Wireshark-users: Re: [Wireshark-users] wireshark extract specific field

From: "paritosh kulkarni" <paritosh26@xxxxxxxxx>
Date: Fri, 29 Aug 2008 02:16:32 +0100
Hi Joan,
One more thing i wanted to know how can i get the connection status like rejected tcp connection, established tcp connection etc
 
 
 
cheers
pari

 
On 8/28/08, paritosh kulkarni <paritosh26@xxxxxxxxx> wrote:
Hi Joan,
This is hte command where i get error
I am using the same version as you Tshark 1.0.2
 
C:\Program Files\Wireshark>tshark -o column.format: ""No.", "%m", "Time", "%t",
"Source", "%s", "Destination", "%d", "srcport", "%uS", "dstport", "%uD", "Protoc
ol", "%p", "Len", "%L", "tcp.flags.ack", "%Cus:tcp.flags.ack", "tcp.flags.syn",
"%Cus:tcp.flags.syn"" -r 23.cap > d:\23.txt
tshark: Invalid -o flag "column.format:"
I found the error..there were no "" on front of custom.format.
But i have one more question how do i have header in this file and change the time format
 
cheers
pari
 
On Thu, Aug 28, 2008 at 6:56 PM, <j.snelders@xxxxxxxxxx> wrote:
On Tue, 26 Aug 2008 paritosh kulkarni wrote:
>Thanks for the typo mistakes...but still i get this error message.
>I tried it without the flag fileds and it works but when i pit tcp.flags
command it gives me the error.

 
Hi Pari,

I really don't know, why you get the errors (and I don't).
Does somebody else have any idea?

Can you copy your commands and the errors?
I'll give it another go.

What version are you on?
I'm at TShark 1.0.2 (SVN Rev 25698).

Thnx
Joan




_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-users