forked from osmocom/wireshark
Make pcap-ng the default. Add a compile-time option to prefer pcap-ng or
pcap. Add a "-P" capture option which tries to use pcap instead of pcap-ng ("-P" seemed to be the best option but we may want to use a different letter). Update the documentation and release notes. svn path=/trunk/; revision=37696
This commit is contained in:
parent
78f376abc5
commit
8d88f3a790
|
@ -112,7 +112,11 @@ capture_opts_init(capture_options *capture_opts, void *cf)
|
|||
capture_opts->saving_to_file = FALSE;
|
||||
capture_opts->save_file = NULL;
|
||||
capture_opts->group_read_access = FALSE;
|
||||
capture_opts->use_pcapng = FALSE; /* the default is pcap */
|
||||
#ifdef PCAP_NG_DEFAULT
|
||||
capture_opts->use_pcapng = TRUE; /* Save as pcap-ng by default */
|
||||
#else
|
||||
capture_opts->use_pcapng = FALSE; /* Save as pcap by default */
|
||||
#endif
|
||||
capture_opts->real_time_mode = TRUE;
|
||||
capture_opts->show_info = TRUE;
|
||||
capture_opts->quit_after_cap = FALSE;
|
||||
|
@ -725,6 +729,9 @@ capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg_
|
|||
capture_opts->default_options.promisc_mode = FALSE;
|
||||
}
|
||||
break;
|
||||
case 'P': /* Use pcap format */
|
||||
capture_opts->use_pcapng = FALSE;
|
||||
break;
|
||||
case 'Q': /* Quit after capture (just capture to file) */
|
||||
capture_opts->quit_after_cap = TRUE;
|
||||
*start_capture = TRUE; /*** -Q implies -k !! ***/
|
||||
|
|
|
@ -382,6 +382,8 @@ sync_pipe_start(capture_options *capture_opts) {
|
|||
|
||||
if (capture_opts->use_pcapng)
|
||||
argv = sync_pipe_add_arg(argv, &argc, "-n");
|
||||
else
|
||||
argv = sync_pipe_add_arg(argv, &argc, "-P");
|
||||
|
||||
if (capture_opts->multi_files_on) {
|
||||
if (capture_opts->has_autostop_filesize) {
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
#define __STDC__ 0
|
||||
#endif
|
||||
|
||||
/*
|
||||
/*
|
||||
* Flex (v 2.5.35) uses this symbol to "exclude" unistd.h
|
||||
*/
|
||||
#define YY_NO_UNISTD_H
|
||||
|
@ -69,13 +69,14 @@
|
|||
|
||||
@HAVE_AIRPCAP@
|
||||
|
||||
@PCAP_NG_DEFAULT@
|
||||
@MAIN_MENU_USE_UIMANAGER@
|
||||
@WANT_PACKET_EDITOR@
|
||||
|
||||
/* availability of pcap_freecode() is handled at runtime */
|
||||
#define HAVE_PCAP_FREECODE 1
|
||||
|
||||
/* define macro for importing variables from an dll
|
||||
/* define macro for importing variables from an dll
|
||||
* it depends on HAVE_LIBWIRESHARKDLL and _NEED_VAR_IMPORT_
|
||||
*/
|
||||
#if defined (_NEED_VAR_IMPORT_) && defined (HAVE_LIBWIRESHARKDLL)
|
||||
|
|
|
@ -206,6 +206,9 @@ PYTHON="$(PYTHON_DIR)\python.exe"
|
|||
PATH=$(PYTHON_DIR);$(PATH)
|
||||
!ENDIF
|
||||
|
||||
#### Save files as pcap-ng by default. Comment out to use pcap instead. ####
|
||||
PCAP_NG_DEFAULT=^#define PCAP_NG_DEFAULT 1
|
||||
|
||||
##### To Use packet editor uncomment this line ####
|
||||
### Warning Experimental - work in progress
|
||||
#WANT_PACKET_EDITOR=^#define WANT_PACKET_EDITOR 1
|
||||
|
|
|
@ -1231,6 +1231,14 @@ fi
|
|||
AC_SUBST(rawshark_bin)
|
||||
AC_SUBST(rawshark_man)
|
||||
|
||||
dnl Use pcap-ng by default
|
||||
AC_ARG_ENABLE(pcap-ng-default,
|
||||
AC_HELP_STRING( [--enable-pcap-ng-default],
|
||||
[use the pcap-ng file format by default instead of pcap. @<:@default=yes@:>@]),
|
||||
enable_pcap_ng_default=$enableval,enable_pcap_ng_default=yes)
|
||||
if test x$enable_pcap_ng_default = xyes; then
|
||||
AC_DEFINE(PCAP_NG_DEFAULT, 1, [Support for pcap-ng])
|
||||
fi
|
||||
|
||||
dnl pcap remote check
|
||||
AC_MSG_CHECKING(whether to use libpcap remote capturing feature)
|
||||
|
@ -2172,6 +2180,7 @@ echo " Build randpkt : $enable_randpkt"
|
|||
echo " Build dftest : $enable_dftest"
|
||||
echo " Build rawshark : $enable_rawshark"
|
||||
echo ""
|
||||
echo " Save files as pcap-ng by default : $enable_pcap_ng_default"
|
||||
echo " Install dumpcap with capabilities : $setcap_message"
|
||||
echo " Install dumpcap setuid : $setuid_message"
|
||||
echo " Use dumpcap group : $dumpcap_group_message"
|
||||
|
|
|
@ -20,6 +20,7 @@ S<[ B<-L> ]>
|
|||
S<[ B<-n> ]>
|
||||
S<[ B<-M> ]>
|
||||
S<[ B<-p> ]>
|
||||
S<[ B<-P> ]>
|
||||
S<[ B<-q> ]>
|
||||
S<[ B<-s> E<lt>capture snaplenE<gt> ]>
|
||||
S<[ B<-S> ]>
|
||||
|
@ -212,8 +213,7 @@ B<TShark>; its format is subject to change from release to release.
