Revision history [back]

C:\Users\fang>adb version
Android Debug Bridge version 1.0.39
Revision 3db08f2c6889-android
Installed as C:\WINDOWS\adb.exe





C:\Users\fang>CD /d  D:\ProgramFiles\Wireshark
D:\ProgramFiles\Wireshark> Wireshark -oconsole.log.level:252 -ogui.console_open:ALWAYS


D:\ProgramFiles\Wireshark>file   D:\ProgramFiles\Wireshark\extcap\androiddump.exe
D:\ProgramFiles\Wireshark\extcap\androiddump.exe: PE32+ executable (GUI) x86-64, for MS Windows

D:\ProgramFiles\Wireshark>
D:\ProgramFiles\Wireshark>18:00:00  Capture Msg  Capture Interface List ...
18:00:00  Capture Dbg  sync_interface_list_open
18:00:00  Capture Info sync_pipe_run_command() starts
18:00:00  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:00  Capture Dbg    argv[1]: -D
18:00:00  Capture Dbg    argv[2]: -Z
18:00:00  Capture Dbg    argv[3]: none
18:00:00  Capture Dbg  sync_pipe_open_command
18:00:00  Capture Dbg  read 6 indicator: S empty value
18:00:00  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:00  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:00  Capture Info sync_pipe_run_command() ends, taking 0.218s, result=0
18:00:00  Capture Msg  Loading External Capture Interface List ...
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\androiddump.exe
18:00:00  Capture Dbg  Cannot load interfaces for D:\ProgramFiles\Wireshark\extcap\androiddump.exe
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\ciscodump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found cisco

18:00:00  Capture Dbg    Interface [cisco] "Cisco remote capture"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\randpktdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found randpkt

18:00:00  Capture Dbg    Interface [randpkt] "Random packet generator"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\sshdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found ssh

18:00:00  Capture Dbg    Interface [ssh] "SSH remote capture"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\udpdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found udpdump

18:00:00  Capture Dbg    Interface [udpdump] "UDP Listener remote capture"
18:00:00  Capture Msg  Capture Interface Capabilities ...
18:00:00  Capture Dbg  sync_if_capabilities_open
18:00:00  Capture Info sync_pipe_run_command() starts
18:00:00  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:00  Capture Dbg    argv[1]: -i
18:00:00  Capture Dbg    argv[2]: \Device\NPF_{7CCA571D-7442-4397-908C-478D09E86C8B}
18:00:00  Capture Dbg    argv[3]: -L
18:00:00  Capture Dbg    argv[4]: -Z
18:00:00  Capture Dbg    argv[5]: none
18:00:00  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.110s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{CE8E087E-10A1-4F3D-B4FD-07F8CDCDD7B1}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.108s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{B662434A-D296-4696-B725-7277E802E7A5}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.110s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{680316E3-5539-4EFD-B11A-30534782830B}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.109s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\ciscodump.exe
18:00:01  Capture Dbg    DLT 147 name="cisco" display="Remote capture dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\randpktdump.exe
18:00:01  Capture Dbg    DLT 147 name="randpkt" display="Generator dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\sshdump.exe
18:00:01  Capture Dbg    DLT 147 name="ssh" display="Remote capture dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\udpdump.exe
18:00:01  Capture Dbg    DLT 252 name="udpdump" display="Exported PDUs"

ciscodump.exe 1.0.0 extcap C:\Program Files (x86)\Wireshark\extcap\ciscodump.exe
androiddump.exe 1.0.3 extcap C:\Program Files (x86)\Wireshark\extcap\androiddump.exe
randpktdump.exe 0.1.0 extcap C:\Program Files (x86)\Wireshark\extcap\randpktdump.exe
sshdump.exe 1.0.0 extcap C:\Program Files (x86)\Wireshark\extcap\sshdump.exe

---------------------------

---------------------------
Error by extcap pipe: ERROR: Broken socket connection.
---------------------------
OK   
---------------------------

