Scroll to navigation

EXTCAP(4) The Wireshark Network Analyzer EXTCAP(4)
 

NAME

extcap - Extcap grammar elements

DESCRIPTION

Grammar elements:
arg (options)
argument for CLI calling
number
Reference # of argument for other values, display order
call
Literal argument to call (--call=...)
display
Displayed name
default
Default value, in proper form for type
range
Range of valid values for UI checking (min,max) in proper form
type
Argument type for UI filtering for raw, or UI type for selector: 
    integer
    unsigned
    long (may include scientific / special notation)
    float
    selector (display selector table, all values as strings)
    boolean (display checkbox)
    radio (display group of radio buttons with provided values, all values as strings)
    fileselect (display a dialog to select a file from the filesystem, value as string)
    multicheck (display a textbox for selecting multiple options, values as strings)
    password (display a textbox with masked text)
value (options)
    Values for argument selection
    arg     Argument # this value applies to

EXAMPLES

Example 1: 
    arg {number=0}{call=--channel}{display=Wi-Fi Channel}{type=integer}{required=true}
    arg {number=1}{call=--chanflags}{display=Channel Flags}{type=radio}
    arg {number=2}{call=--interface}{display=Interface}{type=selector}
    value {arg=0}{range=1,11}
    value {arg=1}{value=ht40p}{display=HT40+}
    value {arg=1}{value=ht40m}{display=HT40-}
    value {arg=1}{value=ht20}{display=HT20}
    value {arg=2}{value=wlan0}{display=wlan0}
Example 2: 
    arg {number=0}{call=--usbdevice}{USB Device}{type=selector}
    value {arg=0}{call=/dev/sysfs/usb/foo/123}{display=Ubertooth One sn 1234}
    value {arg=0}{call=/dev/sysfs/usb/foo/456}{display=Ubertooth One sn 8901}
Example 3: 
    arg {number=0}{call=--usbdevice}{USB Device}{type=selector}
    arg {number=1}{call=--server}{display=IP address for log server}{type=string}{validation=(?:\d{1,3}\.){3}\d{1,3}}
    flag {failure=Permission denied opening Ubertooth device}
Example 4:
arg {number=0}{call=--username}{display=Username}{type=string}
arg {number=1}{call=--password}{display=Password}{type=password}

Security awareness

- Users running wireshark as root, we can't save you
- Dumpcap retains suid/setgid and group+x permissions to allow users in wireshark group only
- Third-party capture programs run w/ whatever privs they're installed with
- If an attacker can write to a system binary directory, we're game over anyhow
- Reference the folders tab in the wireshark->about information, to see from which directory extcap is being run

SEE ALSO

wireshark(1), tshark(1), dumpcap(1), androiddump(1), sshdump(1), randpktdump(1)

NOTES

Extcap is feature of Wireshark. The latest version of Wireshark can be found at <https://www.wireshark.org>.
HTML versions of the Wireshark project man pages are available at: <https://www.wireshark.org/docs/man-pages>.
2017-01-23 2.2.4