html + ${CMAKE_BINARY_DIR}/doc/randpktdump.html + ${CMAKE_BINARY_DIR}/doc/etwdump.html + ${CMAKE_BINARY_DIR}/doc/rawshark.html + ${CMAKE_BINARY_DIR}/doc/reordercap.html + ${CMAKE_BINARY_DIR}/doc/sshdump.html + ${CMAKE_BINARY_DIR}/doc/text2pcap.html + ${CMAKE_BINARY_DIR}/doc/tshark.html + ${CMAKE_BINARY_DIR}/doc/wireshark.html + ${CMAKE_BINARY_DIR}/doc/wireshark-filter.html ) + if(MAXMINDDB_FOUND) + list(APPEND INSTALL_FILES ${CMAKE_BINARY_DIR}/doc/mmdbresolve.html) + endif() + + if (BUILD_corbaidl2wrs) + list(APPEND INSTALL_FILES ${CMAKE_BINARY_DIR}/doc/idl2wrs.html) + endif() + if (BUILD_xxx2deb) + list(APPEND INSTALL_FILES + ${CMAKE_BINARY_DIR}/doc/asn2deb.html + ${CMAKE_BINARY_DIR}/doc/idl2deb.html + ) + endif() endif() if(NOT WIN32) diff --git a/cmake/modules/FindAsciidoctor.cmake b/cmake/modules/FindAsciidoctor.cmake index 32c610f1b7..3876d04754 100644 --- a/cmake/modules/FindAsciidoctor.cmake +++ b/cmake/modules/FindAsciidoctor.cmake @@ -39,12 +39,14 @@ if(ASCIIDOCTOR_EXECUTABLE) set (_asciidoctor_common_args # Doesn't work with AsciidoctorJ? # --failure-level=WARN + # --trace --attribute build_dir=${CMAKE_CURRENT_BINARY_DIR} - --require ${CMAKE_CURRENT_SOURCE_DIR}/asciidoctor-macros/ws_utils.rb - --require ${CMAKE_CURRENT_SOURCE_DIR}/asciidoctor-macros/commaize-block.rb - --require ${CMAKE_CURRENT_SOURCE_DIR}/asciidoctor-macros/cveidlink-inline-macro.rb - --require ${CMAKE_CURRENT_SOURCE_DIR}/asciidoctor-macros/wsbuglink-inline-macro.rb - --require ${CMAKE_CURRENT_SOURCE_DIR}/asciidoctor-macros/wssalink-inline-macro.rb + --require ${CMAKE_SOURCE_DIR}/docbook/asciidoctor-macros/ws_utils.rb + --require ${CMAKE_SOURCE_DIR}/docbook/asciidoctor-macros/commaize-block.rb + --require ${CMAKE_SOURCE_DIR}/docbook/asciidoctor-macros/cveidlink-inline-macro.rb + --require ${CMAKE_SOURCE_DIR}/docbook/asciidoctor-macros/manarg-block.rb + --require ${CMAKE_SOURCE_DIR}/docbook/asciidoctor-macros/wsbuglink-inline-macro.rb + --require ${CMAKE_SOURCE_DIR}/docbook/asciidoctor-macros/wssalink-inline-macro.rb ) set(_asciidoctor_common_command @@ -83,7 +85,7 @@ if(ASCIIDOCTOR_EXECUTABLE) unset(_output_xml) ENDMACRO() - # Currently single page only. + # Single page only, for the release notes and man pages. MACRO( ASCIIDOCTOR2HTML _asciidocsource ) GET_FILENAME_COMPONENT( _source_base_name ${_asciidocsource} NAME_WE ) set( _output_html ${_source_base_name}.html ) @@ -124,6 +126,27 @@ if(ASCIIDOCTOR_EXECUTABLE) unset(_output_txt) ENDMACRO() + # Single page only, for the release notes and man pages. + MACRO( ASCIIDOCTOR2MAN _asciidocsource _man_section) + GET_FILENAME_COMPONENT( _source_base_name ${_asciidocsource} NAME_WE ) + set( _output_man ${_source_base_name}.${_man_section} ) + + ADD_CUSTOM_COMMAND( + OUTPUT + ${_output_man} + COMMAND ${_asciidoctor_common_command} + --backend manpage + --out-file ${_output_man} + ${CMAKE_CURRENT_SOURCE_DIR}/${_asciidocsource} + DEPENDS + ${CMAKE_CURRENT_SOURCE_DIR}/${_asciidocsource} + ${ARGN} + ) + add_custom_target(generate_${_output_man} DEPENDS ${_output_man}) + set_asciidoctor_target_properties(generate_${_output_man}) + unset(_output_man) + ENDMACRO() + # news: release-notes.txt # ${CMAKE_COMMAND} -E copy_if_different release-notes.txt ../NEWS diff --git a/cmake/modules/FindPOD.cmake b/cmake/modules/FindPOD.cmake deleted file mode 100644 index 0233b5fc98..0000000000 --- a/cmake/modules/FindPOD.cmake +++ /dev/null @@ -1,84 +0,0 @@ -# -# - Find pod2man and pod2html. -# - -find_program(POD2MAN_EXECUTABLE - NAMES - pod2man - pod2man.bat - PATHS - /bin - /usr/bin - /usr/local/bin - /sbin -) - -find_program(POD2HTML_EXECUTABLE - NAMES - pod2html - pod2html.bat - PATHS - /bin - /usr/bin - /usr/local/bin - /sbin -) - -# handle the QUIETLY and REQUIRED arguments and set POD2HTML_FOUND to TRUE if -# all listed variables are TRUE -include(FindPackageHandleStandardArgs) -find_package_handle_standard_args(POD DEFAULT_MSG POD2MAN_EXECUTABLE POD2HTML_EXECUTABLE) - -mark_as_advanced( - POD2MAN_EXECUTABLE - POD2HTML_EXECUTABLE -) - -# run pod2man and pod2html -macro(pod2manhtml _sourcefile _manext) - get_filename_component(_basefile ${_sourcefile} NAME) - set(_outman ${_basefile}.${_manext}) - set(_outhtml ${_basefile}.html) - - add_custom_command( - OUTPUT - ${_outman} - COMMAND - ${PERL_EXECUTABLE} ${POD2MAN_EXECUTABLE} - --section=${_manext} - --center=\"The Wireshark Network Analyzer\" - --release=${PROJECT_VERSION} - ${_sourcefile}.pod - > ${_outman} - DEPENDS - ${_sourcefile}.pod - ) - - add_custom_command( - OUTPUT - ${_outhtml} - COMMAND - ${PERL_EXECUTABLE} ${POD2HTML_EXECUTABLE} - --title=\"${_basefile} - The Wireshark Network Analyzer ${CPACK_PACKAGE_VERSION}\" - --css=ws.css - --noindex - ${_sourcefile}.pod - > ${_outhtml} - DEPENDS - ${_sourcefile}.pod - ${CMAKE_SOURCE_DIR}/docbook/ws.css - ) -endmacro(pod2manhtml) - -# -# Editor modelines - https://www.wireshark.org/tools/modelines.html -# -# Local variables: -# c-basic-offset: 8 -# tab-width: 8 -# indent-tabs-mode: t -# End: -# -# vi: set shiftwidth=8 tabstop=8 noexpandtab: -# :indentSize=8:tabSize=8:noTabs=false: -# diff --git a/doc/CMakeLists.txt b/doc/CMakeLists.txt index 9a2f7782cc..a1e74b5fbc 100644 --- a/doc/CMakeLists.txt +++ b/doc/CMakeLists.txt @@ -7,6 +7,8 @@ # SPDX-License-Identifier: GPL-2.0-or-later # +find_package( Asciidoctor 1.5 ) + add_custom_command( OUTPUT AUTHORS-SHORT COMMAND ${PERL_EXECUTABLE} @@ -18,98 +20,69 @@ add_custom_command( ${CMAKE_SOURCE_DIR}/AUTHORS ) +set(MAN1_INSTALL_FILES) +set(MAN4_INSTALL_FILES) +set(HTML_INSTALL_FILES) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/wireshark 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/androiddump 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/capinfos 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/captype 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/ciscodump 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/dftest 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/dumpcap 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/editcap 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/mergecap 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/randpkt 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/randpktdump 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/etwdump 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/rawshark 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/reordercap 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/sshdump 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/text2pcap 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/tshark 1) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/udpdump 1) +macro (ASCIIDOCTOR2MANHTML _page_name _man_section) + if(ASCIIDOCTOR_FOUND) + ASCIIDOCTOR2HTML(${_page_name}.adoc) + ASCIIDOCTOR2MAN(${_page_name}.adoc ${_man_section}) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/extcap 4) -pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/wireshark-filter 4) + list(APPEND HTML_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/${_page_name}.html) + if (${_man_section} EQUAL 1) + list(APPEND MAN1_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/${_page_name}.${_man_section}) + elseif (${_man_section} EQUAL 4) + list(APPEND MAN4_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/${_page_name}.${_man_section}) + else() + message(FATAL_ERROR "Unsupported manual page section ${_man_section} for ${_page_name}") + endif() + endif() +endmacro() + +ASCIIDOCTOR2MANHTML(wireshark 1) +ASCIIDOCTOR2MANHTML(androiddump 1) +ASCIIDOCTOR2MANHTML(capinfos 1) +ASCIIDOCTOR2MANHTML(captype 1) +ASCIIDOCTOR2MANHTML(ciscodump 1) +ASCIIDOCTOR2MANHTML(dftest 1) +ASCIIDOCTOR2MANHTML(dumpcap 1) +ASCIIDOCTOR2MANHTML(editcap 1) +ASCIIDOCTOR2MANHTML(mergecap 1) +ASCIIDOCTOR2MANHTML(randpkt 1) +ASCIIDOCTOR2MANHTML(randpktdump 1) +ASCIIDOCTOR2MANHTML(etwdump 1) +ASCIIDOCTOR2MANHTML(rawshark 1) +ASCIIDOCTOR2MANHTML(reordercap 1) +ASCIIDOCTOR2MANHTML(sshdump 1) +ASCIIDOCTOR2MANHTML(text2pcap 1) +ASCIIDOCTOR2MANHTML(tshark 1) +ASCIIDOCTOR2MANHTML(udpdump 1) + +ASCIIDOCTOR2MANHTML(extcap 4) +ASCIIDOCTOR2MANHTML(wireshark-filter 4) if(BUILD_dpauxmon AND HAVE_LIBNL3) - pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/dpauxmon 1) + ASCIIDOCTOR2MANHTML(dpauxmon 1) endif() if(BUILD_sdjournal AND SYSTEMD_FOUND) - pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/sdjournal 1) + ASCIIDOCTOR2MANHTML(sdjournal 1) endif() if(MAXMINDDB_FOUND) - pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/mmdbresolve 1) + ASCIIDOCTOR2MANHTML(mmdbresolve 1) endif() if (BUILD_corbaidl2wrs) - pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/idl2wrs 1) + ASCIIDOCTOR2MANHTML(idl2wrs 1) endif() + if (BUILD_xxx2deb) - pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/asn2deb 1) - pod2manhtml(${CMAKE_CURRENT_SOURCE_DIR}/idl2deb 1) + ASCIIDOCTOR2MANHTML(asn2deb 1) + ASCIIDOCTOR2MANHTML(idl2deb 1) endif() -set(MAN1_INSTALL_FILES - ${CMAKE_CURRENT_BINARY_DIR}/androiddump.1 - ${CMAKE_CURRENT_BINARY_DIR}/capinfos.1 - ${CMAKE_CURRENT_BINARY_DIR}/captype.1 - ${CMAKE_CURRENT_BINARY_DIR}/ciscodump.1 - ${CMAKE_CURRENT_BINARY_DIR}/ciscodump.1 - ${CMAKE_CURRENT_BINARY_DIR}/dftest.1 - ${CMAKE_CURRENT_BINARY_DIR}/dumpcap.1 - ${CMAKE_CURRENT_BINARY_DIR}/editcap.1 - ${CMAKE_CURRENT_BINARY_DIR}/mergecap.1 - ${CMAKE_CURRENT_BINARY_DIR}/randpkt.1 - ${CMAKE_CURRENT_BINARY_DIR}/randpktdump.1 - ${CMAKE_CURRENT_BINARY_DIR}/etwdump.1 - ${CMAKE_CURRENT_BINARY_DIR}/rawshark.1 - ${CMAKE_CURRENT_BINARY_DIR}/reordercap.1 - ${CMAKE_CURRENT_BINARY_DIR}/sshdump.1 - ${CMAKE_CURRENT_BINARY_DIR}/text2pcap.1 - ${CMAKE_CURRENT_BINARY_DIR}/tshark.1 - ${CMAKE_CURRENT_BINARY_DIR}/udpdump.1 - ${CMAKE_CURRENT_BINARY_DIR}/wireshark.1 -) - -if(BUILD_dpauxmon AND HAVE_LIBNL3) - list(APPEND MAN1_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/dpauxmon.1) -endif() - -if(BUILD_sdjournal AND SYSTEMD_FOUND) - list(APPEND MAN1_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/sdjournal.1) -endif() - -if(MAXMINDDB_FOUND) - list(APPEND MAN1_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/mmdbresolve.1) -endif() - -if (BUILD_corbaidl2wrs) - list(APPEND MAN1_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/idl2wrs.1) -endif() -if (BUILD_xxx2deb) - list(APPEND MAN1_INSTALL_FILES - ${CMAKE_CURRENT_BINARY_DIR}/asn2deb.1 - ${CMAKE_CURRENT_BINARY_DIR}/idl2deb.1 - ) -endif() - -set(MAN4_INSTALL_FILES - ${CMAKE_CURRENT_BINARY_DIR}/extcap.4 - ${CMAKE_CURRENT_BINARY_DIR}/wireshark-filter.4 -) - set(BUNDLE_RESOURCE_SHARE_MAN1_FILES ${MAN1_INSTALL_FILES} PARENT_SCOPE) set(BUNDLE_RESOURCE_SHARE_MAN4_FILES ${MAN4_INSTALL_FILES} PARENT_SCOPE) @@ -118,52 +91,6 @@ add_custom_target(manpages DEPENDS ${MAN4_INSTALL_FILES} ) -set(HTML_INSTALL_FILES - ${CMAKE_CURRENT_BINARY_DIR}/androiddump.html - ${CMAKE_CURRENT_BINARY_DIR}/capinfos.html - ${CMAKE_CURRENT_BINARY_DIR}/captype.html - ${CMAKE_CURRENT_BINARY_DIR}/ciscodump.html - ${CMAKE_CURRENT_BINARY_DIR}/ciscodump.html - ${CMAKE_CURRENT_BINARY_DIR}/dftest.html - ${CMAKE_CURRENT_BINARY_DIR}/dumpcap.html - ${CMAKE_CURRENT_BINARY_DIR}/editcap.html - ${CMAKE_CURRENT_BINARY_DIR}/extcap.html - ${CMAKE_CURRENT_BINARY_DIR}/mergecap.html - ${CMAKE_CURRENT_BINARY_DIR}/randpkt.html - ${CMAKE_CURRENT_BINARY_DIR}/randpktdump.html - ${CMAKE_CURRENT_BINARY_DIR}/etwdump.html - ${CMAKE_CURRENT_BINARY_DIR}/rawshark.html - ${CMAKE_CURRENT_BINARY_DIR}/reordercap.html - ${CMAKE_CURRENT_BINARY_DIR}/sshdump.html - ${CMAKE_CURRENT_BINARY_DIR}/text2pcap.html - ${CMAKE_CURRENT_BINARY_DIR}/tshark.html - ${CMAKE_CURRENT_BINARY_DIR}/udpdump.html - ${CMAKE_CURRENT_BINARY_DIR}/wireshark-filter.html - ${CMAKE_CURRENT_BINARY_DIR}/wireshark.html -) - -if(BUILD_dpauxmon AND HAVE_LIBNL3) - list(APPEND HTML_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/dpauxmon.html) -endif() - -if(BUILD_sdjournal AND SYSTEMD_FOUND) - list(APPEND HTML_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/sdjournal.html) -endif() - -if(MAXMINDDB_FOUND) - list(APPEND HTML_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/mmdbresolve.html) -endif() - -if (BUILD_corbaidl2wrs) - list(APPEND HTML_INSTALL_FILES ${CMAKE_CURRENT_BINARY_DIR}/idl2wrs.html) -endif() -if (BUILD_xxx2deb) - list(APPEND HTML_INSTALL_FILES - ${CMAKE_CURRENT_BINARY_DIR}/asn2deb.html - ${CMAKE_CURRENT_BINARY_DIR}/idl2deb.html - ) -endif() - add_custom_target( docs ALL DEPENDS @@ -174,19 +101,21 @@ add_custom_target( ) set_target_properties(docs PROPERTIES FOLDER "Docs") -install( - FILES - ${MAN1_INSTALL_FILES} - DESTINATION - ${CMAKE_INSTALL_MANDIR}/man1 -) +if(ASCIIDOCTOR_FOUND) + install( + FILES + ${MAN1_INSTALL_FILES} + DESTINATION + ${CMAKE_INSTALL_MANDIR}/man1 + ) -install( - FILES - ${MAN4_INSTALL_FILES} - DESTINATION - ${CMAKE_INSTALL_MANDIR}/man4 -) + install( + FILES + ${MAN4_INSTALL_FILES} + DESTINATION + ${CMAKE_INSTALL_MANDIR}/man4 + ) +endif() # # Installation of HTML manuals is done diff --git a/doc/androiddump.adoc b/doc/androiddump.adoc index 5747968d38..ea22147157 100644 --- a/doc/androiddump.adoc +++ b/doc/androiddump.adoc @@ -1,55 +1,61 @@ -=begin man += androiddump(1) +:doctype: manpage +include::../docbook/attributes.adoc[] +:stylesheet: ws.css +:linkcss: +:copycss: ../docbook/{stylesheet} -=encoding utf8 - -=end man - -=head1 NAME +== NAME androiddump - Provide interfaces to capture from Android devices -=head1 SYNOPSIS +== SYNOPSIS -B -S<[ B<--help> ]> -S<[ B<--version> ]> -S<[ B<--extcap-version> ]> -S<[ B<--debug> ]> -S<[ B<--extcap-interfaces> ]> -S<[ B<--extcap-dlts> ]> -S<[ B<--extcap-interface>=EinterfaceE ]> -S<[ B<--extcap-config> ]> -S<[ B<--capture> ]> -S<[ B<--fifo>=Epath to file or pipeE ]> -S<[ B<--adb-server-ip>=EIP addressE ]> -S<[ B<--adb-server-tcp-port>=ETCP portE ]> -S<[ B<--logcat-text>=ETRUE or FALSEE ]> -S<[ B<--bt-server-tcp-port>=ETCP portE ]> -S<[ B<--bt-forward-socket>=ETRUE or FALSEE ]> -S<[ B<--bt-local-ip>=EIP addressE ]> -S<[ B<--bt-local-tcp-port>=ETCP portE ]> +[manarg] +*androiddump* +[ *--help* ] +[ *--version* ] +[ *--extcap-version* ] +[ *--debug* ] +[ *--extcap-interfaces* ] +[ *--extcap-dlts* ] +[ *--extcap-interface*= ] +[ *--extcap-config* ] +[ *--capture* ] +[ *--fifo*= ] +[ *--adb-server-ip*= ] +[ *--adb-server-tcp-port*= ] +[ *--logcat-text*= ] +[ *--bt-server-tcp-port*= ] +[ *--bt-forward-socket*= ] +[ *--bt-local-ip*= ] +[ *--bt-local-tcp-port*= ] -B -S< B<--extcap-interfaces> > -S<[ B<--adb-server-ip>=EIP addressE ]> -S<[ B<--adb-server-tcp-port>=ETCP portE ]> +[manarg] +*androiddump* +*--extcap-interfaces* +[ *--adb-server-ip*= ] +[ *--adb-server-tcp-port*= ] -B -S< B<--extcap-interface>=EinterfaceE > -S<[ B<--extcap-dlts> ]> +[manarg] +*androiddump* +*--extcap-interface*= +[ *--extcap-dlts* ] -B -S< B<--extcap-interface>=EinterfaceE > -S<[ B<--extcap-config> ]> +[manarg] +*androiddump* +*--extcap-interface*= +[ *--extcap-config* ] -B -S< B<--extcap-interface>=EinterfaceE > -S< B<--fifo>=Epath to file or pipeE > -S< B<--capture> > +[manarg] +*androiddump* +*--extcap-interface*= +*--fifo*= +*--capture* -=head1 DESCRIPTION +== DESCRIPTION -B is a extcap tool that provide interfaces to capture from +*Androiddump* is a extcap tool that provide interfaces to capture from Android device. There is only two requirements: 1. You must have Android SDK and add it PATH environment variable. @@ -60,115 +66,132 @@ https://developer.android.com/sdk/index.html#Other 2. You must have permission to Android devices. Some Android devices requires on-screen authentication. - Supported interfaces: -=over 4 - -=item 1. Logcat Main (binary [<=Jelly Bean] or text) - -=item 2. Logcat System (binary [<=Jelly Bean] or text) - -=item 3. Logcat Events (binary [<=Jelly Bean] or text) - -=item 4. Logcat Radio (binary [<=Jelly Bean] or text) - -=item 5. Logcat Crash (text; from Lollipop) - -=item 6. Bluetooth Hcidump [<=Jelly Bean] - -=item 7. Bluetooth Bluedroid External Parser [Kitkat] - -=item 8. Bluetooth BtsnoopNet [>=Lollipop] - -=item 9. WiFi tcpdump [need tcpdump on phone] - -=back +1. Logcat Main (binary [++<=++Jelly Bean] or text) +2. Logcat System (binary [++<=++Jelly Bean] or text) +3. Logcat Events (binary [++<=++Jelly Bean] or text) +4. Logcat Radio (binary [++<=++Jelly Bean] or text) +5. Logcat Crash (text; from Lollipop) +6. Bluetooth Hcidump [++<=++Jelly Bean] +7. Bluetooth Bluedroid External Parser [Kitkat] +8. Bluetooth BtsnoopNet [>=Lollipop] +9. WiFi tcpdump [need tcpdump on phone] Please note that it will work also for FirefoxOS or other Android-based stuffs. -=head1 OPTIONS - -=over 4 - -=item --help +== OPTIONS +--help:: ++ +-- Print program arguments. +-- -=item --version - +--version:: ++ +-- Print program version. +-- -=item --extcap-version - +--extcap-version:: ++ +-- Print extcapized version. +-- -=item --debug - +--debug:: ++ +-- Print additional messages. +-- -=item --extcap-interfaces - +--extcap-interfaces:: ++ +-- List available interfaces. +-- -=item --extcap-interface=EinterfaceE - +--extcap-interface=:: ++ +-- Use specified interfaces. +-- -=item --extcap-dlts - +--extcap-dlts:: ++ +-- List DLTs of specified interface. +-- -=item --extcap-config - +--extcap-config:: ++ +-- List configuration options of specified interface. +-- -=item --capture - +--capture:: ++ +-- Start capturing from specified interface save saved it in place specified by --fifo. +-- -=item --fifo=Epath to file or pipeE - +--fifo=:: ++ +-- Save captured packet to file or send it through pipe. +-- -=item --adb-server-ip=EIP addressE - +--adb-server-ip=:: ++ +-- Use other then default (127.0.0.1) ADB daemon's IP address. +-- -=item --adb-server-tcp-port=ETCP portE - +--adb-server-tcp-port=:: ++ +-- Use other then default (5037) ADB daemon's TCP port. +-- -=item --logcat-text=ETRUE or FALSEE - +--logcat-text=:: ++ +-- If TRUE then use text logcat rather then binary. This option has effect only on Logcat interfaces. This have no effect from Lollipop where is no binary Logcat available. Defaults to FALSE. +-- -=item --bt-server-tcp-port=ETCP portE - +--bt-server-tcp-port=:: ++ +-- Use other then default Bluetooth server TCP port on Android side. On Lollipop defaults is 8872, earlier 4330. +-- -=item --bt-forward-socket=ETRUE or FALSEE - +--bt-forward-socket=:: ++ +-- If TRUE then socket from Android side is forwarded to host side. Defaults to FALSE. +-- -=item --bt-local-ip=EIP addressE - +--bt-local-ip=:: ++ +-- Use other then default (127.0.0.1) IP address on host side for forwarded socket. +-- -=item --bt-local-tcp-port=ETCP portE - +--bt-local-tcp-port=:: ++ +-- Specify port to be used on host side for forwarded socket. +-- -=back - -=head1 EXAMPLES +== EXAMPLES To see program arguments: @@ -220,7 +243,6 @@ To see interface DLTs: Example output: dlt {number=99}{name=BluetoothH4}{display=Bluetooth HCI UART