C:\Program Files (x86)\Wireshark>19:12:24  Capture Dbg  Extcap path C:\Program Files (x86)\Wireshark\extcap
19:12:24  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
19:12:24  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.002s
19:12:24  Capture Msg  Capture Start ...
19:12:24  Capture Dbg  sync_pipe_start
19:12:24  Capture Dbg  CAPTURE OPTIONS     :
19:12:24  Capture Dbg  Interface name[00]  : android-wifi-tcpdump-71UBBLF22BJQ
19:12:24  Capture Dbg  Interface description[00] : Android WiFi m1_note 71UBBLF22BJQ
19:12:24  Capture Dbg  Console display name[00]: android-wifi-tcpdump-71UBBLF22BJQ
19:12:24  Capture Dbg  Capture filter[00]  : (unspecified)
19:12:24  Capture Dbg  Snap length[00] (0) : 262144
19:12:24  Capture Dbg  Link Type[00]       : -1
19:12:24  Capture Dbg  Promiscuous Mode[00]: TRUE
19:12:24  Capture Dbg  Extcap[00]          : C:\Program Files (x86)\Wireshark\extcap\androiddump.exe
19:12:24  Capture Dbg  Extcap FIFO[00]     : (unspecified)
19:12:24  Capture Dbg  Extcap PID[00]      : -1
19:12:24  Capture Dbg  Buffer size[00]     : 2 (MB)
19:12:24  Capture Dbg  Monitor Mode[00]    : FALSE
19:12:24  Capture Dbg  Capture source[00]  : Remote interface
19:12:24  Capture Dbg  Remote host[00]     : (unspecified)
19:12:24  Capture Dbg  Remote port[00]     : (unspecified)
19:12:24  Capture Dbg  Authentication[00]  : Null
19:12:24  Capture Dbg  UDP data tfer[00]   : 0
19:12:24  Capture Dbg  No cap. RPCAP[00]   : 1
19:12:24  Capture Dbg  No cap. local[00]   : 0
19:12:24  Capture Dbg  Sampling meth.[00]  : 0
19:12:24  Capture Dbg  Sampling param.[00] : 0
19:12:24  Capture Dbg  Interface name[df]  : (unspecified)
19:12:24  Capture Dbg  Interface Descr[df] : (unspecified)
19:12:24  Capture Dbg  Capture filter[df]  :
19:12:24  Capture Dbg  Snap length[df] (0) : 262144
19:12:24  Capture Dbg  Link Type[df]       : -1
19:12:24  Capture Dbg  Promiscuous Mode[df]: TRUE
19:12:24  Capture Dbg  Extcap[df]          : (unspecified)
19:12:24  Capture Dbg  Extcap FIFO[df]     : (unspecified)
19:12:24  Capture Dbg  Buffer size[df]     : 2 (MB)
19:12:24  Capture Dbg  Monitor Mode[df]    : FALSE
19:12:24  Capture Dbg  Capture source[df]  : Local interface
19:12:24  Capture Dbg  Authentication[df]  : Null
19:12:24  Capture Dbg  UDP data tfer[df]   : 0
19:12:24  Capture Dbg  No cap. RPCAP[df]   : 1
19:12:24  Capture Dbg  No cap. local[df]   : 0
19:12:24  Capture Dbg  Sampling meth. [df] : 0
19:12:24  Capture Dbg  Sampling param.[df] : 0
19:12:24  Capture Dbg  SavingToFile        : 0
19:12:24  Capture Dbg  SaveFile            :
19:12:24  Capture Dbg  GroupReadAccess     : 0
19:12:24  Capture Dbg  Fileformat          : PCAPNG
19:12:24  Capture Dbg  RealTimeMode        : 1
19:12:24  Capture Dbg  ShowInfo            : 1
19:12:24  Capture Dbg  MultiFilesOn        : 0
19:12:24  Capture Dbg  FileDuration    (0) : 60
19:12:24  Capture Dbg  RingNumFiles    (0) : 0
19:12:24  Capture Dbg  AutostopFiles   (0) : 1
19:12:24  Capture Dbg  AutostopPackets (0) : 0
19:12:24  Capture Dbg  AutostopFilesize(0) : 1000 (KB)
19:12:24  Capture Dbg  AutostopDuration(0) : 60
19:12:24  Capture Dbg
Wireshark Created pipe =>(\\.\pipe\wireshark_extcap_20171116191224)
19:12:24  Capture Dbg  Extcap path C:\Program Files (x86)\Wireshark\extcap
19:12:24  Capture Dbg  ConnectNamedPipe code: 0
19:12:24  Capture Dbg  argv[0]: C:\Program Files (x86)\Wireshark\dumpcap.exe
19:12:24  Capture Dbg  argv[1]: -n
19:12:24  Capture Dbg  argv[2]: -i
19:12:24  Capture Dbg  argv[3]: \\.\pipe\wireshark_extcap_20171116191224
19:12:24  Capture Dbg  argv[4]: -Z
19:12:24  Capture Dbg  argv[5]: 9272
19:12:24     Main Dbg  Callback: capture prepared
19:12:24          Dbg  FIX: capture_info_ui_create
19:12:24  Capture Dbg  read 5 ok indicator: F len: 106 msg: C:\Users\ssfang\AppData\Local\Temp\wireshark_wireshark_extca
p_20171116191224_20171116191224_a10352.pcapng
19:12:24  Capture Msg  Capture started
19:12:24  Capture Msg  File: "C:\Users\ssfang\AppData\Local\Temp\wireshark_wireshark_extcap_20171116191224_2017111619122
4_a10352.pcapng"
19:12:24     Main Dbg  Callback: Opened
19:12:24     Main Dbg  Callback: capture update started
19:12:24  Capture Dbg  read 5 ok indicator: D len: 2 msg: 0
19:12:24  Capture Info 0 packets dropped
19:12:24  Capture Dbg  read from pipe 5: EOF (capture closed?)
19:12:24  Capture Dbg  read 5 got an EOF
19:12:24  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
19:12:24  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.000s
19:12:24  Capture Dbg  sync_pipe_input_cb: cleaning extcap pipe
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Cleaning up fifo: \\.\pipe\wireshark_extcap_20171116
191224; PID: 732
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Closing pipe
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Closing spawned PID: 732
19:12:24  Capture Msg  Capture stopped.

Microsoft Windows [Version 10.0.10240]
(c) 2015 Microsoft Corporation. All rights reserved.

C:\Users\fang>adb version
Android Debug Bridge version 1.0.39
Revision 3db08f2c6889-android
Installed as C:\WINDOWS\adb.exe





C:\Users\fang>CD /d  D:\ProgramFiles\Wireshark
D:\ProgramFiles\Wireshark> Wireshark -oconsole.log.level:252 -ogui.console_open:ALWAYS


D:\ProgramFiles\Wireshark>file   D:\ProgramFiles\Wireshark\extcap\androiddump.exe
D:\ProgramFiles\Wireshark\extcap\androiddump.exe: PE32+ executable (GUI) x86-64, for MS Windows

D:\ProgramFiles\Wireshark>
D:\ProgramFiles\Wireshark>18:00:00  Capture Msg  Capture Interface List ...
18:00:00  Capture Dbg  sync_interface_list_open
18:00:00  Capture Info sync_pipe_run_command() starts
18:00:00  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:00  Capture Dbg    argv[1]: -D
18:00:00  Capture Dbg    argv[2]: -Z
18:00:00  Capture Dbg    argv[3]: none
18:00:00  Capture Dbg  sync_pipe_open_command
18:00:00  Capture Dbg  read 6 indicator: S empty value
18:00:00  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:00  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:00  Capture Info sync_pipe_run_command() ends, taking 0.218s, result=0
18:00:00  Capture Msg  Loading External Capture Interface List ...
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\androiddump.exe
18:00:00  Capture Dbg  Cannot load interfaces for D:\ProgramFiles\Wireshark\extcap\androiddump.exe
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\ciscodump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found cisco

18:00:00  Capture Dbg    Interface [cisco] "Cisco remote capture"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\randpktdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found randpkt

18:00:00  Capture Dbg    Interface [randpkt] "Random packet generator"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\sshdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found ssh

18:00:00  Capture Dbg    Interface [ssh] "SSH remote capture"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\udpdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found udpdump

18:00:00  Capture Dbg    Interface [udpdump] "UDP Listener remote capture"
18:00:00  Capture Msg  Capture Interface Capabilities ...
18:00:00  Capture Dbg  sync_if_capabilities_open
18:00:00  Capture Info sync_pipe_run_command() starts
18:00:00  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:00  Capture Dbg    argv[1]: -i
18:00:00  Capture Dbg    argv[2]: \Device\NPF_{7CCA571D-7442-4397-908C-478D09E86C8B}
18:00:00  Capture Dbg    argv[3]: -L
18:00:00  Capture Dbg    argv[4]: -Z
18:00:00  Capture Dbg    argv[5]: none
18:00:00  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.110s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{CE8E087E-10A1-4F3D-B4FD-07F8CDCDD7B1}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.108s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{B662434A-D296-4696-B725-7277E802E7A5}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.110s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{680316E3-5539-4EFD-B11A-30534782830B}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.109s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\ciscodump.exe
18:00:01  Capture Dbg    DLT 147 name="cisco" display="Remote capture dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\randpktdump.exe
18:00:01  Capture Dbg    DLT 147 name="randpkt" display="Generator dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\sshdump.exe
18:00:01  Capture Dbg    DLT 147 name="ssh" display="Remote capture dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\udpdump.exe
18:00:01  Capture Dbg    DLT 252 name="udpdump" display="Exported PDUs"

The above error ocurred on my home PC.

