I've recently gotten into the world of using TShark to acquire PCAPs. I once upon a time strictly used Wireshark and did it all manually. But I had created a parser that could dig through Wireshark PCAPs and output all the data. But now I'm seeing that my parser is insufficient to read TShark PCAPs due to some confusing stuff regarding the header. Then I saw that TShark has a -R/-r command that I guess can read back the file. But seemingly only the #of packets and their packet size.
What would be the appropriate command line combination to dump all (and ONLY) the good UDP raw data? Either into a file or into the command prompt (probably preferably a file). I was trying to read up on this and unfortunately, my dyslexia kicks in (My reading comprehension scores were garbage growing up).
Please and thank you!