I'm trying to send a pcapng format file to wireshark standard in or a named pipe, but I continue to get an error "unrecognized libcap format. Is there still a problem reading this type file through this interface? My command looks like this: cat capture_NG.pcap | wireshark -k -i - I've also tried: wireshark -k -i <(cat capture_NG.pcap) asked 22 Apr '14, 16:54  siber |
One Answer:
From the wireshark man page: http://www.wireshark.org/docs/man-pages/wireshark.html Wireshark cannot read pcap-ng files from STDIN (or pipes in general). So, please convert your pcan-ng capture file to libpcap format (you can use editcap). Then you should be able to pipe the file into Wireshark. However: The way you are using the file, you don't need a pipe at all. You can just read the capture file directly into Wireshark.
Regards answered 23 Apr '14, 11:53  Kurt Knochner ♦ edited 23 Apr '14, 11:53 |