================================================================

On my company computer (Microsoft Windows [Version 6.1.7601]), I have Wireshark Version 2.2.3 (v2.2.3-0-g57531cd) installed(PS: no permision to install any software that needs privilege in my company), it lists plugins in the plugins tab of Help -> About Wireshark.

ciscodump.exe 1.0.0 extcap C:\Program Files (x86)\Wireshark\extcap\ciscodump.exe
androiddump.exe 1.0.3 extcap C:\Program Files (x86)\Wireshark\extcap\androiddump.exe
randpktdump.exe 0.1.0 extcap C:\Program Files (x86)\Wireshark\extcap\randpktdump.exe
sshdump.exe 1.0.0 extcap C:\Program Files (x86)\Wireshark\extcap\sshdump.exe

However, when I capture by android-wifi-tcpdump-71UBBLF22BJQ, it pops up an error dialog (Copy text) as following.

---------------------------

---------------------------
Error by extcap pipe: ERROR: Broken socket connection.
---------------------------
OK   
---------------------------

And console log is as following:

C:\Program Files (x86)\Wireshark>19:12:24  Capture Dbg  Extcap path C:\Program Files (x86)\Wireshark\extcap
19:12:24  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
19:12:24  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.002s
19:12:24  Capture Msg  Capture Start ...
19:12:24  Capture Dbg  sync_pipe_start
19:12:24  Capture Dbg  CAPTURE OPTIONS     :
19:12:24  Capture Dbg  Interface name[00]  : android-wifi-tcpdump-71UBBLF22BJQ
19:12:24  Capture Dbg  Interface description[00] : Android WiFi m1_note 71UBBLF22BJQ
19:12:24  Capture Dbg  Console display name[00]: android-wifi-tcpdump-71UBBLF22BJQ
19:12:24  Capture Dbg  Capture filter[00]  : (unspecified)
19:12:24  Capture Dbg  Snap length[00] (0) : 262144
19:12:24  Capture Dbg  Link Type[00]       : -1
19:12:24  Capture Dbg  Promiscuous Mode[00]: TRUE
19:12:24  Capture Dbg  Extcap[00]          : C:\Program Files (x86)\Wireshark\extcap\androiddump.exe
19:12:24  Capture Dbg  Extcap FIFO[00]     : (unspecified)
19:12:24  Capture Dbg  Extcap PID[00]      : -1
19:12:24  Capture Dbg  Buffer size[00]     : 2 (MB)
19:12:24  Capture Dbg  Monitor Mode[00]    : FALSE
19:12:24  Capture Dbg  Capture source[00]  : Remote interface
19:12:24  Capture Dbg  Remote host[00]     : (unspecified)
19:12:24  Capture Dbg  Remote port[00]     : (unspecified)
19:12:24  Capture Dbg  Authentication[00]  : Null
19:12:24  Capture Dbg  UDP data tfer[00]   : 0
19:12:24  Capture Dbg  No cap. RPCAP[00]   : 1
19:12:24  Capture Dbg  No cap. local[00]   : 0
19:12:24  Capture Dbg  Sampling meth.[00]  : 0
19:12:24  Capture Dbg  Sampling param.[00] : 0
19:12:24  Capture Dbg  Interface name[df]  : (unspecified)
19:12:24  Capture Dbg  Interface Descr[df] : (unspecified)
19:12:24  Capture Dbg  Capture filter[df]  :
19:12:24  Capture Dbg  Snap length[df] (0) : 262144
19:12:24  Capture Dbg  Link Type[df]       : -1
19:12:24  Capture Dbg  Promiscuous Mode[df]: TRUE
19:12:24  Capture Dbg  Extcap[df]          : (unspecified)
19:12:24  Capture Dbg  Extcap FIFO[df]     : (unspecified)
19:12:24  Capture Dbg  Buffer size[df]     : 2 (MB)
19:12:24  Capture Dbg  Monitor Mode[df]    : FALSE
19:12:24  Capture Dbg  Capture source[df]  : Local interface
19:12:24  Capture Dbg  Authentication[df]  : Null
19:12:24  Capture Dbg  UDP data tfer[df]   : 0
19:12:24  Capture Dbg  No cap. RPCAP[df]   : 1
19:12:24  Capture Dbg  No cap. local[df]   : 0
19:12:24  Capture Dbg  Sampling meth. [df] : 0
19:12:24  Capture Dbg  Sampling param.[df] : 0
19:12:24  Capture Dbg  SavingToFile        : 0
19:12:24  Capture Dbg  SaveFile            :
19:12:24  Capture Dbg  GroupReadAccess     : 0
19:12:24  Capture Dbg  Fileformat          : PCAPNG
19:12:24  Capture Dbg  RealTimeMode        : 1
19:12:24  Capture Dbg  ShowInfo            : 1
19:12:24  Capture Dbg  MultiFilesOn        : 0
19:12:24  Capture Dbg  FileDuration    (0) : 60
19:12:24  Capture Dbg  RingNumFiles    (0) : 0
19:12:24  Capture Dbg  AutostopFiles   (0) : 1
19:12:24  Capture Dbg  AutostopPackets (0) : 0
19:12:24  Capture Dbg  AutostopFilesize(0) : 1000 (KB)
19:12:24  Capture Dbg  AutostopDuration(0) : 60
19:12:24  Capture Dbg
Wireshark Created pipe =>(\\.\pipe\wireshark_extcap_20171116191224)
19:12:24  Capture Dbg  Extcap path C:\Program Files (x86)\Wireshark\extcap
19:12:24  Capture Dbg  ConnectNamedPipe code: 0
19:12:24  Capture Dbg  argv[0]: C:\Program Files (x86)\Wireshark\dumpcap.exe
19:12:24  Capture Dbg  argv[1]: -n
19:12:24  Capture Dbg  argv[2]: -i
19:12:24  Capture Dbg  argv[3]: \\.\pipe\wireshark_extcap_20171116191224
19:12:24  Capture Dbg  argv[4]: -Z
19:12:24  Capture Dbg  argv[5]: 9272
19:12:24     Main Dbg  Callback: capture prepared
19:12:24          Dbg  FIX: capture_info_ui_create
19:12:24  Capture Dbg  read 5 ok indicator: F len: 106 msg: C:\Users\ssfang\AppData\Local\Temp\wireshark_wireshark_extca
p_20171116191224_20171116191224_a10352.pcapng
19:12:24  Capture Msg  Capture started
19:12:24  Capture Msg  File: "C:\Users\ssfang\AppData\Local\Temp\wireshark_wireshark_extcap_20171116191224_2017111619122
4_a10352.pcapng"
19:12:24     Main Dbg  Callback: Opened
19:12:24     Main Dbg  Callback: capture update started
19:12:24  Capture Dbg  read 5 ok indicator: D len: 2 msg: 0
19:12:24  Capture Info 0 packets dropped
19:12:24  Capture Dbg  read from pipe 5: EOF (capture closed?)
19:12:24  Capture Dbg  read 5 got an EOF
19:12:24  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
19:12:24  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.000s
19:12:24  Capture Dbg  sync_pipe_input_cb: cleaning extcap pipe
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Cleaning up fifo: \\.\pipe\wireshark_extcap_20171116
191224; PID: 732
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Closing pipe
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Closing spawned PID: 732
19:12:24  Capture Msg  Capture stopped.

