Robert Smith wrote:
I have two questions about wireshark usage:
1. In the wireshark->capture->options dialog there are possibilities to
define multiple capture files and condition when to switch to the next
one. For example by size, every 5 MB start to save to new log file. My
question is whether the same thing is possible to configure using
tshark from command line. As far as I know there is only option -w to
specify output file. So how to specify multiple output file using tshark?
See the "-b" option:
-b <capture ring buffer option>
Cause TShark to run in "multiple files" mode. In
"multiple files" mode, TShark will write to several
capture files. When the first capture file fills up,
TShark will switch writing to the next file and so on.
2. Ia m running wireshark under Linux Ubuntu 7.10 operating system. I
don't understand why but the Wireshark -> Preferences -> Protocols tab
is empty. I can't click on the plus sign next to word "Protocols" in the
Wireshark -> Preferences and open list of available protocols.
I tried to open Wireshark -. Preferences -> Protocols on my WindowsXP
computer and there I can see list of protocols (including IEEE 802.11)
without any problems. So it seems to me the problem is Ubuntu specific.
Could you advice what might be went wrong?
Hmmm, I don't have any good ideas about that.