On Fri, Jul 05, 2002 at 03:37:56PM +1000, Tino wrote:
> I followed one of Guy Harris's instruction from earlier post using the
> following command
>
> tethereal -r input -w output -R 'frame.time >= "Jul 4, 2001 15:48:34" and
> frame.time <=
> "Jul 4, 2002 15:25:00" and (ip.addr == 134.148.4.19 or ip.addr ==
> 137.111.13.32)'
>
> which generate the following error
>
> *** The parameter is incorrect. ***
As I remember, the Windows shell (whether its Windows OT's "command.com"
or Windows NT's "cmd.exe"), unlike the UNIX shell, doesn't support both
' and " as quotation characters.
In addition, you can't use ' as a quotation character in display
filters, so you can't do
tethereal -r input -w output -R "frame.time >= 'Jul 4, 2001 15:48:34'
and frame.time <= 'Jul 4, 2002 15:25:00' and
(ip.addr == 134.148.4.19 or ip.addr == 137.111.13.32)"
You'd either have to
1) install Cygwin and use Cygwin's shell (which is bash, and
Bourne-shell compatible, so it supports both ' and " as
quotation characters), or get some other shell that supports
both ' and " as quotation characters
or
2) do it with Ethereal, by reading in the capture file,
filtering it with
frame.time >= "Jul 4, 2001 15:48:34" and
frame.time <= "Jul 4, 2002 15:25:00" and
(ip.addr == 134.148.4.19 or ip.addr == 137.111.13.32)
as a display filter, and saving the displayed frames
or
3) find some other way (e.g., writing your own program, or using
some scripting language) to run Tethereal with the
appropriate arguments.