diff --git a/.all-contributorsrc b/.all-contributorsrc
index cfd39074..63b2c689 100644
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@@ -8,6 +8,7 @@
],
"imageSize": 72,
"commit": false,
+ "contributorsPerLine": 8,
"commitConvention": "none",
"contributors": [
{
@@ -428,7 +429,24 @@
"contributions": [
"bug"
]
+ },
+ {
+ "login": "thordy",
+ "name": "Thord Setsaas",
+ "avatar_url": "https://avatars.githubusercontent.com/u/1622278?v=4",
+ "profile": "https://github.com/thordy",
+ "contributions": [
+ "doc"
+ ]
+ },
+ {
+ "login": "deliciouslytyped",
+ "name": "deliciouslytyped",
+ "avatar_url": "https://avatars.githubusercontent.com/u/47436522?v=4",
+ "profile": "https://github.com/deliciouslytyped",
+ "contributions": [
+ "bug"
+ ]
}
- ],
- "contributorsPerLine": 7
+ ]
}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4f6714b1..029331e4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,7 @@
- prepare or apply the same filter as a display filter
- A new console-command, "wormhole", allows you to send termshark's current pcap with magic wormhole. Pair
with the tmux plugin tmux-wormhole to open the pcap quickly in Wireshark.
+- Added a -w flag - if supplied for a live capture, termshark will write the packets to this capture file.
### Changed
diff --git a/README.md b/README.md
index 501a282a..88c59077 100644
--- a/README.md
+++ b/README.md
@@ -76,14 +76,13 @@ Thanks to everyone that's contributed ports, patches and effort!
-| [
Ross Jacobs](https://swit.sh)
[π»](https://github.com/gcla/termshark/commits?author=pocc "Code") [π](https://github.com/gcla/termshark/issues?q=author%3Apocc "Bug reports") [π](#userTesting-pocc "User Testing") | [
Hongarc](https://github.com/Hongarc)
[π](https://github.com/gcla/termshark/commits?author=Hongarc "Documentation") | [
Ryan Steinmetz](https://github.com/zi0r)
[π¦](#platform-zi0r "Packaging/porting to new platform") | [
Nicolai SΓΈborg](https://sΓΈb.org/)
[π¦](#platform-NicolaiSoeborg "Packaging/porting to new platform") | [
Elliott Sales de Andrade](https://qulogic.gitlab.io/)
[π»](https://github.com/gcla/termshark/commits?author=QuLogic "Code") | [
Romanos](http://rski.github.io)
[π»](https://github.com/gcla/termshark/commits?author=rski "Code") | [
Denys](https://github.com/denyspozniak)
[π](https://github.com/gcla/termshark/issues?q=author%3Adenyspozniak "Bug reports") |
-| :---: | :---: | :---: | :---: | :---: | :---: | :---: |
-| [
jerry73204](https://github.com/jerry73204)
[π¦](#platform-jerry73204 "Packaging/porting to new platform") | [
Jon Knapp](http://thann.github.com)
[π¦](#platform-Thann "Packaging/porting to new platform") | [
Mario Harjac](https://github.com/mharjac)
[π¦](#platform-mharjac "Packaging/porting to new platform") | [
Andrew Benson](https://github.com/abenson)
[π](https://github.com/gcla/termshark/issues?q=author%3Aabenson "Bug reports") | [
sagis-tikal](https://github.com/sagis-tikal)
[π](https://github.com/gcla/termshark/issues?q=author%3Asagis-tikal "Bug reports") | [
punkymaniac](https://github.com/punkymaniac)
[π](https://github.com/gcla/termshark/issues?q=author%3Apunkymaniac "Bug reports") | [
msenturk](https://github.com/msenturk)