---------------------------

---------------------------
No packets captured.
---------------------------
As no data was captured, closing the temporary capture file.

Help about capturing can be found at

       https://wiki.wireshark.org/CaptureSetup

Wireless (Wi-Fi/WLAN):
Try to switch off promiscuous mode in the Capture Options.
---------------------------
OK   
---------------------------

• C:\Program Files (x86)\Wireshark> "C:\Program Files (x86)\Wireshark\extcap\androiddump.exe" --capture --extcap-interface android-wifi-tcpdump-71UBBLF22BJQ --fifo \.\pipe\wireshark_extcap_20171117112149
  it gives "ERROR: Cannot save dump file".

• C:\Program Files (x86)\Wireshark> "C:\Program Files (x86)\Wireshark\dumpcap.exe" -n -i \.\pipe\wireshark_extcap_20171117112149 -Z 4400
  it gives nothing.

Microsoft Windows [Version 10.0.10240]
(c) 2015 Microsoft Corporation. All rights reserved.

C:\Users\fang>adb version
Android Debug Bridge version 1.0.39
Revision 3db08f2c6889-android
Installed as C:\WINDOWS\adb.exe





C:\Users\fang>CD /d  D:\ProgramFiles\Wireshark
D:\ProgramFiles\Wireshark> Wireshark -oconsole.log.level:252 -ogui.console_open:ALWAYS


D:\ProgramFiles\Wireshark>file   D:\ProgramFiles\Wireshark\extcap\androiddump.exe
D:\ProgramFiles\Wireshark\extcap\androiddump.exe: PE32+ executable (GUI) x86-64, for MS Windows

D:\ProgramFiles\Wireshark>
D:\ProgramFiles\Wireshark>18:00:00  Capture Msg  Capture Interface List ...
18:00:00  Capture Dbg  sync_interface_list_open
18:00:00  Capture Info sync_pipe_run_command() starts
18:00:00  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:00  Capture Dbg    argv[1]: -D
18:00:00  Capture Dbg    argv[2]: -Z
18:00:00  Capture Dbg    argv[3]: none
18:00:00  Capture Dbg  sync_pipe_open_command
18:00:00  Capture Dbg  read 6 indicator: S empty value
18:00:00  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:00  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:00  Capture Info sync_pipe_run_command() ends, taking 0.218s, result=0
18:00:00  Capture Msg  Loading External Capture Interface List ...
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\androiddump.exe
18:00:00  Capture Dbg  Cannot load interfaces for D:\ProgramFiles\Wireshark\extcap\androiddump.exe
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\ciscodump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found cisco

18:00:00  Capture Dbg    Interface [cisco] "Cisco remote capture"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\randpktdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found randpkt

18:00:00  Capture Dbg    Interface [randpkt] "Random packet generator"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\sshdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found ssh

18:00:00  Capture Dbg    Interface [ssh] "SSH remote capture"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\udpdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found udpdump

18:00:00  Capture Dbg    Interface [udpdump] "UDP Listener remote capture"
18:00:00  Capture Msg  Capture Interface Capabilities ...
18:00:00  Capture Dbg  sync_if_capabilities_open
18:00:00  Capture Info sync_pipe_run_command() starts
18:00:00  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:00  Capture Dbg    argv[1]: -i
18:00:00  Capture Dbg    argv[2]: \Device\NPF_{7CCA571D-7442-4397-908C-478D09E86C8B}
18:00:00  Capture Dbg    argv[3]: -L
18:00:00  Capture Dbg    argv[4]: -Z
18:00:00  Capture Dbg    argv[5]: none
18:00:00  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.110s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{CE8E087E-10A1-4F3D-B4FD-07F8CDCDD7B1}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.108s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{B662434A-D296-4696-B725-7277E802E7A5}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.110s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{680316E3-5539-4EFD-B11A-30534782830B}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.109s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\ciscodump.exe
18:00:01  Capture Dbg    DLT 147 name="cisco" display="Remote capture dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\randpktdump.exe
18:00:01  Capture Dbg    DLT 147 name="randpkt" display="Generator dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\sshdump.exe
18:00:01  Capture Dbg    DLT 147 name="ssh" display="Remote capture dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\udpdump.exe
18:00:01  Capture Dbg    DLT 252 name="udpdump" display="Exported PDUs"

The above error ocurred on my home PC.

================================================================

On my company computer (Microsoft Windows [Version 6.1.7601]), I have Wireshark Version 2.2.3 (v2.2.3-0-g57531cd) installed(PS: no permision to install any software that needs privilege in my company), it lists plugins in the plugins tab of Help -> About Wireshark.

ciscodump.exe 1.0.0 extcap C:\Program Files (x86)\Wireshark\extcap\ciscodump.exe
androiddump.exe 1.0.3 extcap C:\Program Files (x86)\Wireshark\extcap\androiddump.exe
randpktdump.exe 0.1.0 extcap C:\Program Files (x86)\Wireshark\extcap\randpktdump.exe
sshdump.exe 1.0.0 extcap C:\Program Files (x86)\Wireshark\extcap\sshdump.exe

However, when I capture by android-wifi-tcpdump-71UBBLF22BJQ, it pops up an error dialog (Copy text) as following.

