Tshark

Aus xinux.net

Version vom 24. September 2019, 09:38 Uhr von Thomas.will (Diskussion | Beiträge) (→‎With separator,quotet and header)

(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)

Zur Navigation springen Zur Suche springen

Print a list of the interfaces on which TShark can capture

tshark -D

Capture all traffic on vmbr1

tshark -i vmbr1

Capture icmp traffic on vmbr1

tshark -i vmbr1 icmp

Show only the frame numbers

tshark -i vmbr1 -T fields -e frame.number icmp and host 10.81.1.1

Show frame numbers,time_relative, ip src and ip.dst

tshark -i vmbr1 -T fields -e frame.number -e frame.time_relative -e ip.src -e ip.dst icmp and host 10.81.1.1

With separator,quotet and header

tshark -i vmbr1 -T fields -e frame.number -e frame.time_relative -e ip.src -e ip.dst -E separator=, -E quote=d -E header=y icmp and host 10.81.1.1

Show mail traffic as text

tshark -i vmbr1 -T text port 25

Abgerufen von „https://xinux.net/index.php?title=Tshark&oldid=18554“