1 | initial version |
Is there any support beyond a plain "text" input when it comes to capture filters that does the syntax check like Wireshark's integrated UI does?
You can use dumpcap
with the -d
option to, "Dump the code generated for the capture filter in a human-readable form, and exit."
For example, on Windows:
dumpcap.exe -f "icmp" -d 2>&1 | find "Invalid" > nul echo %errorlevel% 1
dumpcap.exe -f "foo" -d 2>&1 | find "Invalid" > nul echo %errorlevel% 0
On Linux:
dumpcap -f "icmp" -d 2>&1 | grep "Invalid" > /dev/null echo $? 1
dumpcap -f "foo" -d 2>&1 | grep "Invalid" > /dev/null echo $? 0
I don't know how well that solution could be integrated with your extcap though.