---------------------------

---------------------------
Error by extcap pipe: ERROR: Broken socket connection.
---------------------------
OK   
---------------------------

And console log is as following:

C:\Program Files (x86)\Wireshark>19:12:24  Capture Dbg  Extcap path C:\Program Files (x86)\Wireshark\extcap
19:12:24  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
19:12:24  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.002s
19:12:24  Capture Msg  Capture Start ...
19:12:24  Capture Dbg  sync_pipe_start
19:12:24  Capture Dbg  CAPTURE OPTIONS     :
19:12:24  Capture Dbg  Interface name[00]  : android-wifi-tcpdump-71UBBLF22BJQ
19:12:24  Capture Dbg  Interface description[00] : Android WiFi m1_note 71UBBLF22BJQ
19:12:24  Capture Dbg  Console display name[00]: android-wifi-tcpdump-71UBBLF22BJQ
19:12:24  Capture Dbg  Capture filter[00]  : (unspecified)
19:12:24  Capture Dbg  Snap length[00] (0) : 262144
19:12:24  Capture Dbg  Link Type[00]       : -1
19:12:24  Capture Dbg  Promiscuous Mode[00]: TRUE
19:12:24  Capture Dbg  Extcap[00]          : C:\Program Files (x86)\Wireshark\extcap\androiddump.exe
19:12:24  Capture Dbg  Extcap FIFO[00]     : (unspecified)
19:12:24  Capture Dbg  Extcap PID[00]      : -1
19:12:24  Capture Dbg  Buffer size[00]     : 2 (MB)
19:12:24  Capture Dbg  Monitor Mode[00]    : FALSE
19:12:24  Capture Dbg  Capture source[00]  : Remote interface
19:12:24  Capture Dbg  Remote host[00]     : (unspecified)
19:12:24  Capture Dbg  Remote port[00]     : (unspecified)
19:12:24  Capture Dbg  Authentication[00]  : Null
19:12:24  Capture Dbg  UDP data tfer[00]   : 0
19:12:24  Capture Dbg  No cap. RPCAP[00]   : 1
19:12:24  Capture Dbg  No cap. local[00]   : 0
19:12:24  Capture Dbg  Sampling meth.[00]  : 0
19:12:24  Capture Dbg  Sampling param.[00] : 0
19:12:24  Capture Dbg  Interface name[df]  : (unspecified)
19:12:24  Capture Dbg  Interface Descr[df] : (unspecified)
19:12:24  Capture Dbg  Capture filter[df]  :
19:12:24  Capture Dbg  Snap length[df] (0) : 262144
19:12:24  Capture Dbg  Link Type[df]       : -1
19:12:24  Capture Dbg  Promiscuous Mode[df]: TRUE
19:12:24  Capture Dbg  Extcap[df]          : (unspecified)
19:12:24  Capture Dbg  Extcap FIFO[df]     : (unspecified)
19:12:24  Capture Dbg  Buffer size[df]     : 2 (MB)
19:12:24  Capture Dbg  Monitor Mode[df]    : FALSE
19:12:24  Capture Dbg  Capture source[df]  : Local interface
19:12:24  Capture Dbg  Authentication[df]  : Null
19:12:24  Capture Dbg  UDP data tfer[df]   : 0
19:12:24  Capture Dbg  No cap. RPCAP[df]   : 1
19:12:24  Capture Dbg  No cap. local[df]   : 0
19:12:24  Capture Dbg  Sampling meth. [df] : 0
19:12:24  Capture Dbg  Sampling param.[df] : 0
19:12:24  Capture Dbg  SavingToFile        : 0
19:12:24  Capture Dbg  SaveFile            :
19:12:24  Capture Dbg  GroupReadAccess     : 0
19:12:24  Capture Dbg  Fileformat          : PCAPNG
19:12:24  Capture Dbg  RealTimeMode        : 1
19:12:24  Capture Dbg  ShowInfo            : 1
19:12:24  Capture Dbg  MultiFilesOn        : 0
19:12:24  Capture Dbg  FileDuration    (0) : 60
19:12:24  Capture Dbg  RingNumFiles    (0) : 0
19:12:24  Capture Dbg  AutostopFiles   (0) : 1
19:12:24  Capture Dbg  AutostopPackets (0) : 0
19:12:24  Capture Dbg  AutostopFilesize(0) : 1000 (KB)
19:12:24  Capture Dbg  AutostopDuration(0) : 60
19:12:24  Capture Dbg
Wireshark Created pipe =>(\\.\pipe\wireshark_extcap_20171116191224)
19:12:24  Capture Dbg  Extcap path C:\Program Files (x86)\Wireshark\extcap
19:12:24  Capture Dbg  ConnectNamedPipe code: 0
19:12:24  Capture Dbg  argv[0]: C:\Program Files (x86)\Wireshark\dumpcap.exe
19:12:24  Capture Dbg  argv[1]: -n
19:12:24  Capture Dbg  argv[2]: -i
19:12:24  Capture Dbg  argv[3]: \\.\pipe\wireshark_extcap_20171116191224
19:12:24  Capture Dbg  argv[4]: -Z
19:12:24  Capture Dbg  argv[5]: 9272
19:12:24     Main Dbg  Callback: capture prepared
19:12:24          Dbg  FIX: capture_info_ui_create
19:12:24  Capture Dbg  read 5 ok indicator: F len: 106 msg: C:\Users\ssfang\AppData\Local\Temp\wireshark_wireshark_extca
p_20171116191224_20171116191224_a10352.pcapng
19:12:24  Capture Msg  Capture started
19:12:24  Capture Msg  File: "C:\Users\ssfang\AppData\Local\Temp\wireshark_wireshark_extcap_20171116191224_2017111619122
4_a10352.pcapng"
19:12:24     Main Dbg  Callback: Opened
19:12:24     Main Dbg  Callback: capture update started
19:12:24  Capture Dbg  read 5 ok indicator: D len: 2 msg: 0
19:12:24  Capture Info 0 packets dropped
19:12:24  Capture Dbg  read from pipe 5: EOF (capture closed?)
19:12:24  Capture Dbg  read 5 got an EOF
19:12:24  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
19:12:24  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.000s
19:12:24  Capture Dbg  sync_pipe_input_cb: cleaning extcap pipe
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Cleaning up fifo: \\.\pipe\wireshark_extcap_20171116
191224; PID: 732
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Closing pipe
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Closing spawned PID: 732
19:12:24  Capture Msg  Capture stopped.

And then the second dialog pops up.

---------------------------

---------------------------
No packets captured.
---------------------------
As no data was captured, closing the temporary capture file.

Help about capturing can be found at

       https://wiki.wireshark.org/CaptureSetup

Wireless (Wi-Fi/WLAN):
Try to switch off promiscuous mode in the Capture Options.
---------------------------
OK   
---------------------------

When I execute androiddump.exe and dumpcap.exe:

• C:\Program Files (x86)\Wireshark> "C:\Program Files (x86)\Wireshark\extcap\androiddump.exe" --capture --extcap-interface android-wifi-tcpdump-71UBBLF22BJQ --fifo \.\pipe\wireshark_extcap_20171117112149
  it gives "ERROR: Cannot save dump file".