|
|||
|
||||
=item -n
|
||||
|
||||
Write the output file in the pcap-ng format instead of the default pcap
|
||||
format.
|
||||
Save files as pcap-ng. This is the default.
|
||||
|
||||
=item -p
|
||||
|
||||
|
@ -224,6 +224,12 @@ traffic sent to or from the machine on which B<Dumpcap> is running,
|
|||
broadcast traffic, and multicast traffic to addresses received by that
|
||||
machine.
|
||||
|
||||
=item -P
|
||||
|
||||
Save files as pcap instead of the default pcap-ng. In situations that require
|
||||
pcap-ng, such as capturing from multiple interfaces, this option will be
|
||||
overridden.
|
||||
|
||||
=item -q
|
||||
|
||||
When capturing packets, don't display the continuous count of packets
|
||||
|
|
|
@ -63,7 +63,23 @@ Wireshark Info
|
|||
|
||||
<listitem>
|
||||
<para>
|
||||
<!-- -->
|
||||
Wireshark supports capturing from multiple interfaces at once.
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>
|
||||
Wireshark, TShark, and their associated utilities now save files
|
||||
using the pcap-ng file format by default. (Your copy of Wireshark
|
||||
might still use the pcap file format if pcap-ng is disabled in
|
||||
your preferences.)
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>
|
||||
Decryption key management for IEEE 802.11, IPsec, and ISAKMP
|
||||
is now easier.
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
|
|
|
@ -3720,7 +3720,7 @@ main(int argc, char *argv[])
|
|||
#define OPTSTRING_d ""
|
||||
#endif
|
||||
|
||||
#define OPTSTRING "a:" OPTSTRING_A "b:" OPTSTRING_B "c:" OPTSTRING_d "Df:ghi:" OPTSTRING_I "L" OPTSTRING_m "Mnpq" OPTSTRING_r "Ss:t" OPTSTRING_u "vw:y:Z:"
|
||||
#define OPTSTRING "a:" OPTSTRING_A "b:" OPTSTRING_B "c:" OPTSTRING_d "Df:ghi:" OPTSTRING_I "L" OPTSTRING_m "MnpPq" OPTSTRING_r "Ss:t" OPTSTRING_u "vw:y:Z:"
|
||||
|
||||
#ifdef DEBUG_CHILD_DUMPCAP
|
||||
if ((debug_log = ws_fopen("dumpcap_debug_log.tmp","w")) == NULL) {
|
||||
|
@ -3990,6 +3990,7 @@ main(int argc, char *argv[])
|
|||
case 'i': /* Use interface x */
|
||||
case 'n': /* Use pcapng format */
|
||||
case 'p': /* Don't capture in promiscuous mode */
|
||||
case 'P': /* Use pcap format */
|
||||
case 's': /* Set the snapshot (capture) length */
|
||||
case 'w': /* Write to capture file x */
|
||||
case 'g': /* enable group read accesson file(s) */
|
||||
|
|
|
@ -1294,7 +1294,11 @@ init_prefs(void) {
|
|||
prefs.capture_devices_hide = NULL;
|
||||
prefs.capture_devices_monitor_mode = NULL;
|
||||
prefs.capture_prom_mode = TRUE;
|
||||
#ifdef PCAP_NG_DEFAULT
|
||||
prefs.capture_pcap_ng = TRUE;
|
||||
#else
|
||||
prefs.capture_pcap_ng = FALSE;
|
||||
#endif
|
||||
prefs.capture_real_time = TRUE;
|
||||
prefs.capture_auto_scroll = TRUE;
|
||||
prefs.capture_show_info = FALSE;
|
||||
|
|
|
@ -412,6 +412,7 @@ static const struct file_type_info dump_open_table_base[] = {
|
|||
NULL, NULL },
|
||||
|
||||
/* WTAP_FILE_PCAP */
|
||||
/* Gianluca Varenni suggests that we add "deprecated" to the description. */
|
||||
{ "Wireshark/tcpdump/... - libpcap", "libpcap", "*.pcap;*.cap", ".pcap", FALSE, FALSE,
|
||||
libpcap_dump_can_write_encap, libpcap_dump_open },
|
||||
|
||||
|
@ -648,7 +649,7 @@ static const struct file_type_info dump_open_table_base[] = {
|
|||
NULL, NULL },
|
||||
|
||||
/* WTAP_ENCAP_MIME */
|
||||
{ "MIME File Format", "mime", NULL, NULL, FALSE, FALSE,
|
||||
{ "MIME File Format", "mime", NULL, NULL, FALSE, FALSE,
|
||||
NULL, NULL }
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in New Issue