Wireshark-users: [Wireshark-users] Hello my friends
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: "Temo Macías" <temonumentum@xxxxxxxxx>
Date: Mon, 24 Nov 2008 11:39:29 -0600
Hello to everybody, firstly im sorry, my english is quite bad.

I've got this problem trying to use tshark:

I can capture with -x the next capture format:

  1   0.000000 148.204.242.253 -> 255.255.255.255 UDP Source port: 17110  Destination port: 17110

0000  ff ff ff ff ff ff 00 0e a6 9a 5e 09 08 00 45 00   ..........^...E.
0010  00 50 ad a8 00 00 80 11 05 2b 94 cc f2 fd ff ff   .P.......+......
0020  ff ff 42 d6 42 d6 00 3c 31 b1 00 58 4d 43 01 00   ..B.B..<1..XMC..
0030  d2 49 00 00 00 00 00 00 00 00 20 00 f0 03 5b 53   .I........ ...[S
0040  45 53 5f 53 45 45 4b 5d 00 00 17 61 00 63 e7 04   ES_SEEK]...a.c..
0050  00 00 00 00 00 00 00 00 00 00 00 00 00 00         ..............


I will only use the headers of this capture, is there a way to capture something like this with tshark instead the capture above? some kind of filter?

  1   0.000000 148.204.242.253 -> 255.255.255.255 UDP Source port: 17110  Destination port: 17110

0000  ff ff ff ff ff ff 00 0e a6 9a 5e 09 08 00 45 00   ..........^...E.
0010  00 50 ad a8 00 00 80 11 05 2b 94 cc f2 fd ff ff   .P.......+......
0020  ff ff 42 d6 42 d6 00 3c 31 b1 00 58 4d 43 01 00   ..B.B..<1..XMC..
0030  d2 49 00 00 00 00

I only need this  info, because i only want to capture the protocols info, not the data.

Did you get my point?




--
DøµZêPêR TêMøñ
Est Sularus oth Mithas  
.:El Honor es Mi VIda:

http://douzepertemonius.blogspot.com/