transport layer plus pseudo-header} - To see interface configuration options: androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --extcap-config @@ -229,32 +251,30 @@ To see interface configuration options: arg {number=0}{call=--adb-server-ip}{display=ADB Server IP Address}{type=string}{default=127.0.0.1} arg {number=1}{call=--adb-server-tcp-port}{display=ADB Server TCP Port}{type=integer}{range=0,65535}{default=5037} - To capture: androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --fifo=/tmp/bluetooth.pcapng --capture NOTE: To stop capturing CTRL+C/kill/terminate application. -=head1 SEE ALSO +== SEE ALSO -wireshark(1), tshark(1), dumpcap(1), extcap(4) +xref:wireshark.html[wireshark](1), xref:tshark.html[tshark](1), xref:dumpcap.html[dumpcap](1), xref:extcap.html[extcap](4) -=head1 NOTES +== NOTES -B is part of the B distribution. The latest version -of B can be found at L. +*Androiddump* is part of the *Wireshark* distribution. The latest version +of *Wireshark* can be found at https://www.wireshark.org. HTML versions of the Wireshark project man pages are available at: -L. +https://www.wireshark.org/docs/man-pages. -=head1 AUTHORS +== AUTHORS - Original Author - -------- ------ - Michal Labedzki +.Original Author +[%hardbreaks] +Michal Labedzki - - Contributors - ------------ - Roland Knall +.Contributors +[%hardbreaks] +Roland Knall diff --git a/doc/asn2deb.adoc b/doc/asn2deb.adoc index 7484e9c6dd..c903853c34 100644 --- a/doc/asn2deb.adoc +++ b/doc/asn2deb.adoc @@ -1,82 +1,94 @@ -=begin man += asn2deb(1) +:doctype: manpage +include::../docbook/attributes.adoc[] +:stylesheet: ws.css +:linkcss: +:copycss: ../docbook/{stylesheet} -=encoding utf8 - -=end man - -=head1 NAME +== NAME asn2deb - Create a Debian package for BER monitoring from ASN.1 -=head1 SYNOPSIS +== SYNOPSIS -B -S<[ B<-a> EASN.1 fileE ]> -S<[ B<--asn>=EASN.1 fileE ]> -S<[ B<-d> EoptsE ]> -S<[ B<--dbopts>=EoptsE ]> -S<[ B<-e> EaddressE ]> -S<[ B<--email>=EaddressE ]> -S<[ B<-h> ]> -S<[ B<--help> ]> -S<[ B<-n> EnameE ]> -S<[ B<--name>=EnameE ]> -S<[ B<-p> ]> -S<[ B<--preserve> ]> -S<[ B<-v> ]> -S<[ B<--version> ]> +[manarg] +*asn2deb* +[ *-a* ] +[ *--asn*= ] +[ *-d* ] +[ *--dbopts*= ] +[ *-e*
] +[ *--email*=
] +[ *-h* ] +[ *--help* ] +[ *-n* ] +[ *--name*= ] +[ *-p* ] +[ *--preserve* ] +[ *-v* ] +[ *--version* ] -=head1 DESCRIPTION +== DESCRIPTION -This manual page documents briefly the B command. B +This manual page documents briefly the *asn2deb* command. *asn2deb* takes an ASN.1 file as input and creates a Debian package from it. The package contains a loadable type table file for the Wireshark network analyser. -The type table is generated by the ASN.1 compiler B. +The type table is generated by the ASN.1 compiler *snacc*. -=head1 OPTIONS - -=over 4 - -=item -a EASN.1 fileE --asn=EASN.1 fileE +== OPTIONS +-a --asn=:: ++ +-- ASN.1 file to use (mandatory). +-- -=item -d EoptsE --dbopts=EoptsE - +-d --dbopts=:: ++ +-- options for dpkg-buildpackage. +-- -=item -e EaddressE --email=EaddressE - +-e
--email=
:: ++ +-- use e-mail address. +-- -=item -h --help - +-h --help:: ++ +-- print help and exit. +-- -=item -n EnameE --name=EnameE - +-n --name=:: ++ +-- use user name. +-- -=item -p --preserve - +-p --preserve:: ++ +-- do not overwrite files. +-- -=item -v --version - +-v --version:: ++ +-- print version and exit. +-- -=back - -=head1 EXAMPLES +== EXAMPLES /usr/bin/asn2deb -e me@foo.net -a bar.asn1 \-n "My Name" -d "-rfakeroot -uc -us"-d "-rfakeroot -uc -us" -=head1 SEE ALSO +== SEE ALSO -A lot of tools are used, which you have to B: wireshark-dev, python, cdbs, autotools-dev, debhelper, dpkg-dev, +A lot of tools are used, which you have to *apt-get install*: wireshark-dev, python, cdbs, autotools-dev, debhelper, dpkg-dev, snacc. -=head1 COPYING +== COPYING This manual page was written by W. Borgert debacle@debian.org for Debian GNU/Linux (but may be used by others). Permission is granted @@ -84,10 +96,10 @@ to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation. -=head1 AUTHOR +== AUTHOR -B Author. +*W. Borgert* Author. -=head1 COPYRIGHT +== COPYRIGHT Copyright (C) 2003, 2005 W. Borger diff --git a/doc/capinfos.adoc b/doc/capinfos.adoc index fd5e0417c2..9b07ae19b5 100644 --- a/doc/capinfos.adoc +++ b/doc/capinfos.adoc @@ -1,60 +1,62 @@ -=begin man += capinfos(1) +:doctype: manpage +include::../docbook/attributes.adoc[] +:stylesheet: ws.css +:linkcss: +:copycss: ../docbook/{stylesheet} -=encoding utf8 - -=end man - -=head1 NAME +== NAME capinfos - Prints information about capture files -=head1 SYNOPSIS +== SYNOPSIS -B -S<[ B<-a> ]> -S<[ B<-A> ]> -S<[ B<-b> ]> -S<[ B<-B> ]> -S<[ B<-c> ]> -S<[ B<-C> ]> -S<[ B<-d> ]> -S<[ B<-D> ]> -S<[ B<-e> ]> -S<[ B<-E> ]> -S<[ B<-F> ]> -S<[ B<-h> ]> -S<[ B<-H> ]> -S<[ B<-i> ]> -S<[ B<-I> ]> -S<[ B<-k> ]> -S<[ B<-K> ]> -S<[ B<-l> ]> -S<[ B<-L> ]> -S<[ B<-m> ]> -S<[ B<-M> ]> -S<[ B<-n> ]> -S<[ B<-N> ]> -S<[ B<-o> ]> -S<[ B<-q> ]> -S<[ B<-Q> ]> -S<[ B<-r> ]> -S<[ B<-R> ]> -S<[ B<-s> ]> -S<[ B<-S> ]> -S<[ B<-t> ]> -S<[ B<-T> ]> -S<[ B<-u> ]> -S<[ B<-v> ]> -S<[ B<-x> ]> -S<[ B<-y> ]> -S<[ B<-z> ]> -EIE -I<...> +[manarg] +*capinfos* +[ *-a* ] +[ *-A* ] +[ *-b* ] +[ *-B* ] +[ *-c* ] +[ *-C* ] +[ *-d* ] +[ *-D* ] +[ *-e* ] +[ *-E* ] +[ *-F* ] +[ *-h* ] +[ *-H* ] +[ *-i* ] +[ *-I* ] +[ *-k* ] +[ *-K* ] +[ *-l* ] +[ *-L* ] +[ *-m* ] +[ *-M* ] +[ *-n* ] +[ *-N* ] +[ *-o* ] +[ *-q* ] +[ *-Q* ] +[ *-r* ] +[ *-R* ] +[ *-s* ] +[ *-S* ] +[ *-t* ] +[ *-T* ] +[ *-u* ] +[ *-v* ] +[ *-x* ] +[ *-y* ] +[ *-z* ] +<__infile__> +__...__ -=head1 DESCRIPTION +== DESCRIPTION -B is a program that reads one or more capture files and -returns some or all available statistics (infos) of each EIE +*Capinfos* is a program that reads one or more capture files and +returns some or all available statistics (infos) of each <__infile__> in one of two types of output formats: long or table. The long output is suitable for a human to read. The table output @@ -64,41 +66,44 @@ a spreadsheet or database. The user specifies what type of output (long or table) and which statistics to display by specifying flags (options) that corresponding to the report type and desired infos. If no options are specified, -B will report all statistics available in "long" format. +*Capinfos* will report all statistics available in "long" format. Options are processed from left to right order with later options superseding or adding to earlier options. -B is able to detect and read the same capture files that are -supported by B. +*Capinfos* is able to detect and read the same capture files that are +supported by *Wireshark*. The input files don't need a specific filename extension; the file format and an optional gzip, zstd or lz4 compression will be automatically detected. -Near the beginning of the DESCRIPTION section of wireshark(1) or -L -is a detailed description of the way B handles this, which is -the same way B handles this. +Near the beginning of the DESCRIPTION section of xref:wireshark.html[wireshark](1) or +https://www.wireshark.org/docs/man-pages/wireshark.html +is a detailed description of the way *Wireshark* handles this, which is +the same way *Capinfos* handles this. -=head1 OPTIONS +== OPTIONS -=over 4 - -=item -a - -Displays the start time of the capture. B considers +-a:: ++ +-- +Displays the start time of the capture. *Capinfos* considers the earliest timestamp seen to be the start time, so the first packet in the capture is not necessarily the earliest - if packets exist "out-of-order", time-wise, in the capture, -B detects this. - -=item -A +*Capinfos* detects this. +-- +-A:: ++ +-- Generate all infos. By default capinfos will display all infos values for each input file, but enabling any of the individual display infos options will disable the generate all option. +-- -=item -b - +-b:: ++ +-- Separate infos with ASCII SPACE (0x20) characters. This option is only useful when generating a table style report (-T). The various info values will be @@ -109,22 +114,28 @@ NOTE: Since some of the header labels as well as some of the value fields contain SPACE characters. This option is of limited value unless one of the quoting options (-q or -Q) is also specified. +-- -=item -B - +-B:: ++ +-- Separate the infos with ASCII TAB characters. This option is only useful when generating a table style report (-T). The various info values will be separated (delimited) from one another with a single ASCII TAB character. The TAB character is the default delimiter when -T style report is enabled. +-- -=item -c - +-c:: ++ +-- Displays the number of packets in the capture file. +-- -=item -C - +-C:: ++ +-- Cancel processing any additional files if and when capinfos fails to open an input file or gets an error reading an input file. @@ -137,117 +148,155 @@ an error reading from a file regardless whether the -C option is specified or not. Upon exit, capinfos will return an error status if any errors occurred during processing. +-- -=item -d - +-d:: ++ +-- Displays the total length of all packets in the file, in bytes. This counts the size of the packets as they appeared in their original form, not as they appear in this file. For example, if a packet was originally 1514 bytes and only 256 of those bytes were saved to the capture file (if packets were captured with a snaplen or other slicing option), -B will consider the packet to have been 1514 bytes. - -=item -D +*Capinfos* will consider the packet to have been 1514 bytes. +-- +-D:: ++ +-- Displays a count of the number of decryption secrets in the file. +-- -=item -e - -Displays the end time of the capture. B considers +-e:: ++ +-- +Displays the end time of the capture. *Capinfos* considers the latest timestamp seen to be the end time, so the last packet in the capture is not necessarily the latest - if packets exist "out-of-order", time-wise, in the capture, -B detects this. - -=item -E +*Capinfos* detects this. +-- +-E:: ++ +-- Displays the per-file encapsulation of the capture file. +-- -=item -F - +-F:: ++ +-- Displays additional capture file information. +-- -=item -h - +-h:: ++ +-- Prints the help listing and exits. +-- -=item -H - +-H:: ++ +-- Displays the SHA256, RIPEMD160, and SHA1 hashes for the file. SHA1 output may be removed in the future. +-- -=item -i - +-i:: ++ +-- Displays the average data rate, in bits/sec +-- -=item -I - +-I:: ++ +-- Displays detailed capture file interface information. This information is not available in table format. +-- -=item -k - +-k:: ++ +-- Displays the capture comment. For pcapng files, this is the comment from the section header block. +-- -=item -K - +-K:: ++ +-- Use this option to suppress printing capture comments. By default capture comments are enabled. Capture comments are relatively freeform and might contain embedded new-line characters and/or other delimiting characters making it harder for a human or machine to easily parse the capinfos output. Excluding capture comments can aid in post-processing of output. +-- -=item -l - +-l:: ++ +-- Display the snaplen (if any) for a file. snaplen (if available) is determined from the capture file header and by looking for truncated records in the capture file. +-- -=item -L - +-L:: ++ +-- Generate long report. Capinfos can generate two different styles of reports. The "long" report is the default style of output and is suitable for a human to use. +-- -=item -m - +-m:: ++ +-- Separate the infos with comma (,) characters. This option is only useful when generating a table style report (-T). The various info values will be separated (delimited) from one another with a single comma "," character. +-- -=item -M - +-M:: ++ +-- Print raw (machine readable) values in long reports. By default capinfos prints numeric values with human-readable SI suffixes, and shows human-readable file type and encapsulation. Table reports (-T) always print raw values. +-- -=item -n - +-n:: ++ +-- Displays a count of the number of resolved IPv4 addresses and a count of the number of resolved IPv6 addresses in the file. +-- -=item -N - +-N:: ++ +-- Do not quote the infos. This option is only useful when generating a table style report (-T). Excluding any quoting characters around the various values and using a TAB delimiter produces a very "clean" table report that is easily parsed with CLI tools. By -default infos are B quoted. - -=item -o +default infos are *NOT* quoted. +-- +-o:: ++ +-- Displays "True" if packets exist in strict chronological order or "False" if one or more packets in the capture exists "out-of-order" time-wise. +-- -=item -q - +-q:: ++ +-- Quote infos with single quotes ('). This option is only useful when generating a table style report (-T). When this option is enabled, each value will be @@ -255,9 +304,11 @@ encapsulated within a pair of single quote (') characters. This option (when used with the -m option) is useful for generating one type of CSV style file report. +-- -=item -Q - +-Q:: ++ +-- Quote infos with double quotes ("). This option is only useful when generating a table style report (-T). When this option is enabled, each value will be @@ -265,69 +316,90 @@ encapsulated within a pair of double quote (") characters. This option (when used with the -m option) is useful for generating the most common type of CSV style file report. +-- -=item -r - +-r:: ++ +-- Do not generate header record. This option is only useful when generating a table style report (-T). -If this option is specified then B header record will be +If this option is specified then *no* header record will be generated within the table report. +-- -=item -R - +-R:: ++ +-- Generate header record. This option is only useful when generating a table style report (-T). A header is generated by default. A header record (if generated) is the first line of data reported and includes labels for all the columns included within the table report. +-- -=item -s - +-s:: ++ +-- Displays the size of the file, in bytes. This reports the size of the capture file itself. +-- -=item -S - +-S:: ++ +-- Display the start and end times as seconds since January -1, 1970. Handy for synchronizing dumps using B. - -=item -t +1, 1970. Handy for synchronizing dumps using *editcap -t*. +-- +-t:: ++ +-- Displays the capture type of the capture file. +-- -=item -T - +-T:: ++ +-- Generate a table report. A table report is a text file that is suitable for importing into a spreadsheet or database. Capinfos can build a tab delimited text file (the default) or several variations on Comma-separated values (CSV) files. +-- -=item -u - +-u:: ++ +-- Displays the capture duration, in seconds. This is the difference in time between the earliest packet seen and latest packet seen. +-- -=item -v - +-v:: ++ +-- Displays the tool's version and exits. +-- -=item -x - +-x:: ++ +-- Displays the average packet rate, in packets/sec +-- -=item -y - +-y:: ++ +-- Displays the average data rate, in bytes/sec +-- -=item -z - +-z:: ++ +-- Displays the average packet size, in bytes +-- -=back - -=head1 EXAMPLES +== EXAMPLES To see a description of the capinfos options use: @@ -352,7 +424,6 @@ or capinfos -TmQ mycapture.pcap - To generate a TAB delimited table style report with just the filenames, capture type, capture encapsulation type and packet count for all the pcap files in the current directory use: @@ -375,27 +446,26 @@ a text file called mycaptures.csv use: The resulting mycaptures.csv file can be easily imported into spreadsheet applications. -=head1 SEE ALSO +== SEE ALSO -pcap(3), wireshark(1), mergecap(1), editcap(1), tshark(1), -dumpcap(1), captype(1), pcap-filter(7) or tcpdump(8) +xref:https://www.tcpdump.org/manpages/pcap.3pcap.html[pcap](3), xref:wireshark.html[wireshark](1), xref:mergecap.html[mergecap](1), xref:editcap.html[editcap](1), xref:tshark.html[tshark](1), +xref:dumpcap.html[dumpcap](1), xref:captype.html[captype](1), xref:https://www.tcpdump.org/manpages/pcap-filter.7.html[pcap-filter](7) or xref:https://www.tcpdump.org/manpages/tcpdump.1.html[tcpdump](8) -=head1 NOTES +== NOTES -B is part of the B distribution. The latest version -of B can be found at L. +*Capinfos* is part of the *Wireshark* distribution. The latest version +of *Wireshark* can be found at https://www.wireshark.org. HTML versions of the Wireshark project man pages are available at: -L. +https://www.wireshark.org/docs/man-pages. -=head1 AUTHORS +== AUTHORS - Original Author - -------- ------ - Ian Schorr +.Original Author +[%hardbreaks] +Ian Schorr - - Contributors - ------------ - Gerald Combs - Jim Young +.Contributors +[%hardbreaks] +Gerald Combs +Jim Young diff --git a/doc/captype.adoc b/doc/captype.adoc index 1ea31d2558..ae80a83f08 100644 --- a/doc/captype.adoc +++ b/doc/captype.adoc @@ -1,54 +1,55 @@ -=begin man += captype(1) +:doctype: manpage +include::../docbook/attributes.adoc[] +:stylesheet: ws.css +:linkcss: +:copycss: ../docbook/{stylesheet} -=encoding utf8 - -=end man - -=head1 NAME +== NAME captype - Prints the types of capture files -=head1 SYNOPSIS +== SYNOPSIS -B -EIE -I<...> +[manarg] +*captype* +<__infile__> +__...__ -=head1 DESCRIPTION +== DESCRIPTION -B is a program that opens one or more capture files and -prints the capture file type of each EIE. +*Captype* is a program that opens one or more capture files and +prints the capture file type of each <__infile__>. -B is able to detect and read the same capture files that are -supported by B. +*Captype* is able to detect and read the same capture files that are +supported by *Wireshark*. The input files don't need a specific filename extension; the file format and an optional gzip, zstd or lz4 compression will be automatically detected. -Near the beginning of the DESCRIPTION section of wireshark(1) or -L -is a detailed description of the way B handles this, which is -the same way B handles this. +Near the beginning of the DESCRIPTION section of xref:wireshark.html[wireshark](1) or +https://www.wireshark.org/docs/man-pages/wireshark.html +is a detailed description of the way *Wireshark* handles this, which is +the same way *Captype* handles this. -=head1 SEE ALSO +== SEE ALSO -pcap(3), wireshark(1), mergecap(1), editcap(1), tshark(1), -dumpcap(1), capinfos(1), pcap-filter(7) or tcpdump(8) +xref:https://www.tcpdump.org/manpages/pcap.3pcap.html[pcap](3), xref:wireshark.html[wireshark](1), xref:mergecap.html[mergecap](1), xref:editcap.html[editcap](1), xref:tshark.html[tshark](1), +xref:dumpcap.html[dumpcap](1), xref:capinfos.html[capinfos](1), xref:https://www.tcpdump.org/manpages/pcap-filter.7.html[pcap-filter](7) or xref:https://www.tcpdump.org/manpages/tcpdump.1.html[tcpdump](8) -=head1 NOTES +== NOTES -B is part of the B distribution. The latest version -of B can be found at L. +*Captype* is part of the *Wireshark* distribution. The latest version +of *Wireshark* can be found at https://www.wireshark.org. HTML versions of the Wireshark project man pages are available at: -L. +https://www.wireshark.org/docs/man-pages. -=head1 AUTHORS +== AUTHORS - Original Author - -------- ------ - Ian Schorr +.Original Author +[%hardbreaks] +Ian Schorr - - Contributors - ------------ - Gerald Combs - Jim Young +.Contributors +[%hardbreaks] +Gerald Combs +Jim Young diff --git a/doc/ciscodump.adoc b/doc/ciscodump.adoc index 30c0503f5a..bac46b5410 100644 --- a/doc/ciscodump.adoc +++ b/doc/ciscodump.adoc @@ -1,125 +1,149 @@ -=begin man += ciscodump(1) +:doctype: manpage +include::../docbook/attributes.adoc[] +:stylesheet: ws.css +:linkcss: +:copycss: ../docbook/{stylesheet} -=encoding utf8 - -=end man - -=head1 NAME +== NAME ciscodump - Provide interfaces to capture from a remote Cisco router through SSH. -=head1 SYNOPSIS +== SYNOPSIS -B -S<[ B<--help> ]> -S<[ B<--version> ]> -S<[ B<--extcap-interfaces> ]> -S<[ B<--extcap-dlts> ]> -S<[ B<--extcap-interface>=EinterfaceE ]> -S<[ B<--extcap-config> ]> -S<[ B<--extcap-capture-filter>=Ecapture filterE ]> -S<[ B<--capture> ]> -S<[ B<--fifo>=Epath to file or pipeE ]> -S<[ B<--remote-host>=EIP addressE ]> -S<[ B<--remote-port>=ETCP portE ]> -S<[ B<--remote-username>=EusernameE ]> -S<[ B<--remote-password>=EpasswordE ]> -S<[ B<--remote-filter>=EfilterE ]> -S<[ B<--sshkey>=Epublic key pathE ]> -S<[ B<--remote-interface>=EinterfaceE ]> +[manarg] +*ciscodump* +[ *--help* ] +[ *--version* ] +[ *--extcap-interfaces* ] +[ *--extcap-dlts* ] +[ *--extcap-interface*= ] +[ *--extcap-config* ] +[ *--extcap-capture-filter*= ] +[ *--capture* ] +[ *--fifo*= ] +[ *--remote-host*= ] +[ *--remote-port*= ] +[ *--remote-username*= ] +[ *--remote-password*= ] +[ *--remote-filter*= ] +[ *--sshkey*= ] +[ *--remote-interface*= ] +[manarg] +*ciscodump* +*--extcap-interfaces* -B -S> +[manarg] +*ciscodump* +*--extcap-interface*= +*--extcap-dlts* -B -S=EinterfaceE> -S> +[manarg] +*ciscodump* +*--extcap-interface*= +*--extcap-config* -B -S=EinterfaceE> -S> +[manarg] +*ciscodump* +*--extcap-interface*= +*--fifo*= +*--capture* +*--remote-host=remoterouter* +*--remote-port=22* +*--remote-username=user* +*--remote-interface*= -B -S=EinterfaceE> -S=Epath to file or pipeE> -S> -S> -S> -S> -S=Ethe router interfaceE> +== DESCRIPTION -=head1 DESCRIPTION - -B is an extcap tool that relies on Cisco EPC to allow a user to run a remote capture +*Ciscodump* is an extcap tool that relies on Cisco EPC to allow a user to run a remote capture on a Cisco router in a SSH connection. The minimum IOS version supporting this feature is 12.4(20)T. More details can be found here: https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-embedded-packet-capture/datasheet_c78-502727.html Supported interfaces: -=over 4 +1. cisco -=item 1. cisco - -=back - -=head1 OPTIONS - -=over 4 - -=item --help +== OPTIONS +--help:: ++ +-- Print program arguments. +-- -=item --version - +--version:: ++ +-- Print program version. +-- -=item --extcap-interfaces - +--extcap-interfaces:: ++ +-- List available interfaces. +-- -=item --extcap-interface=EinterfaceE - +--extcap-interface=:: ++ +-- Use specified interfaces. +-- -=item --extcap-dlts - +--extcap-dlts:: ++ +-- List DLTs of specified interface. +-- -=item --extcap-config - +--extcap-config:: ++ +-- List configuration options of specified interface. +-- -=item --capture - +--capture:: ++ +-- Start capturing from specified interface and save it in place specified by --fifo. +-- -=item --fifo=Epath to file or pipeE - +--fifo=:: ++ +-- Save captured packet to file or send it through pipe. +-- -=item --remote-host=Eremote hostE - +--remote-host=:: ++ +-- The address of the remote host for capture. +-- -=item --remote-port=Eremote portE - +--remote-port=:: ++ +-- The SSH port of the remote host. +-- -=item --remote-username=EusernameE - +--remote-username=:: ++ +-- The username for ssh authentication. +-- -=item --remote-password=EpasswordE - +--remote-password=:: ++ +-- The password to use (if not ssh-agent and pubkey are used). WARNING: the passwords are stored in plaintext and visible to all users on this system. It is recommended to use keyfiles with a SSH agent. +-- -=item --remote-filter=EfilterE - +--remote-filter=:: ++ +-- The remote filter on the router. This is a capture filter that follows the Cisco IOS standards (https://www.cisco.com/c/en/us/support/docs/ip/access-lists/26448-ACLsamples.html). @@ -132,22 +156,27 @@ Examples: permit ip host MYHOST any, permit ip any host MYHOST (capture the traffic for MYHOST) deny ip host MYHOST any, deny ip any host MYHOST, permit ip any any (capture all the traffic except MYHOST) +-- -=item --sshkey=ESSH private key pathE - +--sshkey=:: ++ +-- The path to a private key for authentication. +-- -=item --remote-interface=Eremote interfaceE - +--remote-interface=:: ++ +-- The remote network interface to capture from. +-- -=item --extcap-capture-filter=Ecapture filterE - +--extcap-capture-filter=:: ++ +-- Unused (compatibility only). +-- -=back - -=head1 EXAMPLES +== EXAMPLES To see program arguments: @@ -200,7 +229,6 @@ To see interface configuration options: arg {number=8}{call=--remote-count}{display=Packets to capture}{type=unsigned}{required=true} {tooltip=The number of remote packets to capture.} - To capture: ciscodump --extcap-interface cisco --fifo=/tmp/cisco.pcap --capture --remote-host 192.168.1.10 @@ -209,7 +237,7 @@ To capture: NOTE: Packet count is mandatory, hence the capture will start after this number. -=head1 KNOWN ISSUES +== KNOWN ISSUES The configuration of the capture on the routers is a multi-step process. If the SSH connection is interrupted during it, the configuration can be in an inconsistent state. That can happen also if the capture is stopped and ciscodump @@ -222,20 +250,20 @@ buffer, ciscodump waits for the capture to complete and then issues the command specifies a number of packets above the currently captured, the show command is never shown. Not only is the count of the maximum number of captured packets, but it is also the _exact_ number of expected packets. -=head1 SEE ALSO +== SEE ALSO -wireshark(1), tshark(1), dumpcap(1), extcap(4), sshdump(1) +xref:wireshark.html[wireshark](1), xref:tshark.html[tshark](1), xref:dumpcap.html[dumpcap](1), xref:extcap.html[extcap](4), xref:sshdump.html[sshdump](1) -=head1 NOTES +== NOTES -B is part of the B distribution. The latest version -of B can be found at L. +*ciscodump* is part of the *Wireshark* distribution. The latest version +of *Wireshark* can be found at https://www.wireshark.org. HTML versions of the Wireshark project man pages are available at: -L. +https://www.wireshark.org/docs/man-pages. -=head1 AUTHORS +== AUTHORS - Original Author - -------- ------ - Dario Lombardo +.Original Author +[%hardbreaks] +Dario Lombardo diff --git a/doc/dftest.adoc b/doc/dftest.adoc index 6f2ae63e9a..65c30a65b0 100644 --- a/doc/dftest.adoc +++ b/doc/dftest.adoc @@ -1,33 +1,33 @@ -=begin man += dftest(1) +:doctype: manpage +include::../docbook/attributes.adoc[] +:stylesheet: ws.css +:linkcss: +:copycss: ../docbook/{stylesheet} -=encoding utf8 - -=end man - -=head1 NAME +== NAME dftest - Shows display filter byte-code, for debugging dfilter routines. -=head1 SYNOPSIS +== SYNOPSIS -B -S<[ EfilterE ]> +[manarg] +*dftest* +[ ] -=head1 DESCRIPTION +== DESCRIPTION -B is a simple tool which compiles a display filter and shows its bytecode. +*dftest* is a simple tool which compiles a display filter and shows its bytecode. -=head1 OPTIONS - -=over 4 - -=item filter +== OPTIONS +filter:: ++ +-- The display filter expression. If needed it has to be quoted. +-- -=back - -=head1 EXAMPLES +== EXAMPLES Show how the IP protocol is filtered: @@ -37,6 +37,6 @@ Shows how frame 150 is filtered: dftest "frame.number == 150" -=head1 SEE ALSO +== SEE ALSO -wireshark-filter(4) +xref:wireshark-filter.html[wireshark-filter](4) diff --git a/doc/dpauxmon.adoc b/doc/dpauxmon.adoc index 196b0da066..69af1c2881 100644 --- a/doc/dpauxmon.adoc +++ b/doc/dpauxmon.adoc @@ -1,100 +1,116 @@ -=begin man += dpauxmon(1) +:doctype: manpage +include::../docbook/attributes.adoc[] +:stylesheet: ws.css +:linkcss: +:copycss: ../docbook/{stylesheet} -=encoding utf8 - -=end man - -=head1 NAME +== NAME dpauxmon - Provide interfaces to capture DisplayPort AUX channel data. -=head1 SYNOPSIS +== SYNOPSIS -B -S<[ B<--help> ]> -S<[ B<--version> ]> -S<[ B<--extcap-interfaces> ]> -S<[ B<--extcap-dlts> ]> -S<[ B<--extcap-interface>=EinterfaceE ]> -S<[ B<--extcap-config> ]> -S<[ B<--extcap-capture-filter>=Ecapture filterE ]> -S<[ B<--capture> ]> -S<[ B<--fifo>=Epath to file or pipeE ]> -S<[ B<--interface_id>=EInterface ID to captureE ]> +[manarg] +*dpauxmon* +[ *--help* ] +[ *--version* ] +[ *--extcap-interfaces* ] +[ *--extcap-dlts* ] +[ *--extcap-interface*= ] +[ *--extcap-config* ] +[ *--extcap-capture-filter*= ] +[ *--capture* ] +[ *--fifo*= ] +[ *--interface_id*= ] -B -S> +[manarg] +*dpauxmon* +*--extcap-interfaces* -B -S=EinterfaceE> -S> +[manarg] +*dpauxmon* +*--extcap-interface*= +*--extcap-dlts* -B -S=EinterfaceE> -S> +[manarg] +*dpauxmon* +*--extcap-interface*= +*--extcap-config* -B -S=EinterfaceE> -S=Epath to file or pipeE> -S> -S> +[manarg] +*dpauxmon* +*--extcap-interface*= +*--fifo*= +*--capture* +*--interface_id=interface_id* -=head1 DESCRIPTION +== DESCRIPTION -B is an extcap tool that can capture DisplayPort