This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

tshark command to add a non-default port to HTTP

0

i need to edit the preferences (i.e preferences->protocols->http in wireshark) to include a non default port in HTTP ports.What is the tshark command to change this preference.

asked 12 Mar '14, 02:47

vmoar's gravatar image

vmoar
16114
accept rate: 0%


One Answer:

1

From the tshark man page:

-o <preference>:<value>    
    Set a preference value, overriding the default value and any value read from a preference file. The argument to the option is a string of the form prefname:value, where prefname is the name of the preference (which is the same name that would appear in the preference file), and value is the value to which it should be set.

So, in your case you would use -o http.tcp.port:80,8080,nnnn where nnnn is your required port and you also list all other required http ports as the preference setting is a "range.".

Tip: The preference "name" is shown as a tooltip in the GUI when you hover over it (for protocol prefs).

answered 12 Mar '14, 03:07

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

Thank you.Its working:)

(12 Mar '14, 03:17) vmoar

If an answer has solved your issue, please accept the answer for the benefit of other users by clicking the checkmark icon next to the answer. Please read the FAQ for more information.

(12 Mar '14, 03:27) grahamb ♦

hi, if i need to change something that uses udp or any other protocol available in preferences(other than http) what would be the syntax

(12 Mar '14, 03:36) vmoar

Very similar, just find the preference name and tack it on as another -o option, e.g. for DNS, use -o dns.udp.ports:nnnn.

You can also open the preference file in a text editor and scan though it looking for preference names.

(12 Mar '14, 03:50) grahamb ♦

thank you.

(12 Mar '14, 03:58) vmoar

hi, is it possible to extract or view the value of these prefernces..i.e. the port numbers.

(12 Mar '14, 04:20) vmoar

We're on a roll here, they're all in the preferences file, -G currentprefs dumps them out.

(12 Mar '14, 04:35) grahamb ♦
showing 5 of 7 show 2 more comments