• C:\Program Files (x86)\Wireshark> "C:\Program Files (x86)\Wireshark\dumpcap.exe" -n -i \.\pipe\wireshark_extcap_20171117112149 -Z 4400
  it gives nothing.

D:\ProgramFiles\Wireshark>adb shell
shell@m1note:/ $ tcpdump
tcpdump: (null): You don't have permission to capture on that device
(socket: Operation not permitted)
1|shell@m1note:/ $ which tcpdump
/system/xbin/tcpdump
shell@m1note:/ $ ll /system/bin/tcpdump
/system/bin/tcpdump: No such file or directory
shell@m1note:/ $ su
root@m1note:/ # echo '#!/system/bin/sh\nsu -c "/system/xbin/tcpdump $*"' > /system/bin/tcpdump
root@m1note:/ # cat /system/bin/tcpdump
#!/system/bin/sh
su -c "/system/xbin/tcpdump $*"
root@m1note:/ # ls -l /system/bin/tcpdump
-rw-r----- root     root           49 2017-11-19 23:31 tcpdump
root@m1note:/ # chmod 6755 /system/bin/tcpdump
root@m1note:/ # ls -l /system/bin/tcpdump
-rwsr-sr-x root     root           34 2017-11-16 18:26 tcpdump
root@m1note:/ # mount -o ro,remount,ro /system
mount -o ro,remount,ro /system
root@m1note:/ # exit
shell@m1note:/ $ which tcpdump
/system/bin/tcpdump
shell@m1note:/ $ tcpdump -h
tcpdump version 4.5.1
libpcap version 1.5.2
Usage: tcpdump [-aAbdDefhHIJKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
                [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
                [ -i interface ] [ -j tstamptype ] [ -M secret ]
                [ -Q in|out|inout ]
                [ -r file ] [ -s snaplen ] [ -T type ] [ -V file ] [ -w file ]
                [ -W filecount ] [ -y datalinktype ] [ -z command ]
                [ -Z user ] [ expression ]
shell@m1note:/ $ tcpdump -D
activate_mmap...activate_mmap...activate_mmap...activate_mmap...1.wlan0
2.nflog (Linux netfilter log (NFLOG) interface)
3.nfqueue (Linux netfilter queue (NFQUEUE) interface)
4.p2p0
5.any (Pseudo-device that captures on all interfaces)
6.lo
shell@m1note:/ $ tcpdump -s0 -i any
activate_mmap...23:33:58.682083 IP 192.168.1.100.34652 > 1.2.3.4.www: Flags [.], ack 561217935, win 1369, options [nop,nop
,TS val 20609232 ecr 1143016662], length 0
23:33:59.591056 IP 192.168.1.100.10535 > 74.125.239.56.domain: 61737+ PTR? 100.1.168.192.in-addr.arpa. (44)
23:33:59.617806 IP 74.125.239.56.domain > 192.168.1.100.10535: 61737 NXDomain* 0/1/0 (79)
23:33:59.619580 IP 192.168.1.100.40402 > 74.125.239.56.domain: 57106+ PTR? 118.51.240.58.in-addr.arpa. (44)

Microsoft Windows [Version 10.0.10240]
(c) 2015 Microsoft Corporation. All rights reserved.

C:\Users\fang>adb version
Android Debug Bridge version 1.0.39
Revision 3db08f2c6889-android
Installed as C:\WINDOWS\adb.exe





C:\Users\fang>CD /d  D:\ProgramFiles\Wireshark
D:\ProgramFiles\Wireshark> Wireshark -oconsole.log.level:252 -ogui.console_open:ALWAYS


D:\ProgramFiles\Wireshark>file   D:\ProgramFiles\Wireshark\extcap\androiddump.exe
D:\ProgramFiles\Wireshark\extcap\androiddump.exe: PE32+ executable (GUI) x86-64, for MS Windows

D:\ProgramFiles\Wireshark>
D:\ProgramFiles\Wireshark>18:00:00  Capture Msg  Capture Interface List ...
18:00:00  Capture Dbg  sync_interface_list_open
18:00:00  Capture Info sync_pipe_run_command() starts
18:00:00  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:00  Capture Dbg    argv[1]: -D
18:00:00  Capture Dbg    argv[2]: -Z
18:00:00  Capture Dbg    argv[3]: none
18:00:00  Capture Dbg  sync_pipe_open_command
18:00:00  Capture Dbg  read 6 indicator: S empty value
18:00:00  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:00  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:00  Capture Info sync_pipe_run_command() ends, taking 0.218s, result=0
18:00:00  Capture Msg  Loading External Capture Interface List ...
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\androiddump.exe
18:00:00  Capture Dbg  Cannot load interfaces for D:\ProgramFiles\Wireshark\extcap\androiddump.exe
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\ciscodump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found cisco

18:00:00  Capture Dbg    Interface [cisco] "Cisco remote capture"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\randpktdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found randpkt

18:00:00  Capture Dbg    Interface [randpkt] "Random packet generator"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\sshdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found ssh

18:00:00  Capture Dbg    Interface [ssh] "SSH remote capture"
18:00:00  Capture Dbg  Loading interface list for D:\ProgramFiles\Wireshark\extcap\udpdump.exe
18:00:00  Capture Dbg  Interface found (null)

18:00:00  Capture Dbg    Extcap [(null)]
18:00:00  Capture Dbg  Interface found udpdump

