3 # List the protocols (dissectors) used in capture file(s)
5 # The Python script indexcap.py does the same thing.
7 # This script extracts the protocol names contained in a given capture file.
8 # This is useful for generating a "database" (flat file :-)) of in what file
9 # a given protocol can be found.
11 # Output consists of the file name followed by the protocols, for example:
12 # /path/to/the/file.pcap eth ip sctp
14 # Copyright 2012 Jeff Morriss <jeff.morriss.ws [AT] gmail.com>
16 # Wireshark - Network traffic analyzer
17 # By Gerald Combs <gerald@wireshark.org>
18 # Copyright 1998 Gerald Combs
20 # This program is free software; you can redistribute it and/or
21 # modify it under the terms of the GNU General Public License
22 # as published by the Free Software Foundation; either version 2
23 # of the License, or (at your option) any later version.
25 # This program is distributed in the hope that it will be useful,
26 # but WITHOUT ANY WARRANTY; without even the implied warranty of
27 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 # GNU General Public License for more details.
30 # You should have received a copy of the GNU General Public License
31 # along with this program; if not, write to the Free Software
32 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
34 # Directory containing binaries. Default current directory.
35 WS_BIN_PATH=${WS_BIN_PATH:-.}
37 # Tweak the following to your liking. Editcap must support "-E".
38 TSHARK="$WS_BIN_PATH/tshark"
39 CAPINFOS="$WS_BIN_PATH/capinfos"
41 if [ "$WS_BIN_PATH" = "." ]; then
42 export WIRESHARK_RUN_FROM_BUILD_DIRECTORY=
46 for i in "$TSHARK" "$CAPINFOS"
50 echo "Couldn't find $i" 1>&2
54 if [ $NOTFOUND -eq 1 ]
59 # Make sure we have at least one file
63 if [ "$OSTYPE" == "cygwin" ]
65 CF=`cygpath --windows "$CF"`
67 "$CAPINFOS" "$CF" > /dev/null 2>&1 && FOUND=1
74 if [ $FOUND -eq 0 ] ; then
76 Error: No valid capture files found.
78 Usage: `basename $0` capture file 1 [capture file 2]...
84 if [ "$OSTYPE" == "cygwin" ] ; then
85 CF=`cygpath --windows "$CF"`
88 if [ ! -f "$CF" ] ; then
89 echo "Doesn't exist or not a file: $CF" 1>&2
93 "$CAPINFOS" "$CF" > /dev/null
95 if [ $RETVAL -ne 0 ] ; then
96 echo "Not a valid capture file (or some other problem)" 1>&2
102 # Extract the protocol names.
103 $TSHARK -T fields -eframe.protocols -nr "$CF" 2>/dev/null | \
104 tr ':\r' '\n' | sort -u | tr '\n\r' ' '