AUX channel data +*dpauxmon* is an extcap tool that can capture DisplayPort AUX channel data from linux kernel drivers using the generic netlink interface. Supported interfaces: -=over 4 +1. dpauxmon -=item 1. dpauxmon - -=back - -=head1 OPTIONS - -=over 4 - -=item --help +== OPTIONS +--help:: ++ +-- Print program arguments. +-- -=item --version - +--version:: ++ +-- Print program version. +-- -=item --extcap-interfaces - +--extcap-interfaces:: ++ +-- List available interfaces. +-- -=item --extcap-interface=EinterfaceE - +--extcap-interface=:: ++ +-- Use specified interfaces. +-- -=item --extcap-dlts - +--extcap-dlts:: ++ +-- List DLTs of specified interface. +-- -=item --extcap-config - +--extcap-config:: ++ +-- List configuration options of specified interface. +-- -=item --capture - +--capture:: ++ +-- Start capturing from specified interface and save it in place specified by --fifo. +-- -=item --fifo=Epath to file or pipeE - +--fifo=:: ++ +-- Save captured packet to file or send it through pipe. +-- -=item --interface_idt=Einterface idE - +--interface_idt=:: ++ +-- The interface for capture. +-- -=back - -=head1 EXAMPLES +== EXAMPLES To see program arguments: @@ -134,20 +150,20 @@ To capture: dpauxmon --extcap-interface=dpauxmon --fifo=/tmp/dpauxmon.pcap --capture --interface_id 0 -=head1 SEE ALSO +== SEE ALSO -wireshark(1), tshark(1), dumpcap(1), extcap(4) +xref:wireshark.html[wireshark](1), xref:tshark.html[tshark](1), xref:dumpcap.html[dumpcap](1), xref:extcap.html[extcap](4) -=head1 NOTES +== NOTES -B is part of the B distribution. The latest version -of B can be found at L. +*dpauxmon* is part of the *Wireshark* distribution. The latest version +of *Wireshark* can be found at https://www.wireshark.org. HTML versions of the Wireshark project man pages are available at: -L. +https://www.wireshark.org/docs/man-pages. -=head1 AUTHORS +== AUTHORS - Original Author - -------- ------ - Dirk Eibach +.Original Author +[%hardbreaks] +Dirk Eibach diff --git a/doc/dumpcap.adoc b/doc/dumpcap.adoc index 29ca7a8ff2..68069a36f9 100644 --- a/doc/dumpcap.adoc +++ b/doc/dumpcap.adoc @@ -1,149 +1,154 @@ -=begin man += dumpcap(1) +:doctype: manpage +include::../docbook/attributes.adoc[] +:stylesheet: ws.css +:linkcss: +:copycss: ../docbook/{stylesheet} -=encoding utf8 - -=end man - -=head1 NAME +== NAME dumpcap - Dump network traffic -=head1 SYNOPSIS +== SYNOPSIS -B -S<[ B<-a>|B<--autostop> Ecapture autostop conditionE ] ...> -S<[ B<-b>|B<--ring-buffer> Ecapture ring buffer optionE ] ...> -S<[ B<-B>|B<--buffer-size> Ecapture buffer sizeE ]> -S<[ B<-c> Ecapture packet countE ]> -S<[ B<-C> Ebyte limitE ]> -S<[ B<-d> ]> -S<[ B<-D>|B<--list-interfaces> ]> -S<[ B<-f> Ecapture filterE ]> -S<[ B<-g> ]> -S<[ B<-h>|B<--help> ]> -S<[ B<-i>|B<--interface> Ecapture interfaceE|rpcap://EhostE:EportE/Ecapture interfaceE|TCP@EhostE:EportE|- ]> -S<[ B<-I>|B<--monitor-mode> ]> -S<[ B<-k> EfreqE,[EtypeE],[Ecenter_freq1E],[Ecenter_freq2E] ]> -S<[ B<-L>|B<--list-data-link-types> ]> -S<[ B<-M> ]> -S<[ B<-n> ]> -S<[ B<-N> Epacket limitE ]> -S<[ B<-p>|B<--no-promiscuous-mode> ]> -S<[ B<--ifdescr> EdescriptionE ]> -S<[ B<--ifname> EnameE ]> -S<[ B<-P> ]> -S<[ B<-q> ]> -S<[ B<-s>|B<--snapshot-length> Ecapture snaplenE ]> -S<[ B<-S> ]> -S<[ B<-t> ]> -S<[ B<-v>|B<--version> ]> -S<[ B<-w> EoutfileE ]> -S<[ B<-y>|B<--linktype> Ecapture link typeE ]> -S<[ B<--capture-comment> EcommentE ]> -S<[ B<--list-time-stamp-types> ]> -S<[ B<--time-stamp-type> EtypeE ]> +[manarg] +*dumpcap* +[ *-a*|*--autostop* ] ... +[ *-b*|*--ring-buffer* ] ... +[ *-B*|*--buffer-size* ] +[ *-c* ] +[ *-C* ] +[ *-d* ] +[ *-D*|*--list-interfaces* ] +[ *-f* ] +[ *-g* ] +[ *-h*|*--help* ] +[ *-i*|*--interface* |rpcap://:/|TCP@:|- ] +[ *-I*|*--monitor-mode* ] +[ *-k* ,[],[],[] ] +[ *-L*|*--list-data-link-types* ] +[ *-M* ] +[ *-n* ] +[ *-N* ] +[ *-p*|*--no-promiscuous-mode* ] +[ *--ifdescr* ] +[ *--ifname* ] +[ *-P* ] +[ *-q* ] +[ *-s*|*--snapshot-length* ] +[ *-S* ] +[ *-t* ] +[ *-v*|*--version* ] +[ *-w* ] +[ *-y*|*--linktype* ] +[ *--capture-comment* ] +[ *--list-time-stamp-types* ] +[ *--time-stamp-type* ] -=head1 DESCRIPTION +== DESCRIPTION -B is a network traffic dump tool. It lets you capture packet -data from a live network and write the packets to a file. B's -default capture file format is B format. -When the B<-P> option is specified, the output file is written in the -B format. +*Dumpcap* is a network traffic dump tool. It lets you capture packet +data from a live network and write the packets to a file. *Dumpcap*'s +default capture file format is *pcapng* format. +When the *-P* option is specified, the output file is written in the +*pcap* format. Without any options set it will use the libpcap, Npcap, or WinPcap library to capture traffic from the first available network interface and writes the received raw packet data, along with the packets' time stamps into a pcap file. -If the B<-w> option is not specified, B writes to a newly +If the *-w* option is not specified, *Dumpcap* writes to a newly created pcap file with a randomly chosen name. -If the B<-w> option is specified, B writes to the file +If the *-w* option is specified, *Dumpcap* writes to the file specified by that option. Packet capturing is performed with the pcap library. The capture filter syntax follows the rules of the pcap library. -=head1 OPTIONS +== OPTIONS -=over 4 +-a|--autostop :: ++ +-- +Specify a criterion that specifies when *Dumpcap* is to stop writing +to a capture file. The criterion is of the form __test:value__, +where __test__ is one of: -=item -a|--autostop Ecapture autostop conditionE - -Specify a criterion that specifies when B is to stop writing -to a capture file. The criterion is of the form I, -where I is one of: - -B:I Stop writing to a capture file after I seconds have +*duration*:__value__ Stop writing to a capture file after __value__ seconds have elapsed. Floating point values (e.g. 0.5) are allowed. -B:I Stop writing to capture files after I number of files +*files*:__value__ Stop writing to capture files after __value__ number of files were written. -B:I Stop writing to a capture file after it reaches a size of -I kB. If this option is used together with the -b option, dumpcap will +*filesize*:__value__ Stop writing to a capture file after it reaches a size of +__value__ kB. If this option is used together with the -b option, dumpcap will stop writing to the current capture file and switch to the next one if filesize is reached. Note that the filesize is limited to a maximum value of 2 GiB. -B:I Stop writing to a capture file after I packets -have been written. Same as B<-c> Ecapture packet countE. +*packets*:__value__ Stop writing to a capture file after __value__ packets +have been written. Same as *-c* . +-- -=item -b|--ring-buffer Ecapture ring buffer optionE +-b|--ring-buffer :: ++ +-- +Cause *Dumpcap* to run in "multiple files" mode. In "multiple files" mode, +*Dumpcap* will write to several capture files. When the first capture file +fills up, *Dumpcap* will switch writing to the next file and so on. -Cause B to run in "multiple files" mode. In "multiple files" mode, -B will write to several capture files. When the first capture file -fills up, B will switch writing to the next file and so on. - -The created filenames are based on the filename given with the B<-w> option, +The created filenames are based on the filename given with the *-w* option, the number of the file and on the creation date and time, e.g. outfile_00001_20210714120117.pcap, outfile_00002_20210714120523.pcap, ... -With the I option it's also possible to form a "ring buffer". +With the __files__ option it's also possible to form a "ring buffer". This will fill up new files until the number of files specified, -at which point B will discard the data in the first file and start -writing to that file and so on. If the I option is not set, +at which point *Dumpcap* will discard the data in the first file and start +writing to that file and so on. If the __files__ option is not set, new files filled up until one of the capture stop conditions match (or until the disk is full). -The criterion is of the form I, -where I is one of: +The criterion is of the form __key:value__, +where __key__ is one of: -B:I switch to the next file after I seconds have +*duration*:__value__ switch to the next file after __value__ seconds have elapsed, even if the current file is not completely filled up. Floating point values (e.g. 0.5) are allowed. -B:I begin again with the first file after I number of +*files*:__value__ begin again with the first file after __value__ number of files were written (form a ring buffer). This value must be less than 100000. Caution should be used when using large numbers of files: some filesystems do -not handle many files in a single directory well. The B criterion -requires either B, B or B to be specified to -control when to go to the next file. It should be noted that each B<-b> +not handle many files in a single directory well. The *files* criterion +requires either *duration*, *interval* or *filesize* to be specified to +control when to go to the next file. It should be noted that each *-b* parameter takes exactly one criterion; to specify two criterion, each must be -preceded by the B<-b> option. +preceded by the *-b* option. -B:I switch to the next file after it reaches a size of -I kB. Note