Wireshark · Wireshark-dev: Re: [Wireshark-dev] extracting and saving tcp stream

Wireshark-dev: Re: [Wireshark-dev] extracting and saving tcp stream

From: Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx>

Date: Thu, 13 Jan 2011 09:14:16 -0700

On Thu, Jan 13, 2011 at 01:39:43PM +0100, Wojciech Jędruch wrote:

> I got 1500 streams in 1500 files (one stream per file). I want to 
> 'follow tcp stream' and then 'save it' (same as here: 
> http://www.wireshark.org/docs/wsug_html/#ChAdvFollowTCPSection but for 
> 1500 files ) . How to automate that process ? Is there any possibilty 
> ? maybe by writing lua plugin ? I'm working on linux, so i have tried 
> to use 'tcpflow' but some of files generated by it are different than 
> using wireshark and saving stream, so i want to stick with wireshark.

The only way to "Follow TCP Stream" right now is from the Wireshark GUI.  
It shouldn't be too difficult to extend it into tshark or similar 
though.

References:
- [Wireshark-dev] extracting and saving tcp stream
  - From: Wojciech Jędruch

Prev by Date: [Wireshark-dev] buildbot failure in Wireshark (development) on OSX-10.5-PowerPC
Next by Date: Re: [Wireshark-dev] ew function(s) proto_tree_new_item_get_val_..()
Previous by thread: [Wireshark-dev] extracting and saving tcp stream
Next by thread: [Wireshark-dev] AVDTP dissector
Index(es):
- Date
- Thread