 | 1 | initial version |
I found two ways that seem to work:
1) pipe the output of one tshark ('-w -')to the input of a second tshark ('-r -'). The filtering can then be done in the first tshark with the '-Y <filter>' option and the script can be run in the second tshark.
2) Run tshark with '-2 -R <filter>'