[π](https://github.com/gcla/termshark/issues?q=author%3Amsenturk "Bug reports") |
-| [
Sandor SzΓΌcs](https://github.com/szuecs)
[π](https://github.com/gcla/termshark/issues?q=author%3Aszuecs "Bug reports") | [
Dawid Dziurla](https://github.com/dawidd6)
[π](https://github.com/gcla/termshark/issues?q=author%3Adawidd6 "Bug reports") [π¦](#platform-dawidd6 "Packaging/porting to new platform") | [
jJit0](https://github.com/jJit0)
[π](https://github.com/gcla/termshark/issues?q=author%3AjJit0 "Bug reports") | [
inzel](http://colinrogers001.com)
[π](https://github.com/gcla/termshark/issues?q=author%3Ainzel "Bug reports") | [
thejerrod](https://github.com/thejerrod)
[π€](#ideas-thejerrod "Ideas, Planning, & Feedback") | [
gdluca](https://github.com/gdluca)
[π](https://github.com/gcla/termshark/issues?q=author%3Agdluca "Bug reports") | [
Patrick Winter](https://github.com/winpat)
[π¦](#platform-winpat "Packaging/porting to new platform") |
-| [
Robert Larsen](https://github.com/RobertLarsen)
[π€](#ideas-RobertLarsen "Ideas, Planning, & Feedback") [π](#userTesting-RobertLarsen "User Testing") | [
MinJae Kwon](https://mingrammer.com)
[π](https://github.com/gcla/termshark/issues?q=author%3Amingrammer "Bug reports") | [
the-c0d3r](https://github.com/the-c0d3r)
[π€](#ideas-the-c0d3r "Ideas, Planning, & Feedback") | [
Gisle Vanem](https://github.com/gvanem)
[π](https://github.com/gcla/termshark/issues?q=author%3Agvanem "Bug reports") | [
hook](https://github.com/hook-s3c)
[π](https://github.com/gcla/termshark/issues?q=author%3Ahook-s3c "Bug reports") | [
Lennart Koopmann](https://twitter.com/_lennart)
[π€](#ideas-lennartkoopmann "Ideas, Planning, & Feedback") | [
Fernandez, ReK2](https://keybase.io/cfernandez)
[π](https://github.com/gcla/termshark/issues?q=author%3AReK2Fernandez "Bug reports") |
-| [
mazball](https://github.com/mazball)
[π€](#ideas-mazball "Ideas, Planning, & Feedback") | [
wfailla](https://github.com/wfailla)
[π€](#ideas-wfailla "Ideas, Planning, & Feedback") | [
θ£ζ‘](https://github.com/rongyi)
[π€](#ideas-rongyi "Ideas, Planning, & Feedback") | [
thebyrdman-git](https://github.com/thebyrdman-git)
[π](https://github.com/gcla/termshark/issues?q=author%3Athebyrdman-git "Bug reports") | [
Clemens Mosig](http://www.mi.fu-berlin.de/en/inf/groups/ilab/members/mosig.html)
[π](https://github.com/gcla/termshark/issues?q=author%3Acmosig "Bug reports") | [
Michael Rash](http://www.cipherdyne.org/)
[π](#userTesting-mrash "User Testing") | [
joelparker](https://github.com/joelparker)
[π](#userTesting-joelparker "User Testing") |
-| [
Dragos Maftei](https://github.com/dragosmaftei)
[π€](#ideas-dragosmaftei "Ideas, Planning, & Feedback") | [
Matthew Giassa](http://www.giassa.net)
[π€](#ideas-IAXES "Ideas, Planning, & Feedback") | [
Sean Abbott](https://github.com/sean-abbott)
[π¦](#platform-sean-abbott "Packaging/porting to new platform") | [
Vincent Wang](http://www.linsong.org)
[π€](#ideas-linsong "Ideas, Planning, & Feedback") | [
piping](https://github.com/Piping)
[π€](#ideas-Piping "Ideas, Planning, & Feedback") | [
kevinhwang91](https://github.com/kevinhwang91)
