I'm trying to set up tshark to do a remote capture on Linux. I compiled git head tshark against winpcap 4.1.3 (which involved disabling -Werror) and I can now run
I'm thinking the problem is somewhere in caputils/ and differences between pcap 0.8 and winpcap, but I can't work out where.
asked 16 Jun '16, 19:09
Then you're definitely in unsupported territory.
There might be, for example, an issue with the UN*X-socket code in WinPcap's remote-capture code, so that your libpcap-built-with-WinPcap's-remote-capture-code doesn't work right (there are wrappers to cover up the differences between UN*X Berkeley sockets APIs and the Winsock variants of those APIs, and there might be some code rot in the UN*X-socket side).
The Wireshark code also hasn't been rigorously tested with a pcap on UN*X with
answered 17 Jun '16, 02:13
Guy Harris ♦♦