editcap: add capture-file comments to output file

Add the `--capture-comment "comment"` option for appending pcapng
comments to the SHB of the output file(s).

Add the `--discard-capture-comment` option for removing pcapng comments
present in the input file SHB(s) before writing to the output file(s).

Supports multiple comments per SHB. Noted in the documentation that
Wireshark itself doesn't support multiple comments.

Bug: 15033
Change-Id: If07a4e7a93505438639018783a11343cd5992f2a
Reviewed-on: https://code.wireshark.org/review/38074
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

1 files changed, 17 insertions, 0 deletions

diff --git a/doc/editcap.pod b/doc/editcap.pod
index 767697ff36..f8ba57990f 100644
--- a/doc/editcap.pod
+++ b/doc/editcap.pod
@@ -30,6 +30,8 @@ S<[ B<-T> E<lt>encapsulation typeE<gt> ]>
 S<[ B<-v> ]>
 S<[ B<--inject-secrets> E<lt>secrets typeE<gt>,E<lt>fileE<gt> ]>
 S<[ B<--discard-all-secrets> ]>
+S<[ B<--capture-comment> E<lt>commentE<gt> ]>
+S<[ B<--discard-capture-comment> ]>
 I<infile>
 I<outfile>
 S<[ I<packet#>[-I<packet#>] ... ]>
@@ -360,6 +362,21 @@ Discard all decryption secrets from the input file when writing the
 output file.  Does not discard secrets added by B<--inject-secrets> in
 the same command line.
 
+=item --capture-comment E<lt>commentE<gt>
+
+Adds the given comment to the Section Header Block (SHB) of the pcapng
+output file. New comments will be added I<after> any comments present in the
+input file unless B<--discard-capture-comment> is also specified.
+
+This option may be specified multiple times. Note that Wireshark currently only
+recognizes the first comment of a capture file.
+
+=item --discard-capture-comment
+
+Discard all capture file comments from the input file when writing the output
+file. Does not discard comments added by B<--capture-comment> in the same
+command line.
+
 =back
 
 =head1 EXAMPLES