[π€](#ideas-kevinhwang91 "Ideas, Planning, & Feedback") [π](https://github.com/gcla/termshark/issues?q=author%3Akevinhwang91 "Bug reports") | [
Justin Overfelt](https://jbo.io)
[π€](#ideas-jboverfelt "Ideas, Planning, & Feedback") |
-| [
Anthony](https://github.com/loudsong)
[π€](#ideas-loudsong "Ideas, Planning, & Feedback") | [
basondole](https://github.com/basondole)
[π](https://github.com/gcla/termshark/issues?q=author%3Abasondole "Bug reports") | [
zoulja](https://github.com/zoulja)
[π](https://github.com/gcla/termshark/issues?q=author%3Azoulja "Bug reports") | [
freddii](https://github.com/freddii)
[π](https://github.com/gcla/termshark/issues?q=author%3Afreddii "Bug reports") |
+| [
Ross Jacobs](https://swit.sh)
[π»](https://github.com/gcla/termshark/commits?author=pocc "Code") [π](https://github.com/gcla/termshark/issues?q=author%3Apocc "Bug reports") [π](#userTesting-pocc "User Testing") | [
Hongarc](https://github.com/Hongarc)
[π](https://github.com/gcla/termshark/commits?author=Hongarc "Documentation") | [
Ryan Steinmetz](https://github.com/zi0r)
[π¦](#platform-zi0r "Packaging/porting to new platform") | [
Nicolai SΓΈborg](https://sΓΈb.org/)
[π¦](#platform-NicolaiSoeborg "Packaging/porting to new platform") | [
Elliott Sales de Andrade](https://qulogic.gitlab.io/)
[π»](https://github.com/gcla/termshark/commits?author=QuLogic "Code") | [
Romanos](http://rski.github.io)
[π»](https://github.com/gcla/termshark/commits?author=rski "Code") | [
Denys](https://github.com/denyspozniak)
[π](https://github.com/gcla/termshark/issues?q=author%3Adenyspozniak "Bug reports") | [
jerry73204](https://github.com/jerry73204)
[π¦](#platform-jerry73204 "Packaging/porting to new platform") |
+| :---: | :---: | :---: | :---: | :---: | :---: | :---: | :---: |
+| [
Jon Knapp](http://thann.github.com)
[π¦](#platform-Thann "Packaging/porting to new platform") | [
Mario Harjac](https://github.com/mharjac)
[π¦](#platform-mharjac "Packaging/porting to new platform") | [
Andrew Benson](https://github.com/abenson)
[π](https://github.com/gcla/termshark/issues?q=author%3Aabenson "Bug reports") | [
sagis-tikal](https://github.com/sagis-tikal)
[π](https://github.com/gcla/termshark/issues?q=author%3Asagis-tikal "Bug reports") | [
punkymaniac](https://github.com/punkymaniac)
[π](https://github.com/gcla/termshark/issues?q=author%3Apunkymaniac "Bug reports") | [
msenturk](https://github.com/msenturk)
[π](https://github.com/gcla/termshark/issues?q=author%3Amsenturk "Bug reports") | [
Sandor SzΓΌcs](https://github.com/szuecs)
[π](https://github.com/gcla/termshark/issues?q=author%3Aszuecs "Bug reports") | [
Dawid Dziurla](https://github.com/dawidd6)
[π](https://github.com/gcla/termshark/issues?q=author%3Adawidd6 "Bug reports") [π¦](#platform-dawidd6 "Packaging/porting to new platform") |
+| [
jJit0](https://github.com/jJit0)
[π](https://github.com/gcla/termshark/issues?q=author%3AjJit0 "Bug reports") | [
inzel](http://colinrogers001.com)
[π](https://github.com/gcla/termshark/issues?q=author%3Ainzel "Bug reports") | [
thejerrod](https://github.com/thejerrod)
[π€](#ideas-thejerrod "Ideas, Planning, & Feedback") | [
gdluca](https://github.com/gdluca)
