Wireshark-users: Re: [Wireshark-users] Simple GSM traffic monitoring

From: Johnny R <vasiana09@xxxxxxxxx>
Date: Fri, 8 Feb 2013 10:53:09 +0300
Hi Christopher,

thank you for your quick reply, I am using Wireshark 1.4.2  and running it on  FreeBSD 8.0-, I see both  all the packets printed on the screen and also written on file. The capture filter I am using is the same I was using on wireshark (and it worked there) , so I have no doubt that is correct.

Regards,



On Thu, Feb 7, 2013 at 7:39 PM, Christopher Maynard <Christopher.Maynard@xxxxxxxxx> wrote:
Johnny R <vasiana09@...> writes:

> Hi list,I am struggling right with tiny issue, actually, I am trying to get
the whole traffic on A interface, setup the right capture filter "ether host
00:1f:12:a3:48:3f " and everything is fine when using the gui (wireshark),but
when trying to capture the same traffic with tshark, nothing :'(   Below the
command I used
>                    "tshark -i em1  -f "ether host 00:1f:12:a3:48:3f "  -VVVVVV
-p -a filesize:10000 -w bssap_em1_$now.pcap".So my question is, since I am
little convinced that the above command is fine, is there a "real-time" issue
with tshark ?


First, what version of Wireshark are you using?

Is the problem that you don't see anything printed to the screen or that no
packets are being written to the capture file, or both?

Did you confirm that the Ethernet address is correct for the em1 interface?


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe



--
-----------------------------------------------------------------