table of contents
other versions
- jessie-backports 2.2.4+gcc3dc1b-1~bpo8+1
- stretch 2.6.5-1~deb9u1
- testing 2.6.6-1
- unstable 2.6.7-1
EXTCAP(4) | The Wireshark Network Analyzer | EXTCAP(4) |
NAME¶
extcap - Extcap grammar elementsDESCRIPTION¶
Grammar elements:- arg (options)
- argument for CLI calling
- number
- Reference # of argument for other values, display order
- call
- Literal argument to call (--call=...)
- display
- Displayed name
- default
- Default value, in proper form for type
- range
- Range of valid values for UI checking (min,max) in proper form
- type
- Argument type for UI filtering for raw, or UI type for selector:
integer unsigned long (may include scientific / special notation) float selector (display selector table, all values as strings) boolean (display checkbox) radio (display group of radio buttons with provided values, all values as strings) fileselect (display a dialog to select a file from the filesystem, value as string) multicheck (display a textbox for selecting multiple options, values as strings) password (display a textbox with masked text)
- value (options)
-
Values for argument selection arg Argument # this value applies to
EXAMPLES¶
Example 1:arg {number=0}{call=--channel}{display=Wi-Fi Channel}{type=integer}{required=true} arg {number=1}{call=--chanflags}{display=Channel Flags}{type=radio} arg {number=2}{call=--interface}{display=Interface}{type=selector} value {arg=0}{range=1,11} value {arg=1}{value=ht40p}{display=HT40+} value {arg=1}{value=ht40m}{display=HT40-} value {arg=1}{value=ht20}{display=HT20} value {arg=2}{value=wlan0}{display=wlan0}Example 2:
arg {number=0}{call=--usbdevice}{USB Device}{type=selector} value {arg=0}{call=/dev/sysfs/usb/foo/123}{display=Ubertooth One sn 1234} value {arg=0}{call=/dev/sysfs/usb/foo/456}{display=Ubertooth One sn 8901}Example 3:
arg {number=0}{call=--usbdevice}{USB Device}{type=selector} arg {number=1}{call=--server}{display=IP address for log server}{type=string}{validation=(?:\d{1,3}\.){3}\d{1,3}} flag {failure=Permission denied opening Ubertooth device}Example 4:
arg {number=0}{call=--username}{display=Username}{type=string}
arg {number=1}{call=--password}{display=Password}{type=password}
Security awareness¶
- - Users running wireshark as root, we can't save you
- - Dumpcap retains suid/setgid and group+x permissions to allow users in wireshark group only
- - Third-party capture programs run w/ whatever privs they're installed with
- - If an attacker can write to a system binary directory, we're game over anyhow
- - Reference the folders tab in the wireshark->about information, to see from which directory extcap is being run
SEE ALSO¶
wireshark(1), tshark(1), dumpcap(1), androiddump(1), sshdump(1), randpktdump(1)NOTES¶
Extcap is feature of Wireshark. The latest version of Wireshark can be found at <https://www.wireshark.org>. HTML versions of the Wireshark project man pages are available at: <https://www.wireshark.org/docs/man-pages>.2017-01-23 | 2.2.4 |