[π](https://github.com/gcla/termshark/issues?q=author%3Agdluca "Bug reports") | [
Patrick Winter](https://github.com/winpat)
[π¦](#platform-winpat "Packaging/porting to new platform") | [
Robert Larsen](https://github.com/RobertLarsen)
[π€](#ideas-RobertLarsen "Ideas, Planning, & Feedback") [π](#userTesting-RobertLarsen "User Testing") | [
MinJae Kwon](https://mingrammer.com)
[π](https://github.com/gcla/termshark/issues?q=author%3Amingrammer "Bug reports") | [
the-c0d3r](https://github.com/the-c0d3r)
[π€](#ideas-the-c0d3r "Ideas, Planning, & Feedback") |
+| [
Gisle Vanem](https://github.com/gvanem)
[π](https://github.com/gcla/termshark/issues?q=author%3Agvanem "Bug reports") | [
hook](https://github.com/hook-s3c)
[π](https://github.com/gcla/termshark/issues?q=author%3Ahook-s3c "Bug reports") | [
Lennart Koopmann](https://twitter.com/_lennart)
[π€](#ideas-lennartkoopmann "Ideas, Planning, & Feedback") | [
Fernandez, ReK2](https://keybase.io/cfernandez)
[π](https://github.com/gcla/termshark/issues?q=author%3AReK2Fernandez "Bug reports") | [
mazball](https://github.com/mazball)
[π€](#ideas-mazball "Ideas, Planning, & Feedback") | [
wfailla](https://github.com/wfailla)
[π€](#ideas-wfailla "Ideas, Planning, & Feedback") | [
θ£ζ‘](https://github.com/rongyi)
[π€](#ideas-rongyi "Ideas, Planning, & Feedback") | [
thebyrdman-git](https://github.com/thebyrdman-git)
[π](https://github.com/gcla/termshark/issues?q=author%3Athebyrdman-git "Bug reports") |
+| [
Clemens Mosig](http://www.mi.fu-berlin.de/en/inf/groups/ilab/members/mosig.html)
[π](https://github.com/gcla/termshark/issues?q=author%3Acmosig "Bug reports") | [
Michael Rash](http://www.cipherdyne.org/)
[π](#userTesting-mrash "User Testing") | [
joelparker](https://github.com/joelparker)
[π](#userTesting-joelparker "User Testing") | [
Dragos Maftei](https://github.com/dragosmaftei)
[π€](#ideas-dragosmaftei "Ideas, Planning, & Feedback") | [
Matthew Giassa](http://www.giassa.net)
[π€](#ideas-IAXES "Ideas, Planning, & Feedback") | [
Sean Abbott](https://github.com/sean-abbott)
[π¦](#platform-sean-abbott "Packaging/porting to new platform") | [
Vincent Wang](http://www.linsong.org)
[π€](#ideas-linsong "Ideas, Planning, & Feedback") | [
piping](https://github.com/Piping)
[π€](#ideas-Piping "Ideas, Planning, & Feedback") |
+| [
kevinhwang91](https://github.com/kevinhwang91)
[π€](#ideas-kevinhwang91 "Ideas, Planning, & Feedback") [π](https://github.com/gcla/termshark/issues?q=author%3Akevinhwang91 "Bug reports") | [
Justin Overfelt](https://jbo.io)
[π€](#ideas-jboverfelt "Ideas, Planning, & Feedback") | [
Anthony](https://github.com/loudsong)
[π€](#ideas-loudsong "Ideas, Planning, & Feedback") | [
basondole](https://github.com/basondole)
[π](https://github.com/gcla/termshark/issues?q=author%3Abasondole "Bug reports") | [
zoulja](https://github.com/zoulja)
[π](https://github.com/gcla/termshark/issues?q=author%3Azoulja "Bug reports") | [
freddii](https://github.com/freddii)
[π](https://github.com/gcla/termshark/issues?q=author%3Afreddii "Bug reports") | [
Thord Setsaas](https://github.com/thordy)
[π](https://github.com/gcla/termshark/commits?author=thordy "Documentation") | [
