Anthony Murabito wrote:
Hi All,
I am currently making some changes to some automation software that uses
tshark's output. My development has been primarily in a linux
environment and is tied to wireless lans. I have noticed that tsharks
default output is different between a windows & linux machine, and
essentially I am hoping to get the nice "Flags" bitmap that appears in
linux, to appear in windows.
For example, currently I am using
tshark -r (filename) -z proto,colinfo,frame.len,frame.len -z
proto,colinfo,wlan.bssid,wlan.bssid
here is the corresponding tshark output:
*(linux)*
34659 372.477882 OUI_05:02:a9 -> OUI_34:cb:0e IEEE 802.11 Data, SN=285,
FN=0, *Flags=.p.....TC* wlan.bssid == 00:00:00:79:37:70 frame.len == 408
*(windows)*
34659 372.477882 OUI_05:02:a9 -> OUI_34:cb:0e IEEE 802.11
Data,SN=285,FN=0 wlan.bssid == 00:15:70:79:37:70 frame.len == 408
What versions of Wireshark are you running? The "Flags" string was added
to the Info column in 2007, about 6 months before the 1.0 release.