18:00:00  Capture Dbg    Interface [udpdump] "UDP Listener remote capture"
18:00:00  Capture Msg  Capture Interface Capabilities ...
18:00:00  Capture Dbg  sync_if_capabilities_open
18:00:00  Capture Info sync_pipe_run_command() starts
18:00:00  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:00  Capture Dbg    argv[1]: -i
18:00:00  Capture Dbg    argv[2]: \Device\NPF_{7CCA571D-7442-4397-908C-478D09E86C8B}
18:00:00  Capture Dbg    argv[3]: -L
18:00:00  Capture Dbg    argv[4]: -Z
18:00:00  Capture Dbg    argv[5]: none
18:00:00  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.110s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{CE8E087E-10A1-4F3D-B4FD-07F8CDCDD7B1}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.108s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{B662434A-D296-4696-B725-7277E802E7A5}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.110s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  sync_if_capabilities_open
18:00:01  Capture Info sync_pipe_run_command() starts
18:00:01  Capture Dbg    argv[0]: D:\ProgramFiles\Wireshark\dumpcap.exe
18:00:01  Capture Dbg    argv[1]: -i
18:00:01  Capture Dbg    argv[2]: \Device\NPF_{680316E3-5539-4EFD-B11A-30534782830B}
18:00:01  Capture Dbg    argv[3]: -L
18:00:01  Capture Dbg    argv[4]: -Z
18:00:01  Capture Dbg    argv[5]: none
18:00:01  Capture Dbg  sync_pipe_open_command
18:00:01  Capture Dbg  read 6 indicator: S empty value
18:00:01  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
18:00:01  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.001s
18:00:01  Capture Info sync_pipe_run_command() ends, taking 0.109s, result=0
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\ciscodump.exe
18:00:01  Capture Dbg    DLT 147 name="cisco" display="Remote capture dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\randpktdump.exe
18:00:01  Capture Dbg    DLT 147 name="randpkt" display="Generator dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\sshdump.exe
18:00:01  Capture Dbg    DLT 147 name="ssh" display="Remote capture dependent DLT"
18:00:01  Capture Msg  Capture Interface Capabilities ...
18:00:01  Capture Dbg  Extcap pipe D:\ProgramFiles\Wireshark\extcap\udpdump.exe
18:00:01  Capture Dbg    DLT 252 name="udpdump" display="Exported PDUs"

The above error ocurred on my home PC.

================================================================

On my company computer (Microsoft Windows [Version 6.1.7601]), I have Wireshark Version 2.2.3 (v2.2.3-0-g57531cd) installed(PS: no permision to install any software that needs privilege in my company), it lists plugins in the plugins tab of Help -> About Wireshark.

ciscodump.exe 1.0.0 extcap C:\Program Files (x86)\Wireshark\extcap\ciscodump.exe
androiddump.exe 1.0.3 extcap C:\Program Files (x86)\Wireshark\extcap\androiddump.exe
randpktdump.exe 0.1.0 extcap C:\Program Files (x86)\Wireshark\extcap\randpktdump.exe
sshdump.exe 1.0.0 extcap C:\Program Files (x86)\Wireshark\extcap\sshdump.exe

However, when I capture by android-wifi-tcpdump-71UBBLF22BJQ, it pops up an error dialog (Copy text) as following.

---------------------------

---------------------------
Error by extcap pipe: ERROR: Broken socket connection.
---------------------------
OK   
---------------------------

And console log is as following:

C:\Program Files (x86)\Wireshark>19:12:24  Capture Dbg  Extcap path C:\Program Files (x86)\Wireshark\extcap
19:12:24  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
19:12:24  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.002s
19:12:24  Capture Msg  Capture Start ...
19:12:24  Capture Dbg  sync_pipe_start
19:12:24  Capture Dbg  CAPTURE OPTIONS     :
19:12:24  Capture Dbg  Interface name[00]  : android-wifi-tcpdump-71UBBLF22BJQ
19:12:24  Capture Dbg  Interface description[00] : Android WiFi m1_note 71UBBLF22BJQ
19:12:24  Capture Dbg  Console display name[00]: android-wifi-tcpdump-71UBBLF22BJQ
19:12:24  Capture Dbg  Capture filter[00]  : (unspecified)
19:12:24  Capture Dbg  Snap length[00] (0) : 262144
19:12:24  Capture Dbg  Link Type[00]       : -1
19:12:24  Capture Dbg  Promiscuous Mode[00]: TRUE
19:12:24  Capture Dbg  Extcap[00]          : C:\Program Files (x86)\Wireshark\extcap\androiddump.exe
19:12:24  Capture Dbg  Extcap FIFO[00]     : (unspecified)
19:12:24  Capture Dbg  Extcap PID[00]      : -1
19:12:24  Capture Dbg  Buffer size[00]     : 2 (MB)
19:12:24  Capture Dbg  Monitor Mode[00]    : FALSE
19:12:24  Capture Dbg  Capture source[00]  : Remote interface
19:12:24  Capture Dbg  Remote host[00]     : (unspecified)
19:12:24  Capture Dbg  Remote port[00]     : (unspecified)
19:12:24  Capture Dbg  Authentication[00]  : Null
19:12:24  Capture Dbg  UDP data tfer[00]   : 0
19:12:24  Capture Dbg  No cap. RPCAP[00]   : 1
19:12:24  Capture Dbg  No cap. local[00]   : 0
19:12:24  Capture Dbg  Sampling meth.[00]  : 0
19:12:24  Capture Dbg  Sampling param.[00] : 0
19:12:24  Capture Dbg  Interface name[df]  : (unspecified)
19:12:24  Capture Dbg  Interface Descr[df] : (unspecified)
19:12:24  Capture Dbg  Capture filter[df]  :
19:12:24  Capture Dbg  Snap length[df] (0) : 262144
19:12:24  Capture Dbg  Link Type[df]       : -1
19:12:24  Capture Dbg  Promiscuous Mode[df]: TRUE
19:12:24  Capture Dbg  Extcap[df]          : (unspecified)
19:12:24  Capture Dbg  Extcap FIFO[df]     : (unspecified)
19:12:24  Capture Dbg  Buffer size[df]     : 2 (MB)
19:12:24  Capture Dbg  Monitor Mode[df]    : FALSE
19:12:24  Capture Dbg  Capture source[df]  : Local interface
19:12:24  Capture Dbg  Authentication[df]  : Null
19:12:24  Capture Dbg  UDP data tfer[df]   : 0
19:12:24  Capture Dbg  No cap. RPCAP[df]   : 1
19:12:24  Capture Dbg  No cap. local[df]   : 0
19:12:24  Capture Dbg  Sampling meth. [df] : 0
19:12:24  Capture Dbg  Sampling param.[df] : 0
19:12:24  Capture Dbg  SavingToFile        : 0
19:12:24  Capture Dbg  SaveFile            :
19:12:24  Capture Dbg  GroupReadAccess     : 0
19:12:24  Capture Dbg  Fileformat          : PCAPNG
19:12:24  Capture Dbg  RealTimeMode        : 1
19:12:24  Capture Dbg  ShowInfo            : 1
19:12:24  Capture Dbg  MultiFilesOn        : 0
19:12:24  Capture Dbg  FileDuration    (0) : 60
19:12:24  Capture Dbg  RingNumFiles    (0) : 0
19:12:24  Capture Dbg  AutostopFiles   (0) : 1
19:12:24  Capture Dbg  AutostopPackets (0) : 0
19:12:24  Capture Dbg  AutostopFilesize(0) : 1000 (KB)
19:12:24  Capture Dbg  AutostopDuration(0) : 60
19:12:24  Capture Dbg
Wireshark Created pipe =>(\\.\pipe\wireshark_extcap_20171116191224)
19:12:24  Capture Dbg  Extcap path C:\Program Files (x86)\Wireshark\extcap
19:12:24  Capture Dbg  ConnectNamedPipe code: 0
19:12:24  Capture Dbg  argv[0]: C:\Program Files (x86)\Wireshark\dumpcap.exe
19:12:24  Capture Dbg  argv[1]: -n
19:12:24  Capture Dbg  argv[2]: -i
19:12:24  Capture Dbg  argv[3]: \\.\pipe\wireshark_extcap_20171116191224
19:12:24  Capture Dbg  argv[4]: -Z
19:12:24  Capture Dbg  argv[5]: 9272
19:12:24     Main Dbg  Callback: capture prepared
19:12:24          Dbg  FIX: capture_info_ui_create
19:12:24  Capture Dbg  read 5 ok indicator: F len: 106 msg: C:\Users\ssfang\AppData\Local\Temp\wireshark_wireshark_extca
p_20171116191224_20171116191224_a10352.pcapng
19:12:24  Capture Msg  Capture started
19:12:24  Capture Msg  File: "C:\Users\ssfang\AppData\Local\Temp\wireshark_wireshark_extcap_20171116191224_2017111619122
4_a10352.pcapng"
19:12:24     Main Dbg  Callback: Opened
19:12:24     Main Dbg  Callback: capture update started
19:12:24  Capture Dbg  read 5 ok indicator: D len: 2 msg: 0
19:12:24  Capture Info 0 packets dropped
19:12:24  Capture Dbg  read from pipe 5: EOF (capture closed?)
19:12:24  Capture Dbg  read 5 got an EOF
19:12:24  Capture Dbg  sync_pipe_wait_for_child: wait till child closed
19:12:24  Capture Dbg  sync_pipe_wait_for_child: capture child closed after 0.000s
19:12:24  Capture Dbg  sync_pipe_input_cb: cleaning extcap pipe
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Cleaning up fifo: \\.\pipe\wireshark_extcap_20171116
191224; PID: 732
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Closing pipe
19:12:24  Capture Dbg  Extcap [android-wifi-tcpdump-71UBBLF22BJQ] - Closing spawned PID: 732
19:12:24  Capture Msg  Capture stopped.

