Wireshark · Wireshark-dev: [Wireshark-dev] dumpcap does not recognize option "-t" (use threads)

Wireshark-dev: [Wireshark-dev] dumpcap does not recognize option "-t" (use threads)

From: "Speck Michael EHWG AVL/GAE" <Michael.Speck@xxxxxxx>

Date: Wed, 9 Nov 2011 09:42:16 +0100

Hi.


I've downloaded latest sources from SVN this morning and run the sequence
    make distclean
    make setup
    make all
that proceeded without any errors. (build system Win7-x64, for more details see end of message)

However, Wireshark is not able to start a new capture from any interface. Instead, a dialog pops up with a dumpcap error message (see below).

It seems that Wireshark tries to start dumpcap using threads ("-t"), but dumpcap does not recognize this option. I've tracked down in source that there is a #define in dumpcap.c:

    #ifdef USE_THREADS
    #define OPTSTRING_t "t"
    #else
    #define OPTSTRING_t ""
    #endif



So, two questions:

1.) how to tell the build system that "USE_THREADS" should be defined?

2.) should Wireshark start dumpcap without option "-t", if "USE_THREADS" isn't defined?



best regards
Mike



---------- dumpcap output ----------

Unknown message from dumpcap, try to show it as a string: D:\openSource\Wireshark_Source\wireshark-gtk2\dumpcap: illegal option -- t

Usage: dumpcap [options] ...

Capture interface:
  -i <interface>           name or idx of interface (def: first non-loopback)
  -f <capture filter>      packet filter in libpcap filter syntax
  -s <snaplen>             packet snapshot length (def: 65535)
  -p                       don't capture in promiscuous mode
  -B <buffer size>         size of kernel buffer (def: 1MB)
  -y <link type>           link layer type (def: first appropriate)
  -D                       print list of interfaces and exit
  -L                       print list of link-layer types of iface and exit
  -d                       print generated BPF code for capture filter
  -S                       print statistics for each interface once per second
  -M                       for -D, -L, and -S, produce machine-readable output

RPCAP options:
  -r                       don't ignore own RPCAP traffic in capture
  -u                       use UDP for RPCAP data transfer
  -A <user>:<password>     use RPCAP password authentication
  -m <sampling type>       use packet sampling
                           count:NUM - capture one packet of every NUM
                           timer:NUM - capture no more than 1 packet in NUM ms
Stop conditions:
  -c <packet count>        stop after n packets (def: infinite)
  -a <autostop cond.> ...  duration:NUM - stop after NUM seconds
                           filesize:NUM - stop this file after NUM KB
                              files:NUM - stop after NUM files
Output (files):
  -w <filename>            name of file to save (def: tempfile)
  -g                       enable group read access on the output file(s)
  -b <ringbuffer opt.> ... duration:NUM - switch to next file after NUM secs
                           filesize:NUM - switch to next file after NUM KB
                              files:NUM - ringbuffer: replace after NUM files
  -n                       use pcapng format instead of pcap

Miscellaneous:
  -t                       use a separate thread per interface
  -q                       don't report packet capture counts
  -v                       print version information and exit
  -h                       display this help and exit

Example: dumpcap -i eth0 -a duration:60 -w output.pcap
"Capture network packets from interface eth0 until 60s passed into output.pcap"

Use Ctrl-C to stop capturing at any time.

---------- EOF dumpcap output ----------




---------- About Wireshark ----------

Version 1.7.1-AVL (SVN Rev 39772 from /trunk)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.22.1, with Cairo 1.10.2, with Pango 1.28.3, with
GLib 2.26.1, with WinPcap (version unknown), with libz 1.2.5, without POSIX
capabilities, with SMI 0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python,
with GnuTLS 2.10.3, with Gcrypt 1.4.6, without Kerberos, with GeoIP, with
PortAudio V19-devel (built Nov  9 2011), with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.10.3, Gcrypt 1.4.6, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 21022

Wireshark is Open Source Software released under the GNU General Public License.

Check the man page and http://www.wireshark.org for more information.

---------- EOF About Wireshark ----------

Follow-Ups:
- Re: [Wireshark-dev] dumpcap does not recognize option "-t" (use threads)
  - From: Guy Harris

Prev by Date: Re: [Wireshark-dev] misleading description on Wireshark Download page
Next by Date: Re: [Wireshark-dev] dumpcap does not recognize option "-t" (use threads)
Previous by thread: [Wireshark-dev] Wireshark 1.7.0 is now available
Next by thread: Re: [Wireshark-dev] dumpcap does not recognize option "-t" (use threads)
Index(es):
- Date
- Thread