Should support stopping and restarting live capture

[matthijskooijman]

When writing to a FIFO and the FIFO is closed at the other end (e.g., Wireshark capture stopped), the serial port should be closed and capturing should stop. Then, when the FIFO is opened again, capturing should start again.

Currently, when the FIFO is closed, this is not detected by serial-pcap until it tries to write another packet to the FIFO, then it gets SIGPIPE. To detect the closing beforehand, we probably need to select on the FIFO (and serial) fd (though I'm not entirely sure that select allows detecting a FIFO close, needs to be investigated).

This approach assumes that simply re-opening the serial port will restart the capturing hardware (as happens with a Pinoccio Scout), but that might not apply to other boards (so an option might be useful to let serial-pcap just quit instead of restarting capture).

[dspchung]

I've got below error while running your script

==============================
root@ubuntu:/# python serial-pcap --fifo /tmp/wireshark /dev/ttyS1
Traceback (most recent call last):
  File "serial-pcap", line 199, in <module>
    main()
  File "serial-pcap", line 132, in main
    do_sniff_once(options)
  File "serial-pcap", line 138, in do_sniff_once
    out = setup_output(options)
  File "serial-pcap", line 101, in setup_output
    return PcapFormatter(open_fifo(options, options.fifo))
  File "serial-pcap", line 89, in open_fifo
    except FileExistsError:
NameError: global name 'FileExistsError' is not defined
==============================

Do you know the reason?

[matthijskooijman]

As already mentioned by mail, the script is written for python3 (and apparently does not support python2). Will you close this issue if using python3 fixes things?

[dspchung]

Yes, it looks to be fixed.:-)
One more question, I couldn't find fifo in the wireshark.
Can you please let me know where I can find it?
I did Capture->options-> Manage Interfaces

I couldn't find it in the Local interfaces and Pipes.

[dspchung]

Hi Matthijs, Now it looks working. I could see 'waiting for fifo to be opened...' in the terminal. Is this working? right? [image: image.png] But couldn't find fifo in the wireshark.(capture->options->Manage Interfaces..) [image: image.png] [image: image.png] Can you please let me know where I can find fifo? Br, YunSoo 2019년 5월 29일 (수) 오후 6:46, Matthijs Kooijman <[email protected]>님이 작성:

…

As already mentioned by mail, the script is written for python3 (and apparently does not support python2). Will you close this issue if using python3 fixes things? — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#1?email_source=notifications&email_token=AMCYE2FC44PRTQ6W6WQHLPTPXZGILA5CNFSM4AVKDWOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWOZGYI#issuecomment-496866145>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AMCYE2FT7QVFCRSTKROVIWDPXZGILANCNFSM4AVKDWOA> .

[dspchung]

Hi Matthijs, Do I add wireshark pipe in the Pipes tab? But I can't find it in the browse even though wireshark pipe is in the tmp dir. [image: image.png] [image: image.png] Br, YunSoo 2019년 5월 30일 (목) 오전 9:56, 정윤수 <[email protected]>님이 작성:

…

Hi Matthijs, Now it looks working. I could see 'waiting for fifo to be opened...' in the terminal. Is this working? right? [image: image.png] But couldn't find fifo in the wireshark.(capture->options->Manage Interfaces..) [image: image.png] [image: image.png] Can you please let me know where I can find fifo? Br, YunSoo 2019년 5월 29일 (수) 오후 6:46, Matthijs Kooijman ***@***.***>님이 작성: > As already mentioned by mail, the script is written for python3 (and > apparently does not support python2). Will you close this issue if using > python3 fixes things? > > — > You are receiving this because you commented. > Reply to this email directly, view it on GitHub > <#1?email_source=notifications&email_token=AMCYE2FC44PRTQ6W6WQHLPTPXZGILA5CNFSM4AVKDWOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWOZGYI#issuecomment-496866145>, > or mute the thread > <https://github.com/notifications/unsubscribe-auth/AMCYE2FT7QVFCRSTKROVIWDPXZGILANCNFSM4AVKDWOA> > . >

[bobjoe400]

Hi Matthijs, Do I add wireshark pipe in the Pipes tab? But I can't find it in the browse even though wireshark pipe is in the tmp dir. [image: image.png] [image: image.png] Br, YunSoo 2019년 5월 30일 (목) 오전 9:56, 정윤수 [email protected]님이 작성:
…
Hi Matthijs, Now it looks working. I could see 'waiting for fifo to be opened...' in the terminal. Is this working? right? [image: image.png] But couldn't find fifo in the wireshark.(capture->options->Manage Interfaces..) [image: image.png] [image: image.png] Can you please let me know where I can find fifo? Br, YunSoo 2019년 5월 29일 (수) 오후 6:46, Matthijs Kooijman @.***>님이 작성: > As already mentioned by mail, the script is written for python3 (and > apparently does not support python2). Will you close this issue if using > python3 fixes things? > > — > You are receiving this because you commented. > Reply to this email directly, view it on GitHub > <#1?email_source=notifications&email_token=AMCYE2FC44PRTQ6W6WQHLPTPXZGILA5CNFSM4AVKDWOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWOZGYI#issuecomment-496866145>, > or mute the thread > https://github.com/notifications/unsubscribe-auth/AMCYE2FT7QVFCRSTKROVIWDPXZGILANCNFSM4AVKDWOA > . >

I had this issue to, but I just sudo'd wireshark when opening and I was able to open the pipe