Wireshark-users: Re: [Wireshark-users] Print wireshark option from command

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Hashmat Khan" <hashmat.email@xxxxxxxxx>
Date: Tue, 16 Dec 2008 13:37:53 +0530
Thanks.
But how do I get this kind of output:
117.97.37.213         217.1.176.55          CLEARCASE 600      371       0x39de (14814)
117.97.37.213         202.56.250.5          DNS      2420     53        0x39df (14815)
117.97.37.213         255.255.255.255       DHCP     68       67        0x39e0 (14816)
117.97.37.213         202.56.250.6          DNS      2420     53        0x39e1 (14817)
117.97.37.213         202.56.250.5          DNS      2420     53        0x39e2 (14818)
117.97.37.213         202.56.250.5          DNS      2420     53        0x39e3 (14819)
117.97.37.213         202.56.250.6          DNS      2420     53        0x39e4 (14820)
117.97.37.213         255.255.255.255       DHCP     68       67        0x39e5 (14821)

I want to print any source ip followed by any dest ip followed by protocol type followed by src port, dest port and finally ip header identification. To start with I tried this:
tshark  -e ip.src -e ip.dst  -E separator=/s -T text -r my_dns.pcap

but it complained:
tshark: Output fields were specified with "-e", but "-Tfields" was not specified.

thanks,
Hashmat

On Mon, Dec 15, 2008 at 9:20 PM, Abhik Sarkar <sarkar.abhik@xxxxxxxxx> wrote:
I think what you are looking for is already available in the form of
tshark. Try "Help > Manual Pages > tshark".

On Mon, Dec 15, 2008 at 6:13 PM, Hashmat Khan <hashmat.email@xxxxxxxxx> wrote:
> Hi,
>
> In the interface under File, we have Print.
>
> I want to run this from command prompt something like this:
> wireshark.exe -PRINT print_format example.pcap -output filename
>
> where print_format would give the format that is the File:Print options
> which include packet range and packet format etc.
>
> thank you,
> Hashmat
>
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe