Wireshark-users: Re: [Wireshark-users] Problem exporting data
From: Michael Monte <apoc1@xxxxxxxxxxx>
Date: Mon, 17 Nov 2008 19:59:08 -0500
Hi Steve,Thanks for responding, the file does not show up in there, I see various http/xml in there, and all of the soap requests and responses show up. However it seems wireshark does not see the other the transmitted data packets as a tar file and so it seems to ignore those. I have a feeling I will have to save a c array and write a program to do it. This shouldn't be too difficult but was hoping there was a quicker way to do it. Let me know if I can send anything to help.
Mike wireshark-users-request@xxxxxxxxxxxxx wrote:
Send Wireshark-users mailing list submissions to wireshark-users@xxxxxxxxxxxxx To subscribe or unsubscribe via the World Wide Web, visit https://wireshark.org/mailman/listinfo/wireshark-users or, via email, send a message with subject or body 'help' to wireshark-users-request@xxxxxxxxxxxxx You can reach the person managing the list at wireshark-users-owner@xxxxxxxxxxxxx When replying, please edit your Subject line so it is more specific than "Re: Contents of Wireshark-users digest..." Today's Topics: 1. Re: Problem exporting data (Stephen Fisher) 2. TCP Relative Sequence Options (Ekta Ahuja) 3. Re: TCP Relative Sequence Options (Sake Blok) ---------------------------------------------------------------------- Message: 1 Date: Sun, 16 Nov 2008 13:05:05 -0700 From: Stephen Fisher <stephentfisher@xxxxxxxxx> Subject: Re: [Wireshark-users] Problem exporting data To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx> Message-ID: <20081116200505.GA13476@shadow.local> Content-Type: text/plain; charset=us-ascii On Sun, Nov 16, 2008 at 01:51:25PM -0500, Michael Monte wrote:I am having problem export content data from traffic between a client and server. Basically the client uploads a file to a server and I want to grab the file out of the air.Try going to the File menu - Export - Objects - HTTP. The file should show up in there ready for saving. Let me know if this doesn't work.Steve ------------------------------ Message: 2 Date: Mon, 17 Nov 2008 17:37:36 +0530 From: "Ekta Ahuja" <ahuja.ekta@xxxxxxxxx> Subject: [Wireshark-users] TCP Relative Sequence Options To: wireshark-users@xxxxxxxxxxxxx Message-ID: <99dff9ed0811170407g4584cd8bx7d29334b56c737ba@xxxxxxxxxxxxxx> Content-Type: text/plain; charset="iso-8859-1" Hi All, Analysis of a data using Wireshark on Windows gives me an option of enabling/disabling (Under Edit->Preferences->Protocol->TCP) to enable/disable the TCP Relative Sequencing. Now If I have to use this option on my unix box (command Line). What Parameter do i need to append to enable this feature. e.g. <wireshark binary> -r < filename> -T psml -t ad should i append " -o tcp.seq:1 ". Kindly help. Thanks Ekta. -------------- next part -------------- An HTML attachment was scrubbed...URL: http://www.wireshark.org/lists/wireshark-users/attachments/20081117/9d51f52d/attachment.html------------------------------ Message: 3 Date: Mon, 17 Nov 2008 17:09:12 +0100 From: Sake Blok <sake@xxxxxxxxxx> Subject: Re: [Wireshark-users] TCP Relative Sequence Options To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx> Message-ID: <20081117160912.GA4137@xxxxxxxxxxxxxxx> Content-Type: text/plain; charset=us-ascii On Mon, Nov 17, 2008 at 05:37:36PM +0530, Ekta Ahuja wrote:Analysis of a data using Wireshark on Windows gives me an option of enabling/disabling (Under Edit->Preferences->Protocol->TCP) to enable/disable the TCP Relative Sequencing. Now If I have to use this option on my unix box (command Line). What Parameter do i need to append to enable this feature. e.g. <wireshark binary> -r < filename> -T psml -t ad should i append " -o tcp.seq:1 ".$ tshark -G currentprefs | grep "^tcp" tcp.summary_in_tree: TRUE tcp.check_checksum: FALSE tcp.desegment_tcp_streams: TRUE tcp.analyze_sequence_numbers: TRUE tcp.relative_sequence_numbers: TRUE tcp.track_bytes_in_flight: TRUE tcp.calculate_timestamps: TRUE tcp.try_heuristic_first: TRUE tcpencap.tcp.port: 10000 $ So, you could use -o "tcp.relative_sequence_numbers: TRUE" Cheers, Sake ------------------------------ _______________________________________________ Wireshark-users mailing list Wireshark-users@xxxxxxxxxxxxx https://wireshark.org/mailman/listinfo/wireshark-users End of Wireshark-users Digest, Vol 30, Issue 40 ***********************************************
- Follow-Ups:
- [Wireshark-users] Export Bytes using "tshark"
- From: Pierluigi Felici
- [Wireshark-users] Export Bytes using "tshark"
- Prev by Date: Re: [Wireshark-users] this traffic pattern indicates what?
- Next by Date: Re: [Wireshark-users] Problem exporting data
- Previous by thread: Re: [Wireshark-users] Problem exporting data
- Next by thread: [Wireshark-users] Export Bytes using "tshark"
- Index(es):