Hello,
I am capturing high throughput traffic for a sufficiently long duration. Is there a way to delete first n number of frames from the memory? I do not need them after some number frames have been received after those n frames. I want to do this several times over the capture duration. This should not disturb the capturing and should not cause data loss. I am OK if this can be achieved through a Lua script.
I am already running tshark with Lua script that is dissecting further the TCP/UDP payload with a proprietary protocol. I can extend this Lua. My Lua needs to keep a few dissected fields as its own objects to complete the dissection. The Lua script also output pcapng files each with a calculated number of frames and this calculation is part of my Lua. Again my dissection and other tasks that Lua does should not be disturbed while clearing those n frames.
I do not use WireShark GUI as I do not need to view anything and no need to jump to old frames at all.
Regards PR
