I've since done the work I needed to do manually, but for reference: is
there any way to have wireshark[1] produce output from following each
and every session in the capture file?
For instance, I was wanting to look at a large number of SMTP sessions.
I'd captured the traffic I wanted without problems but was not readily
able to output them as text without manually selecting a packet in the
interface, following that, then saving each individually[2] ...
I did briefly look at scripting something up using Perl's Net::PCap but
that seemed fairly low level on what wireshark already offered ...
Regards,
Malcolm
[1] or another of the utilities in the suite
[2] luckily I only had around 40 sessions I had captured, but it was
tedious ...
--
Malcolm Herbert This brain intentionally
mjch@xxxxxxxx left blank