Docs: extcap man page fixups.

This commit is contained in:
Gerald Combs 2022-07-29 14:27:04 -07:00 committed by A Wireshark GitLab Utility
parent 6462c60a3e
commit e2b0140edb
1 changed files with 11 additions and 27 deletions

View File

@ -32,7 +32,7 @@ called by the GUI in a row. In the following chapters we will refer to them as
Extcaps may be any binary or script within the extcap directory. Please note, that scripts
need to be executable without prefacing a script interpreter before the call.
WINDOWS USER: Because of restrictions directly calling the script may not always work.
WINDOWS USERS: Because of restrictions directly calling the script may not always work.
In such a case, a batch file may be provided, which then in turn executes the script. Please
refer to doc/extcap_example.py for more information.
@ -47,40 +47,22 @@ time and not have Wireshark trying to execute other file types.
Grammar elements:
arg (options)::
+
--
argument for CLI calling
--
number::
+
--
Reference # of argument for other values, display order
--
call::
+
--
Literal argument to call (--call=...)
--
display::
+
--
Displayed name
--
default::
+
--
Default value, in proper form for type
--
range::
+
--
Range of valid values for UI checking (min,max) in proper form
--
type::
+
@ -133,20 +115,22 @@ Example 3:
flag {failure=Permission denied opening Ubertooth device}
Example 4:
arg {number=0}{call=--username}{display=Username}{type=string}
arg {number=1}{call=--password}{display=Password}{type=password}
Example 5:
arg {number=0}{call=--start}{display=Start Time}{type=timestamp}
arg {number=1}{call=--end}{display=End Time}{type=timestamp}
== Security awareness
== Security Considerations
- Users running wireshark as root, we can't save you
- Dumpcap retains suid/setgid and group+x permissions to allow users in wireshark group only
- Third-party capture programs run w/ whatever privs they're installed with
- If an attacker can write to a system binary directory, we're game over anyhow
- Reference the folders tab in the wireshark->about information, to see from which directory extcap is being run
- If you're running Wireshark as root, we can't save you.
- Dumpcap retains suid/setgid and group execute permissions for users in the “wireshark” group only.
- Third-party capture programs run with whatever privileges they're installed with.
- If an attacker can write to a system binary directory, it's game over.
- You can find your local extcap directory in menu:About[Folders].
== SEE ALSO
@ -154,8 +138,8 @@ xref:wireshark.html[wireshark](1), xref:tshark.html[tshark](1), xref:dumpcap.htm
== NOTES
*Extcap* is feature of *Wireshark*. The latest version
of *Wireshark* can be found at https://www.wireshark.org.
*Extcap* is feature of *Wireshark*.
The latest version of *Wireshark* can be found at https://www.wireshark.org.
HTML versions of the Wireshark project man pages are available at
https://www.wireshark.org/docs/man-pages.