Wireshark-bugs: [Wireshark-bugs] [Bug 4038] New: tshark cannot filter on SIP DNS OR DIAMETER mes

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 21 Sep 2009 09:07:15 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4038

           Summary: tshark cannot filter on SIP DNS OR DIAMETER messages
           Product: Wireshark
           Version: 1.0.8
          Platform: Other
        OS/Version: Linux (other)
            Status: NEW
          Severity: Normal
          Priority: High
         Component: TShark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: kk891r@xxxxxxx
                CC: kk891r@xxxxxxx


Build Information:
TShark 1.0.8

Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.  
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GLib 2.12.3, with libpcap 0.9.4, with libz 1.2.3, without POSIX
capabilities, with libpcre 6.6, with SMI 0.4.5,without ADNS, without Lua, with
GnuTLS 1.4.1, with Gcrypt 1.2.4, with MIT Kerberos.

Running on Linux 2.6.18-164.e15, with libpcap version 0.9.4.

Built using gcc 4.1.2 20080704 (Red Hat 4.1.2-44).

--
I'm trying to use tshark.  This filter works well in version 0.99.4

% tshark -f <have a long string of IP's> -F libpcap -w Trace -a duration:30 -R
"sip || dns || diameter"

This captures ALL the messages including the SIP/DNS/DIAMETER in addition to
SCTP/M3UA/HSRP/TCP...

How do I select the Display filter to be ONLY SIP, DNS & DIAMETER?

thank you,
Kalpesh.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.