Issue Description

I'm trying to pipe ecapture's pcap output to Wireshark for real-time analysis, but encountering compatibility issues.

Command attempted:

sudo ecapture gotls --elfpath=/usr/bin/ctr -m pcap -w /tmp/pipe | wireshark -k -i -

Error received:

Error message from child: "File type is neither a supported pcap nor pcapng format. (magic = 0x30395b1b)", "Please report this to the developers of the program writing to the pipe."

Current Limitation

ecapture's pcap mode only supports file output (-w filename) and doesn't support stdout output (-w - like tcpdump), which prevents direct piping to other tools.

Request

Is there a way to output pcap data to stdout for real-time streaming?

Similar to:

sudo ecapture gotls --elfpath=/usr/bin/ctr -m pcap -w - | wireshark -k -i -

This would enable integration with Wireshark and other network analysis tools that can read from stdin.

Use Case

I need to capture GoTLS traffic from the ctr command on a headless server and analyze it real-time with Wireshark GUI on a remote client.

Any guidance or alternative approaches would be appreciated. Thanks!