deliciouslytyped](https://github.com/deliciouslytyped)
[π](https://github.com/gcla/termshark/issues?q=author%3Adeliciouslytyped "Bug reports") |
## Contact
diff --git a/capinfo/loader.go b/capinfo/loader.go
index 120e1d26..144e0bcb 100644
--- a/capinfo/loader.go
+++ b/capinfo/loader.go
@@ -146,7 +146,7 @@ func (c *Loader) loadCapinfoAsync(pcapf string, app gowid.IApp, cb ICapinfoCallb
}
}
- if state == pcap.Terminated || (cancelledChan == nil && state == pcap.NotStarted) {
+ if state == pcap.Terminated || (procChan == nil && state == pcap.NotStarted) {
break loop
}
}
diff --git a/convs/loader.go b/convs/loader.go
index 02d2214b..d6cdbfa0 100644
--- a/convs/loader.go
+++ b/convs/loader.go
@@ -158,7 +158,7 @@ func (c *Loader) loadConvAsync(pcapf string, convs []string, filter string, abs
}
}
- if state == pcap.Terminated || (cancelledChan == nil && state == pcap.NotStarted) {
+ if state == pcap.Terminated || (procChan == nil && state == pcap.NotStarted) {
break loop
}
}
diff --git a/docs/FAQ.md b/docs/FAQ.md
index 116fdaf0..b3258b9f 100644
--- a/docs/FAQ.md
+++ b/docs/FAQ.md
@@ -16,7 +16,7 @@
* [Can I pass extra arguments to tshark?](#can-i-pass-extra-arguments-to-tshark)
* [How does termshark use tshark?](#how-does-termshark-use-tshark)
* [How can I make termshark run without root?](#how-can-i-make-termshark-run-without-root)
-* [Why do is termshark generating traffic on port 5037?](#why-is-termshark-generating-traffic-on-port-5037)
+* [Why is termshark generating traffic on port 5037?](#why-is-termshark-generating-traffic-on-port-5037)
* [How can termshark capture from extcap interfaces with dumpcap?](#how-can-termshark-capture-from-extcap-interfaces-with-dumpcap)
* [Termshark is laggy or using a lot of RAM](#termshark-is-laggy-or-using-a-lot-of-ram)
* [How much memory does termshark use?](#how-much-memory-does-termshark-use)
@@ -321,7 +321,7 @@ sudo setcap cap_net_raw,cap_net_admin+eip /usr/sbin/dumpcap
You can find more detail at https://wiki.wireshark.org/CaptureSetup/CapturePrivileges.
-## Why do is termshark generating traffic on port 5037?
+## Why is termshark generating traffic on port 5037?
See [this issue](https://github.com/gcla/termshark/issues/98).
diff --git a/pcap/loader.go b/pcap/loader.go
index a2ae8827..d79b2555 100644
--- a/pcap/loader.go
+++ b/pcap/loader.go
@@ -1009,8 +1009,17 @@ func (c *PdmlLoader) loadPcapSync(row int, visible bool, ps iPdmlLoaderEnv, cb i
// a message means the proc has started
// closed means it won't be started
// if closed, then pdmlCmd == nil
- if (pdmlState == Terminated || (pdmlCancelledChan == nil && pdmlState == NotStarted)) &&
- (pcapState == Terminated || (pcapCancelledChan == nil && pcapState == NotStarted)) {
+ // 04/11/21: I can't take a shortcut here and condition on Terminated || (cancelledChan == nil && NotStarted)
+ // See the pcap or pdml goroutines below. I block at the beginning, checking on the stage2 cancellation.
+ // If I get past that point, and there are no errors in the process invocation, I am guaranteed to start both
+ // the pdml and pcap processes. If there are errors, I am guaranteed to close the pcapPidChan with a defer.
