Open
Description
I am working on a project that depends on .pcap files being in libpcap format, not pcapng.
I am using e newer wireshark so it defaults to pcapng format when pyshark is running dumpcap.
I'd like a solution where I can set dumpcap parameters:
capture = pyshark.LiveCapture(interface='eth0', custom_dumpcap_params="-P", output_file="capture.pcap")
This would force dumpcap to save the file as libpcap file.
So somehow I want to be able to change the:
def _get_dumpcap_parameters(self):
# Don't report packet counts.
params = ["-q"]
if self._get_tshark_version() < version.parse("2.5.0"):
# Tshark versions older than 2.5 don't support pcapng. This flag forces dumpcap to output pcap.
params += ["-P"]
if self.bpf_filter:
params += ["-f", self.bpf_filter]
if self.monitor_mode:
params += ["-I"]
for interface in self.interfaces:
params += ["-i", interface]
# Write to STDOUT
params += ["-w", "-"]
return params
from my code.
Thanks!