that the filesize is limited to a maximum value of 2 GiB. +*filesize*:__value__ switch to the next file after it reaches a size of +__value__ kB. Note that the filesize is limited to a maximum value of 2 GiB. -B:I switch to the next file when the time is an exact -multiple of I seconds. For example, use 3600 to switch to a new file +*interval*:__value__ switch to the next file when the time is an exact +multiple of __value__ seconds. For example, use 3600 to switch to a new file every hour on the hour. -B:I switch to the next file after it contains I +*packets*:__value__ switch to the next file after it contains __value__ packets. -B:I print the name of the most recently written file -to I after the file is closed. I can be C or C<-> -for standard output, or C for standard error. +*printname*:__filename__ print the name of the most recently written file +to __filename__ after the file is closed. __filename__ can be `stdout` or `-` +for standard output, or `stderr` for standard error. -Example: B<-b filesize:1000 -b files:5> results in a ring buffer of five files +Example: *-b filesize:1000 -b files:5* results in a ring buffer of five files of size one megabyte each. +-- -=item -B|--buffer-size Ecapture buffer sizeE - +-B|--buffer-size :: ++ +-- Set capture buffer size (in MiB, default is 2 MiB). This is used by the capture driver to buffer packet data until that data can be written to disk. If you encounter packet drops while capturing, try to increase -this size. Note that, while B attempts to set the buffer size +this size. Note that, while *Dumpcap* attempts to set the buffer size to 2 MiB by default, and can be told to set it to a larger value, the system or interface on which you're capturing might silently limit the capture buffer size to a lower value or raise it to a higher value. @@ -153,115 +158,137 @@ Windows. It is not available on UNIX systems with earlier versions of libpcap. This option can occur multiple times. If used before the first -occurrence of the B<-i> option, it sets the default capture buffer size. -If used after an B<-i> option, it sets the capture buffer size for -the interface specified by the last B<-i> option occurring before +occurrence of the *-i* option, it sets the default capture buffer size. +If used after an *-i* option, it sets the capture buffer size for +the interface specified by the last *-i* option occurring before this option. If the capture buffer size is not set specifically, the default capture buffer size is used instead. +-- -=item -c Ecapture packet countE - +-c :: ++ +-- Set the maximum number of packets to read when capturing live -data. Same as B<-a packets:>Ecapture packet countE. - -=item -C Ebyte limitE +data. Same as *-a packets:*. +-- +-C :: ++ +-- Limit the amount of memory in bytes used for storing captured packets in memory while processing it. -If used in combination with the B<-N> option, both limits will apply. +If used in combination with the *-N* option, both limits will apply. Setting this limit will enable the usage of the separate thread per interface. +-- -=item -d - +-d:: ++ +-- Dump the code generated for the capture filter in a human-readable form, and exit. +-- -=item -D|--list-interfaces - -Print a list of the interfaces on which B can capture, and +-D|--list-interfaces:: ++ +-- +Print a list of the interfaces on which *Dumpcap* can capture, and exit. For each network interface, a number and an interface name, possibly followed by a text description of the interface, is printed. The interface name or the number can be supplied -to the B<-i> option to specify an interface on which to capture. +to the *-i* option to specify an interface on which to capture. This can be useful on systems that don't have a command to list them -(UNIX systems lacking B or Linux systems lacking -B). The number can be useful on Windows systems, where +(UNIX systems lacking *ifconfig -a* or Linux systems lacking +*ip link show*). The number can be useful on Windows systems, where the interface name might be a long name or a GUID. -Note that "can capture" means that B was able to open +Note that "can capture" means that *Dumpcap* was able to open that device to do a live capture. Depending on your system you may need to run dumpcap from an account with special privileges (for example, as root) to be able to capture network traffic. -If "B" is not run from such an account, it will not list +If "*dumpcap -D*" is not run from such an account, it will not list any interfaces. +-- -=item -f Ecapture filterE - +-f :: ++ +-- Set the capture filter expression. The entire filter expression must be specified as a single argument (which means that if it contains spaces, it must be quoted). This option can occur multiple times. If used before the first -occurrence of the B<-i> option, it sets the default capture filter expression. -If used after an B<-i> option, it sets the capture filter expression for -the interface specified by the last B<-i> option occurring before +occurrence of the *-i* option, it sets the default capture filter expression. +If used after an *-i* option, it sets the capture filter expression for +the interface specified by the last *-i* option occurring before this option. If the capture filter expression is not set specifically, the default capture filter expression is used if provided. Pre-defined capture filter names, as shown in the GUI menu item Capture->Capture Filters, can be used by prefixing the argument with "predef:". -Example: B<-f "predef:MyPredefinedHostOnlyFilter"> - -=item -g +Example: *-f "predef:MyPredefinedHostOnlyFilter"* +-- +-g:: ++ +-- This option causes the output file(s) to be created with group-read permission (meaning that the output file(s) can be read by other members of the calling user's group). +-- -=item -h|--help - +-h|--help:: ++ +-- Print the version and options and exits. +-- -=item -i|--interface Ecapture interfaceE|rpcap://EhostE:EportE/Ecapture interfaceE|TCP@EhostE:EportE|- - +-i|--interface |rpcap://:/|TCP@:|-:: ++ +-- Set the name of the network interface or pipe to use for live packet capture. Network interface names should match one of the names listed in -"B" (described above); a number, as reported by -"B", can also be used. If you're using UNIX, "B", "B" or "B" might also work to list interface names, -although not all versions of UNIX support the B<-a> option to B. +"*dumpcap -D*" (described above); a number, as reported by +"*dumpcap -D*", can also be used. If you're using UNIX, "*netstat + -i*", "*ifconfig -a*" or "*ip link*" might also work to list interface names, +although not all versions of UNIX support the *-a* option to *ifconfig*. -If no interface is specified, B searches the list of +If no interface is specified, *Dumpcap* searches the list of interfaces, choosing the first non-loopback interface if there are any non-loopback interfaces, and choosing the first loopback interface if there are no non-loopback interfaces. If there are no interfaces at all, -B reports an error and doesn't start the capture. +*Dumpcap* reports an error and doesn't start the capture. Pipe names should be either the name of a FIFO (named pipe) or "-" to read data from the standard input. On Windows systems, pipe names must be -of the form "\\pipe\.\B". Data read from pipes must be in +of the form "\\pipe\.\*pipename*". Data read from pipes must be in standard pcapng or pcap format. Pcapng data must have the same endianness as the capturing host. This option can occur multiple times. When capturing from multiple interfaces, the capture file will be saved in pcapng format. +-- -=item --ifdescr> EdescriptionE +--ifdescr> :: ++ +-- +Use __description__ as the description in the capture file for the +interface or pipe specified before it with *-i*. +-- -Use I as the description in the capture file for the -interface or pipe specified before it with B<-i>. - -=item --ifname> EnameE - -Use I as the name in the capture file for the the interface or -pipe specified before it with B<-i>. - -=item -I|--monitor-mode +--ifname> :: ++ +-- +Use __name__ as the name in the capture file for the the interface or +pipe specified before it with *-i*. +-- +-I|--monitor-mode:: ++ +-- Put the interface in "monitor mode"; this is supported only on IEEE 802.11 Wi-Fi interfaces, and supported only on some operating systems. @@ -273,99 +300,125 @@ if you are capturing in monitor mode and are not connected to another network with another adapter. This option can occur multiple times. If used before the first -occurrence of the B<-i> option, it enables the monitor mode for all interfaces. -If used after an B<-i> option, it enables the monitor mode for -the interface specified by the last B<-i> option occurring before +occurrence of the *-i* option, it enables the monitor mode for all interfaces. +If used after an *-i* option, it enables the monitor mode for +the interface specified by the last *-i* option occurring before this option. +-- -=item -k EfreqE,[EtypeE],[Ecenter_freq1E],[Ecenter_freq2>E - +-k ,[],[],[>:: ++ +-- Set the channel on the interface; this is supported only on IEEE 802.11 Wi-Fi interfaces, and supported only on some operating systems. -I is the frequency of the channel. I is the type of the -channel, for 802.11n and 802.11ac. The values for I are - -=over 8 - -=item NOHT +__freq__ is the frequency of the channel. __type__ is the