My command is: sudo tshark -b 256 -P -T fields -e frame.time_epoch -e ip.src -e ip.dst -e ip.proto -e ip.len -e col.Info -E separator=' ' -b filesize:65535 -b files:10 -w tshark_tmp What I am missing is the resolution of the name of the protocol. Since the default doesn't work, I am using a custom field parser that does almost the same thing. I want to parse the standard header outputs of tshark.
0 kommentar(er)
