libpcap icon indicating copy to clipboard operation
libpcap copied to clipboard

Published 20 hours ago verified publisher icon the-tcpdump-group

Etw

Open citronneur opened this issue 5 years ago • 6 comments

Hello libpcap Team,

I would like to propose you a pull request that allow the libpcap to capture ETW on windows platform. This pull request is part of a project named Winshark that will be presented at SSTIC, that allow Wireshark to capture and analyze ETW.

Have a nice day,

Sylvain

citronneur avatar May 29 '20 08:05 citronneur

This should add pcap-etw.c to the EXTRA_DIST list in Makefile.in, even though it won't be used on UN*X, so that the release tarball will include it.

guyharris avatar May 29 '20 10:05 guyharris

I've added pcap-etw.c into MANIFEST.in but it seems that the build is broken for network reason...

citronneur avatar May 29 '20 13:05 citronneur

I've added pcap-etw.c into MANIFEST.in but it seems that the build is broken for network reason...

Neither Travis nor AppVeyor are reliable CI engines; they both sometimes need to have builds re-tried to get them to finish.

guyharris avatar May 29 '20 17:05 guyharris

As a generic observation, please use a consistent curly braces style, currently the file alternates between Allman and K&R.

Since this is a case of a "try-fixup-fixup-fixup" sequence of commits, if anyone comes to the point of merging this request, please do that as a single squashed commit.

infrastation avatar Aug 13 '20 00:08 infrastation

Thanks a lot!

citronneur avatar Sep 28 '20 12:09 citronneur

Rebase commit from PR #978, squash into one commit. Have a nice day

citronneur avatar Nov 26 '20 16:11 citronneur