type of the +channel, for 802.11n and 802.11ac. The values for __type__ are +-- +NOHT:: ++ +-- Used for non-802.11n/non-802.1ac channels +-- -=item HT20 - +HT20:: ++ +-- 20 MHz channel +-- -=item HT40- - +HT40-:: ++ +-- 40 MHz primary channel and a lower secondary channel +-- -=item HT40+ - +HT40+:: ++ +-- 40 MHz primary channel and a higher secondary channel +-- -=item HT80 +HT80:: ++ +-- +80 MHz channel, with __centerfreq1__ as its center frequency +-- -80 MHz channel, with I as its center frequency - -=item VHT80+80 - -two 80 MHz channels combined, with I and I as +VHT80+80:: ++ +-- +two 80 MHz channels combined, with __centerfreq1__ and __centerfreq2__ as the center frequencies of the two channels +-- -=item VHT160 - -160 MHz channel, with I as its center frequency - -=back - -=item -L|--list-data-link-types +VHT160:: ++ +-- +160 MHz channel, with __centerfreq1__ as its center frequency +-- +-L|--list-data-link-types:: ++ +-- List the data link types supported by the interface and exit. The reported -link types can be used for the B<-y> option. +link types can be used for the *-y* option. +-- -=item -M - -When used with B<-D>, B<-L>, B<-S> or B<--list-time-stamp-types> print +-M:: ++ +-- +When used with *-D*, *-L*, *-S* or *--list-time-stamp-types* print machine-readable output. -The machine-readable output is intended to be read by B and -B; its format is subject to change from release to release. - -=item -n +The machine-readable output is intended to be read by *Wireshark* and +*TShark*; its format is subject to change from release to release. +-- +-n:: ++ +-- Save files as pcapng. This is the default. +-- -=item -N Epacket limitE - +-N :: ++ +-- Limit the number of packets used for storing captured packets in memory while processing it. -If used in combination with the B<-C> option, both limits will apply. +If used in combination with the *-C* option, both limits will apply. Setting this limit will enable the usage of the separate thread per interface. +-- -=item -p|--no-promiscuous-mode - -I put the interface into promiscuous mode. Note that the +-p|--no-promiscuous-mode:: ++ +-- +__Don't__ put the interface into promiscuous mode. Note that the interface might be in promiscuous mode for some other reason; hence, -B<-p> cannot be used to ensure that the only traffic that is captured is -traffic sent to or from the machine on which B is running, +*-p* cannot be used to ensure that the only traffic that is captured is +traffic sent to or from the machine on which *Dumpcap* is running, broadcast traffic, and multicast traffic to addresses received by that machine. This option can occur multiple times. If used before the first -occurrence of the B<-i> option, no interface will be put into the +occurrence of the *-i* option, no interface will be put into the promiscuous mode. -If used after an B<-i> option, the interface specified by the last B<-i> +If used after an *-i* option, the interface specified by the last *-i* option occurring before this option will not be put into the promiscuous mode. +-- -=item -P - +-P:: ++ +-- Save files as pcap instead of the default pcapng. In situations that require pcapng, such as capturing from multiple interfaces, this option will be overridden. +-- -=item -q - +-q:: ++ +-- When capturing packets, don't display the continuous count of packets captured that is normally shown when saving a capture to a file; instead, just display, at the end of the capture, a count of packets @@ -374,51 +427,65 @@ BSDs, you can cause the current count to be displayed by typing your "status" character (typically control-T, although it might be set to "disabled" by default on at least some BSDs, so you'd have to explicitly set it to use it). +-- -=item -s|--snapshot-length Ecapture snaplenE - +-s|--snapshot-length :: ++ +-- Set the default snapshot length to use when capturing live data. -No more than I bytes of each network packet will be read into +No more than __snaplen__ bytes of each network packet will be read into memory, or saved to disk. A value of 0 specifies a snapshot length of 262144, so that the full packet is captured; this is the default. This option can occur multiple times. If used before the first -occurrence of the B<-i> option, it sets the default snapshot length. -If used after an B<-i> option, it sets the snapshot length for -the interface specified by the last B<-i> option occurring before +occurrence of the *-i* option, it sets the default snapshot length. +If used after an *-i* option, it sets the snapshot length for +the interface specified by the last *-i* option occurring before this option. If the snapshot length is not set specifically, the default snapshot length is used if provided. +-- -=item -S - +-S:: ++ +-- Print statistics for each interface once every second. +-- -=item -t - +-t:: ++ +-- Use a separate thread per interface. +-- -=item -v|--version - +-v|--version:: ++ +-- Print the version and exit. +-- -=item -w EoutfileE - -Write raw packet data to I. Use "-" for stdout. - -=item -y|--linktype Ecapture link typeE +-w :: ++ +-- +Write raw packet data to __outfile__. Use "-" for stdout. +-- +-y|--linktype :: ++ +-- Set the data link type to use while capturing packets. The values -reported by B<-L> are the values that can be used. +reported by *-L* are the values that can be used. This option can occur multiple times. If used before the first -occurrence of the B<-i> option, it sets the default capture link type. -If used after an B<-i> option, it sets the capture link type for -the interface specified by the last B<-i> option occurring before +occurrence of the *-i* option, it sets the default capture link type. +If used after an *-i* option, it sets the capture link type for +the interface specified by the last *-i* option occurring before this option. If the capture link type is not set specifically, the default capture link type is used if provided. +-- -=item --capture-comment EcommentE - +--capture-comment :: ++ +-- Add a capture comment to the output file, if supported by the output file format. @@ -427,38 +494,41 @@ single file. This option may be specified multiple times. Note that Wireshark currently only displays the first comment of a capture file. +-- -=item --list-time-stamp-types - +--list-time-stamp-types:: ++ +-- List time stamp types supported for the interface. If no time stamp type can be set, no time stamp types are listed. +-- -=item --time-stamp-type EtypeE - +--time-stamp-type :: ++ +-- Change the interface's timestamp method. +-- -=back +== CAPTURE FILTER SYNTAX -=head1 CAPTURE FILTER SYNTAX +See the manual page of xref:https://www.tcpdump.org/manpages/pcap-filter.7.html[pcap-filter](7) or, if that doesn't exist, xref:https://www.tcpdump.org/manpages/tcpdump.1.html[tcpdump](8), +or, if that doesn't exist, https://gitlab.com/wireshark/wireshark/-/wikis/CaptureFilters. -See the manual page of pcap-filter(7) or, if that doesn't exist, tcpdump(8), -or, if that doesn't exist, L. +== SEE ALSO -=head1 SEE ALSO +xref:wireshark.html[wireshark](1), xref:tshark.html[tshark](1), xref:editcap.html[editcap](1), xref:mergecap.html[mergecap](1), xref:capinfos.html[capinfos](1), xref:https://www.tcpdump.org/manpages/pcap.3pcap.html[pcap](3), +xref:https://www.tcpdump.org/manpages/pcap-filter.7.html[pcap-filter](7) or xref:https://www.tcpdump.org/manpages/tcpdump.1.html[tcpdump](8) -wireshark(1), tshark(1), editcap(1), mergecap(1), capinfos(1), pcap(3), -pcap-filter(7) or tcpdump(8) +== NOTES -=head1 NOTES - -B is part of the B distribution. The latest version -of B can be found at L. +*Dumpcap* is part of the *Wireshark* distribution. The latest version +of *Wireshark* can be found at https://www.wireshark.org. HTML versions of the Wireshark project man pages are available at: -L. +https://www.wireshark.org/docs/man-pages. -=head1 AUTHORS +== AUTHORS -B is derived from the B capturing engine code; +*Dumpcap* is derived from the *Wireshark* capturing engine code; see the list of -authors in the B man page for a list of authors of that code. +authors in the *Wireshark* man page for a list of authors of that code. diff --git a/doc/editcap.adoc b/doc/editcap.adoc index d24576f86c..cb4445153b 100644 --- a/doc/editcap.adoc +++ b/doc/editcap.adoc @@ -1,105 +1,110 @@ -=begin man += editcap(1) +:doctype: manpage +include::../docbook/attributes.adoc[] +:stylesheet: ws.css +:linkcss: +:copycss: ../docbook/{stylesheet} -=encoding utf8 - -=end man - -=head1 NAME +== NAME editcap - Edit and/or translate the format of capture files -=head1 SYNOPSIS +== SYNOPSIS -B -S<[ B<-a> Eframe:commentE ]> -S<[ B<-A> Estart timeE ]> -S<[ B<-B> Estop timeE ]> -S<[ B<-c> Epackets per fileE ]> -S<[ B<-C> [offset:]EchoplenE ]> -S<[ B<-E> Eerror probabilityE ]> -S<[ B<-F> Efile formatE ]> -S<[ B<-h> ]> -S<[ B<-i> Eseconds per fileE ]> -S<[ B<-o> Echange offsetE ]> -S<[ B<-L> ]> -S<[ B<-r> ]> -S<[ B<-s> EsnaplenE ]> -S<[ B<-S> Estrict time adjustmentE ]> -S<[ B<-t> Etime adjustmentE ]> -S<[ B<-T> Eencapsulation typeE ]> -S<[ B<-v> ]> -S<[ B<--inject-secrets> Esecrets typeE,EfileE ]> -S<[ B<--discard-all-secrets> ]> -S<[ B<--capture-comment> EcommentE ]> -S<[ B<--discard-capture-comment> ]> -I -I -S<[ I[-I] ... ]> +[manarg] +*editcap* +[ *-a* ] +[ *-A* ] +[ *-B* ] +[ *-c* ] +[ *-C* [offset:] ] +[ *-E* ] +[ *-F* ] +[ *-h* ] +[ *-i* ] +[ *-o* ] +[ *-L* ] +[ *-r* ] +[ *-s* ] +[ *-S* ] +[ *-t*