Hi all:
I am developing/enhancing Wireshark/PCAP to support capturing and
displaying traffic (both IP based protocols on Ethernets as well
as industry specific WAN protocols) from our LAN/WAN routers.
I have enhanced Pcap to get and return _my_ list of available interfaces
from our devices and return them so they appear in the interface
selection box of Wireshark's 'capture options' window.
The problem is that there is code in gtk/capture_dlg.c at line 677
that looks to see if you had specified an interface on the command
line, and failing that, then extract the 'capture.device' entry
from the wireshark preferences file (which is typically 'eth0')
and add that to the list of available devices, _and_ makes it the
default selection.
On my system I don't have an 'eth0', so not only is it confusing
to the end user, it would be just plain wrong.
(Of course, once the user has selected an interface to monitor,
that interface now becones the default interface to monitor.)
What the code _should_ do is to set the preference/command-line-option
device as default, if and _only_ if that interface name already exists
in the interface list. I don't believe the interface should ever be
'added' to the list of discovered interfaces.
Because; If it wasn't provided as a result of calling pcap_findalldevs(),
it doesn't exist, so it can't be the default interface.
I think the code can/should be improved with the above suggestion,
but I do have a workaround for now... By removing the 'capture.device'
entry from the preferences file, the offending code is skipped.
Since I'm new to the list, and the Wireshark code, and GTK programming,
I'm not sure how to proceed to fix or change the code, or submit
a bug report.
TIA
Fulko
This document is strictly confidential and intended only for use by the addressee unless otherwise stated. If you are not the intended recipient, please notify the sender immediately and delete it from your system.