Menu
I currently need to debug the communications between my application and the server. I have been able to capture the packets by launching the emulator with the tcpdump switch:
%emulator -tcpdump emulator.cap @MyDroid
The problem I have, is that I need to shutdown the emulator before I can open the emulator.cap file in Wireshark. Otherwise, Wireshark will complain that the capture is incomplete. This process is very very slow. I would like to be able to get a live view of the emulator.cap file in Wireshark.
It seems that this should be possible using pipes. I am doing my development on OS X and have tried Way 1 and Way 2 from this guide: http://wiki.wireshark.org/CaptureSetup/Pipes.
It at least allows me to view a snapshot of the capture, but I am not getting a view that updates in real time. Clicking the refresh button in Wireshark does not update the packets captured. I have to close and re-open Wireshark to get an update (which is way faster than relaunching the emulator).
What are the steps to view a live capture from the Android emulator in Wireshark on OS X?
868
Start by creating a named pipe and open Wireshark to read from it. Then, direct the emulator's tcpdump to write to that same named pipe. Wireshark appears to be sensitive to having things done in this order, otherwise it will complain about the libcap format.
Here are the commands:
%mkfifo /tmp/emulator
%wireshark -k -i /tmp/emulator &
%emulator -tcpdump /tmp/emulator @MyDroid
Update:
After using this for a little while, it seems to be brittle. I've had Wireshark complain about a packet, and the only way to recover was by going through all of these steps again. Is there a better/more robust solution?
176
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With