Thanks. Maybe this is another question:

I wrote a script to deal with multiple files as follows:

for file in 'datadir/*'
    tshark -r $file -R '(ip.addr eq 10.0.072 and ip.addr eq and (udp.port eq 65505 and udp.port eq 4005)' -T fields -e data | tr -d '\n' > $file.raw

if only 1 file in the datadir, i got one output file, but it fails if the files in datadir more than one.

Here is the message from system: tshark: Read filters were specified both with "-R" and with additional command-line arguments

Have i done something wrong?

Thanks for any hint.

asked 13 Jul, 19:24

converted to question 13 Jul, 22:42

Your answer has been converted to a question as that's how this site works. Please read the FAQ for more information.

(13 Jul, 22:43)

(13 Jul, 22:43) Jaap ♦

I guess your for loop is wrong: the file variable contains a list of all files.

Better run:

for file in `ls -1 datadir/*`

Furthermore, when calling tshark with '-R' you also have to use '-2' or use single-pass filtering with '-Y'

answered 14 Jul, 04:14

Well, as for me, the correct syntax would be

for file in datadir/*


for file in $(ls datadir/*)
(14 Jul, 08:46) sindy
Answers and Comments