And then the second dialog pops up.

---------------------------

---------------------------
No packets captured.
---------------------------
As no data was captured, closing the temporary capture file.

Help about capturing can be found at

       https://wiki.wireshark.org/CaptureSetup

Wireless (Wi-Fi/WLAN):
Try to switch off promiscuous mode in the Capture Options.
---------------------------
OK   
---------------------------

When I execute androiddump.exe and dumpcap.exe:

• C:\Program Files (x86)\Wireshark> "C:\Program Files (x86)\Wireshark\extcap\androiddump.exe" --capture --extcap-interface android-wifi-tcpdump-71UBBLF22BJQ --fifo \.\pipe\wireshark_extcap_20171117112149
  it gives "ERROR: Cannot save dump file".

• C:\Program Files (x86)\Wireshark> "C:\Program Files (x86)\Wireshark\dumpcap.exe" -n -i \.\pipe\wireshark_extcap_20171117112149 -Z 4400
  it gives nothing.

Is this about root permision? but In fact, after setting up a tcpdump script with root, root at home, it still doesn't work cannot show any interfaces about android. However, when compared to my company PC, the latter also shows interfaces about android logcat, WIFI... without this tcpdump script (but Error by extcap pipe: ERROR: Broken socket connection.).

D:\ProgramFiles\Wireshark>adb shell
shell@m1note:/ $ tcpdump
tcpdump: (null): You don't have permission to capture on that device
(socket: Operation not permitted)
1|shell@m1note:/ $ which tcpdump
/system/xbin/tcpdump
shell@m1note:/ $ ll /system/bin/tcpdump
/system/bin/tcpdump: No such file or directory
shell@m1note:/ $ su
root@m1note:/ # echo '#!/system/bin/sh\nsu -c "/system/xbin/tcpdump $*"' > /system/bin/tcpdump
root@m1note:/ # cat /system/bin/tcpdump
#!/system/bin/sh
su -c "/system/xbin/tcpdump $*"
root@m1note:/ # ls -l /system/bin/tcpdump
-rw-r----- root     root           49 2017-11-19 23:31 tcpdump
root@m1note:/ # chmod 6755 /system/bin/tcpdump
root@m1note:/ # ls -l /system/bin/tcpdump
-rwsr-sr-x root     root           34 2017-11-16 18:26 tcpdump
root@m1note:/ # mount -o ro,remount,ro /system
mount -o ro,remount,ro /system
root@m1note:/ # exit
shell@m1note:/ $ which tcpdump
/system/bin/tcpdump
shell@m1note:/ $ tcpdump -h
tcpdump version 4.5.1
libpcap version 1.5.2
Usage: tcpdump [-aAbdDefhHIJKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
                [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
                [ -i interface ] [ -j tstamptype ] [ -M secret ]
                [ -Q in|out|inout ]
                [ -r file ] [ -s snaplen ] [ -T type ] [ -V file ] [ -w file ]
                [ -W filecount ] [ -y datalinktype ] [ -z command ]
                [ -Z user ] [ expression ]
shell@m1note:/ $ tcpdump -D
activate_mmap...activate_mmap...activate_mmap...activate_mmap...1.wlan0
2.nflog (Linux netfilter log (NFLOG) interface)
3.nfqueue (Linux netfilter queue (NFQUEUE) interface)
4.p2p0
5.any (Pseudo-device that captures on all interfaces)
6.lo
shell@m1note:/ $ tcpdump -s0 -i any
activate_mmap...23:33:58.682083 IP 192.168.1.100.34652 > 1.2.3.4.www: Flags [.], ack 561217935, win 1369, options [nop,nop
,TS val 20609232 ecr 1143016662], length 0
23:33:59.591056 IP 192.168.1.100.10535 > 74.125.239.56.domain: 61737+ PTR? 100.1.168.192.in-addr.arpa. (44)
23:33:59.617806 IP 74.125.239.56.domain > 192.168.1.100.10535: 61737 NXDomain* 0/1/0 (79)
23:33:59.619580 IP 192.168.1.100.40402 > 74.125.239.56.domain: 57106+ PTR? 118.51.240.58.in-addr.arpa. (44)

PS: "activate_mmap..." will output to stderr. the result of tcpdump -h aslo outputs to stderr.