Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 12884] New: sshdump only captures a few packets

Wireshark-bugs: [Wireshark-bugs] [Bug 12884] New: sshdump only captures a few packets

Date: Mon, 12 Sep 2016 12:01:12 +0000

Bug ID	12884
Summary	sshdump only captures a few packets
Product	Wireshark
Version	2.3.x (Experimental)
Hardware	x86-64
OS	Windows 10
Status	UNCONFIRMED
Severity	Major
Priority	Low
Component	Extras
Assignee	bugzilla-admin@wireshark.org
Reporter	graham.bloice@trihedral.com

Build Information:
Wireshark 2.3.0-GMB (v2.3.0rc0-657-g3c70e6d from master)

Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.1, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.11.0, with Lua 5.2.4, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 10, build 10586, with locale English_United
Kingdom.1252, with WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based
on libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with
Gcrypt 1.6.2, with AirPcap 4.1.0 build 1622.
Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz (with SSE4.2), with 4095MB of physical
memory.


Built using Microsoft Visual C++ 12.0 build 40629
--
Using Wireshark on my build VM (Win 10) on a Win 10 host, attempting to
remotely capture on separate Ubuntu 14.04 physical machines using sshdump.

I'm using tcpdump as the remote capture utility.  The user that I'm using for
sshdump can capture using tcpdump on the Ubuntu host.  tcpdump is 4.5.1,
libpcap is 1.5.3.

A capture attempt, either fails to return anything leaving wireshark believing 
a capture is in progress but sshdump.exe has terminated and stopping the
capture shows an error message "Error by extcap pipe: tcpdump known capture
direction `-w'", or returns 3 or 4 packets before the capture is terminated
with an error message such as packet too big (not entirely sure on this as it's
on another system and I'll update this item later).

I can supply Process Monitor captures of sshdump activity if required.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 12843] wireshark-gtk fails to build on openSUSE 11.4 x86_64 when building from Wireshark 2.2.0 sources
Next by Date: [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
Previous by thread: [Wireshark-bugs] [Bug 12883] Linking problem on NetBSD: WEXITSTATUS
Next by thread: [Wireshark-bugs] [Bug 12884] sshdump only captures a few packets
Index(es):
- Date
- Thread