Though that does rely on Wireshark/tshark's output not changing. (E.g.,
if I currently match on FooBar and it changes to FooV2Bar because
someone added V3 support, my text processing just broke!)
Jaap Keuter wrote:
Hi,
Sure, output as textfile, postprocess with [perl, awk, your favorite].
String together the strength of small powerful tools, instead of putting
all in one.
Thanx,
Jaap
On Mon, 13 Nov 2006, Sean WANG wrote:
Hi,
I have a captured data file. How do I extract ONLY the info I am
interested for each packet? I want the output file contain only (Source
IP, Destination IP, Source Port, Destination Port, Protocol, Received
Time).
Is there any command of Ethereal that I can use? Or do you have any
other suggestions?
Thx a lot.
Regards,
Sean
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users