Hi all,
Quick post.
I have been meaning to get around to this for some time, and finally had some free minutes.
I originally posted about this back in September, and this is an updated version. The first version ran fine, unless you wanted to run the same capture again. Because there was no form of capture numbering, the capture would fail as the original file could not be overwritten.
I have now implemented some versioning (basically appending the date and time to the capture).
Now it *should* be a bit smoother!
Please test it out and let me know if there are any issues.
The link is below, it should be a simple extract, replace job:
Download link
https://sites.google.com/site/802101files/books/UNL_WiresharkV2.zipEnjoy!
6 comments
commentsHi Stuart,
ReplyWould you be willing to share the source code?
The way you have this configured (using root@server) doesn't suit my setup and I'd like to tweak it a little bit.
Thanks,
Cameron
Hey Cameron
ReplyIf you download it, you can use Finder to show the contents of the file, and amend it as you need to.
If you make any changes that other could benefit from, then please feel free to share! :)
Thanks for your help!
ReplyI just wanted to change the username, as I'm working with a shared server and don't allow root login via ssh. Nor do I want to change this or give my users root access!
To get around this, I've created a user (called capture) and will request my users public keys so they won't need the password for said user. I also needed to add 'capture ALL = NOPASSWD: /usr/sbin/tcpdump' to my sudoers file.
Now that I've adjusted the script, how did you adjust the link handler (capture://) to bind to your script? Did you compile the script with Xcode?
Thanks,
Cameron
Hey Cameron,
ReplyI just used AppleScript (Script Editor from finder). That makes the application (when you export to type application). Hope this helps!
Interesting, I'm unable to find any options that would indicate the script will be called when opening a capture://unet.lab/cap link.
ReplyCameron
Thats handle separately, by changing the URL handlers: http://www.802101.com/2015/09/changing-url-handlers-in-osx.html
Reply