how to retrieve packet information using wireshark commands

0

I have pcap file containing all the packets captured for certain duration.Given a packet type and tag number i have to get all the information of that tagged parameter from the command line.how to do this?

asked 01 Mar '12, 22:41

automation's gravatar image

automation
1223
accept rate: 0%

edited 02 Mar '12, 02:08

One Answer:
oldestnewestmost voted
0

Study tshark, of which the manual can be found here.

link

answered 02 Mar '12, 04:18

Jaap's gravatar image

Jaap ♦
6.0k568
accept rate: 11%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×468
×246
×65
×50
×50

Asked: 01 Mar '12, 22:41

Seen: 1,869 times

Last updated: 04 Mar '12, 22:53

Related questions

Filter for NO Response

DNS leak: Looking up own hostname with DNS queries

Capability of PCAP library to filter up to the ss7 application layer?

TShark: Capture and Display Filters for HTTP/HTTPS

Determining unique MAC and IP addresses in a PCAP

wireshark customisation

stream number for udp

Multi-file search

How to create analysed statistics like wireshark at commandline (with tshark or ...)

Filter multiple IPs

about | faq | privacy | support | contact

powered by OSQA