Wireshark-bugs: [Wireshark-bugs] [Bug 11214] New: Wireshark searches for dumpcap.exe in the dire
Bug ID |
11214
|
Summary |
Wireshark searches for dumpcap.exe in the directory of the capture file you're opening
|
Product |
Wireshark
|
Version |
1.12.5
|
Hardware |
x86-64
|
OS |
Windows 7
|
Status |
UNCONFIRMED
|
Severity |
Normal
|
Priority |
Low
|
Component |
GTK+ UI
|
Assignee |
bugzilla-admin@wireshark.org
|
Reporter |
jeff.morriss.ws@gmail.com
|
CC |
chinorui@hotmail.com, jeff.morriss.ws@gmail.com
|
Depends on |
11196
|
Build Information:
Build Information:
Version 1.12.5 (v1.12.5-0-g5819e5b from master-1.12)
Copyright 1998-2015 Gerald Combs <gerald@wireshark.org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.10.2, with Pango 1.34.0, with
GLib 2.38.0, with WinPcap (4_1_3), with libz 1.2.5, with SMI 0.4.8, with c-ares
1.9.1, with Lua 5.2, without Python, with GnuTLS 3.2.15, with Gcrypt 1.6.2,
without Kerberos, with GeoIP, with PortAudio V19-devel (built May 12 2015),
with
AirPcap.
Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 3.2.15, Gcrypt 1.6.2, without AirPcap.
Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz, with 8089MB of physical memory.
Built using Microsoft Visual C++ 10.0 build 40219
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
+++ This bug was initially created as a clone of Bug #11196 +++
>From the original bug:
~~~
In older versions of wireshark, I was able to open pcap files residing in a
samba repository which was mapped in my WIN7 machine as a network share.
This is the way I map the Z:\ drive:
net use Z: \\LINUX_SERVER\SHARE_DIRECTORY PASSWORD /user:USER /persistent:no
I only needed to double-click on the file I wanted to open from the explrer.
I new versions (I don't remember when this began to happen) I cannot open the
pcap files in this way. I get the following error: "The file XXX doesn't
exist."
It seems that the reason is that wireshat want to access in the same directory
a file named dumpcap.exe
Capturing what happens in the network shows that the samba server launchs this
error: STATUS_OBJECT_NAME_NOT_FOUND and the file is dumpcap.exe
The samba server shows in loglevel 3 this information:
smbd.log: call_trans2qfilepathinfo: SMB_VFS_STAT of
sumin/ca/v7.5.3/1-DC/dumpcap.exe failed (No such file or directory)
((Complete transaction log is attached))
[...]
~~~
To which I replied:
~~~
I can, however, confirm the odd searching for dumpcap.exe behavior. I ran
Wireshark while doing one of the above actions then filtered for:
smb.file contains "dumpcap"
and found several hits looking for \\server\directory\dumpcap.exe . That
should probably be the subject of a different bug, though--I don't think it's
related to your problem.
~~~
Guy supported the idea:
~~~
> Win 7......
> gsa opened file fishero.pcap read=No write=No (numopen=3)
> gsa closed file fishero.pcap (numopen=2) NT_STATUS_OK
OK, so that appears to be unrelated to the search for dumpcap.exe.
Could you please file a *separate* bug for that issue?
~~~
This is that bug.
You are receiving this mail because:
- You are watching all bug changes.