Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
Makefile Linux make fix Nov 3, 2019
README.md Network interfaces are now listed using kubectl Sep 15, 2019
ebpf.lua eBPF parse fixes Oct 13, 2019
ebpfdump.c MacOS port Nov 3, 2019
pcapio.c
pcapio.h Network interfaces are now listed using kubectl Sep 15, 2019

README.md

Introduction

This is an extcap plugin that allows wireshark to capture system-generated events

Installation

Once you compiled this plugin you need to install it in the 'Extcap path' as specified in the wireshark Help menu

As of the ebpf.lua you need to copy it into ~/.wireshark/plugins/ to interpret eBPF events

Usage

Starting wireshark you will see a new interface named 'eBPF interface'. Select it, and start the packet capture.

You can’t perform that action at this time.