SYNOPSIS

captype <infile> …​

captype -h|--help

captype -v|--version

DESCRIPTION

Captype is a program that opens one or more capture files and prints the capture file type of each <infile>.

Captype is able to detect and read the same capture files that are supported by Wireshark. The input files don’t need a specific filename extension; the file format and an optional gzip, zstd or lz4 compression will be automatically detected. Near the beginning of the DESCRIPTION section of wireshark(1) or https://www.wireshark.org/docs/man-pages/wireshark.html is a detailed description of the way Wireshark handles this, which is the same way Captype handles this.

OPTIONS

-h|--help

Print the version number and options and exit.

-v|--version

Print the full version information and exit.

DIAGNOSTIC OPTIONS

--log-level <level>

Set the active log level. Supported levels in lowest to highest order are "noisy", "debug", "info", "message", "warning", "critical", and "error". Messages at each level and higher will be printed, for example "warning" prints "warning", "critical", and "error" messages and "noisy" prints all messages. Levels are case insensitive.

--log-fatal <level>

Abort the program if any messages are logged at the specified level or higher. For example, "warning" aborts on any "warning", "critical", or "error" messages.

--log-domains <list>

Only print messages for the specified log domains, e.g. "GUI,Epan,sshdump". List of domains must be comma-separated. Can be negated with "!" as the first character (inverts the match).

--log-debug <list>

Force the specified domains to log at the "debug" level. List of domains must be comma-separated. Can be negated with "!" as the first character (inverts the match).

--log-noisy <list>

Force the specified domains to log at the "noisy" level. List of domains must be comma-separated. Can be negated with "!" as the first character (inverts the match).

--log-fatal-domains <list>

Abort the program if any messages are logged for the specified log domains. List of domains must be comma-separated.

--log-file <path>

Write log messages and stderr output to the specified file.

SEE ALSO

pcap(3), wireshark(1), mergecap(1), editcap(1), tshark(1), dumpcap(1), capinfos(1), pcap-filter(7) or tcpdump(8)

NOTES

Captype is part of the Wireshark distribution. The latest version of Wireshark can be found at https://www.wireshark.org.

HTML versions of the Wireshark project man pages are available at https://www.wireshark.org/docs/man-pages.

AUTHORS

Original Author

Ian Schorr <ian[AT]ianschorr.com>

Contributors

Gerald Combs <gerald[AT]wireshark.org>
Jim Young <jyoung[AT]gsu.edu>