+ // If I take a shortcut and end this goroutine via a stage2 cancellation before waiting for the pcap pid,
+ // then I'll block in that goroutine, trying to send to the pcapPidChan, but with nothing here to receive
+ // the value. In the pcap process goroutine, if I get past the stage2 cancellation check, then I need to
+ // have something to receive the pid - this goroutine. It needs to stay alive until it gets the pid, or a
+ // zero.
+ if (pdmlState == Terminated || (pdmlPidChan == nil && c.PdmlPid == 0)) &&
+ (pcapState == Terminated || (pcapPidChan == nil && c.PcapPid == 0)) {
// nothing to select on so break
break loop
}
@@ -1353,6 +1362,15 @@ func (p *PsmlLoader) loadPsmlSync(iloader *InterfaceLoader, e iPsmlLoaderEnv, cb
//======================================================================
+ closedPipe := false
+ closePipe := func() {
+ if !closedPipe {
+ fifoPipeWriter.Close()
+ fifoPipeReader.Close()
+ closedPipe = true
+ }
+ }
+
if p.ReadingFromFifo() {
// PcapPsml will be nil if here
@@ -1372,8 +1390,7 @@ func (p *PsmlLoader) loadPsmlSync(iloader *InterfaceLoader, e iPsmlLoaderEnv, cb
// is used as stdin for the psml command, which also runs in this
// goroutine.
defer func() {
- fifoPipeWriter.Close()
- fifoPipeReader.Close()
+ closePipe()
}()
// wrap the read end of the pipe with a Read() function that counts
@@ -1419,6 +1436,10 @@ func (p *PsmlLoader) loadPsmlSync(iloader *InterfaceLoader, e iPsmlLoaderEnv, cb
if err != nil {
log.Infof("Did not kill tshark psml process: %v", err)
}
+
+ if p.ReadingFromFifo() {
+ closePipe()
+ }
}
loop:
@@ -1458,7 +1479,7 @@ func (p *PsmlLoader) loadPsmlSync(iloader *InterfaceLoader, e iPsmlLoaderEnv, cb
}
}
- if state == Terminated || (intCancelledChan == nil && state == NotStarted) {
+ if state == Terminated || (pidChan == nil && state == NotStarted) {
break loop
}
}
@@ -1584,7 +1605,7 @@ func (p *PsmlLoader) loadPsmlSync(iloader *InterfaceLoader, e iPsmlLoaderEnv, cb
// successfully started then died/kill, OR
// was never started, won't be started, and cancelled
- if state == Terminated || (cancelledChan == nil && state == NotStarted) {
+ if state == Terminated || (pidChan == nil && state == NotStarted) {
break loop
}
}
@@ -2112,7 +2133,7 @@ func (i *InterfaceLoader) loadIfacesSync(e iIfaceLoaderEnv, cb interface{}, app
// a message means the proc has started
// closed means it won't be started
// if closed, then pdmlCmd == nil
- if state == Terminated || (cancelledChan == nil && state == NotStarted) {
+ if state == Terminated || (pidChan == nil && state == NotStarted) {
// nothing to select on so break
break loop
}
diff --git a/streams/loader.go b/streams/loader.go
index 59169b8a..243fe494 100644
--- a/streams/loader.go
+++ b/streams/loader.go
@@ -179,7 +179,7 @@ func (c *Loader) loadStreamReassemblyAsync(pcapf string, proto string, idx int,
}
}
- if state == pcap.Terminated || (cancelled == nil && state == pcap.NotStarted) {
+ if state == pcap.Terminated || (procChan == nil && state == pcap.NotStarted) {
break loop
}
}
@@ -300,7 +300,7 @@ func (c *Loader) startStreamIndexerAsync(pcapf string, proto string, idx int, ap
}
- if state == pcap.Terminated || (cancelledChan == nil && state == pcap.NotStarted) {
+ if state == pcap.Terminated || (procChan == nil && state == pcap.NotStarted) {
break loop
}