Ask Your Question
0

Starting wireshark with a particular column ordered?

asked 2020-08-24 12:39:31 +0000

Ankur Satle gravatar image

When invoked, wireshark displays packets in arrival order i.e. ordered by packet_num. I would like to invoke wireshark such that it starts displaying packets in order w.r.t. a particular column as it receives them. The wireshark is going to receive pcap-ng packets from a pipe.

Current command:

$ wireshark -r in_pipe

Desired command:

$ wireshark -r in_pipe display_order:absolute_timestamp

Is there a facility that allows us to do this?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-08-24 19:24:39 +0000

Guy Harris gravatar image

Can you change the program that sends packets over the pipe to send them in packet time stamp order? That would render such an option unnecessary, as sorting by time stamp will be the same as sorting them in arrival order.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2020-08-24 12:39:31 +0000

Seen: 72 times

Last updated: Aug 24