Hi Stig Bjorlykke,
I want to display these values(the SMTP parameters such as FROM,TO,SUBJECT,DATE) in a
new dialog under the analyze menu. And the dialog displays these values from each SMTP packets displayed in the packet list pane.
Thanks alot for you help.
with best regards.
On Thu, May 1, 2008 at 1:37 AM, Stig Bjørlykke <
stig.bjorlykke@xxxxxxxxx> wrote:
On 30. april. 2008, at 09.44, goitom kahsay wrote:
> How can i extract the SMTP parameters such as FROM,TO,SUBJECT,DATE
> and ... from SMTP packets?
Hi.
I don't know where you want the output, but the SMTP dissector is
using the IMF dissector, so it's possible to use tshark to print the
values like this:
$ tshark -r smtp_data.pcap -e imf.from -e imf.to -e imf.subject -T
fields
Or you could simply dump all fields and do a grep, like this:
$ tshark -V -r smtp_data.pcap | egrep "Subject:|From:|To:|Date:"
--
Stig Bjørlykke
--
Benice2all