tshark | Using the Example Extcap from the Documentation

by pocc 5 years ago

macOS ◆ xterm-256color ◆ bash 2957 views

Description

This asciicast goes over how to use the extcap_example.py in the wireshark repo: https://github.com/wireshark/wireshark/blob/master/doc/extcap_example.py

The aim is to assist readers unfamiliar with extcaps on how they are expected to work and what expected behavior might look like for reader-created extcaps.

Transcript

# === Using the example extcap provided by wireshark ===
# This script is from the repo (github.com/wireshark/wireshark) in /docs
# Per docs, this utility will create random IPv4 packets

cd /tmp
mkfifo myfifo # extcaps require a FIFO

# Download script from repo
curl -O https://raw.githubusercontent.com/wireshark/wireshark/master/doc/extcap_example.py

# Let's check out the options
python extcap_example.py --help | less

# Let's list the interfaces as one is required
python extcap_example.py --extcap-interfaces

# Let's use the example1 interface and start capture with --capture
# A delay isn't required, but changing it to 1(s) saves time
python extcap_example.py --extcap-interface=example1 --fifo=myfifo --delay=1 --capture &
tshark -i myfifo

# wireshark -k -i myfifo can also used to see this traffic

More by pocc

capinfos usage 02:35

by pocc 5 years ago

Editing hex in vim (xxd -p) 00:56

by pocc 5 years ago

Editing hex with vim 00:51

by pocc 5 years ago featured

Falcon Heavy Rocket 00:14

by pocc 5 years ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay the downloaded recording in your terminal using the asciinema play command:

asciinema play 237441.cast

If you don't have asciinema CLI installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from the releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '/assets/237441.cast',
      document.getElementById('player'),
      { cols: 100, rows: 28 }
    );
  </script>
</body>
</html>

See asciinema player quick-start guide for full usage instructions.

While this site doesn't provide GIF conversion at the moment, you can still do it yourself with the help of asciinema GIF generator utility - agg.

Once you have it installed, generate a GIF with the following command:

agg https://asciinema.org/a/237441 demo.gif

Or, if you already downloaded the recording file:

agg demo.cast demo.gif

Check agg --help for all available options. You can change font family and size, select color theme, adjust speed and more.

See agg manual for full usage instructions.