[vbox-dev] Cannot Live-capture VirtualBox network packets with Wireshark
Alexey Eromenko
al4321 at gmail.com
Mon Jun 6 10:37:45 PDT 2011
>> > Are you sure that this is not related to buffering made by Wireshark
>> > (some command-line utilities tend to behave in such a way)?
>>
>> I'm not sure in this.
>> Is there any way to check ?
> Perhaps you could try using something like this?
> http://wiki.wireshark.org/CaptureSetup/Pipes#Named_pipes
Tried:
$ mkfifo /tmp/pipe
$ tail -f -c +0b /tmp/mydata.cap > /tmp/pipe
$ wireshark -k -i /tmp/pipe
Wireshark:
"No packets captured!"
> There's also this tidbit on information mentioned on Stack Overflow:
> http://stackoverflow.com/questions/1000674/turn-off-buffering-in-pipe
Tried expect_unbuffer: (part of "expect-dev" package)
$ expect_unbuffer tail -f -c +0b /tmp/mydata.cap | wireshark -k -i -
Wireshark ERROR:
"Unrecognized libpcap format"
--
-Alexey Eromenko "Technologov"
More information about the vbox-dev
mailing list