Tshark: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| (Eine dazwischenliegende Version desselben Benutzers wird nicht angezeigt) | |||
| Zeile 9: | Zeile 9: | ||
=Show frame numbers,time_relative, ip src and ip.dst= | =Show frame numbers,time_relative, ip src and ip.dst= | ||
*tshark -i vmbr1 -T fields -e frame.number -e frame.time_relative -e ip.src -e ip.dst icmp and host 10.81.1.1 | *tshark -i vmbr1 -T fields -e frame.number -e frame.time_relative -e ip.src -e ip.dst icmp and host 10.81.1.1 | ||
| + | =With separator,quotet and header= | ||
| + | *tshark -i vmbr1 -T fields -e frame.number -e frame.time_relative -e ip.src -e ip.dst -E separator=, -E quote=d -E header=y icmp and host 10.81.1.1 | ||
| + | =Show mail traffic as text= | ||
| + | *tshark -i vmbr1 -T text port 25 | ||
Aktuelle Version vom 24. September 2019, 09:38 Uhr
Print a list of the interfaces on which TShark can capture
- tshark -D
Capture all traffic on vmbr1
- tshark -i vmbr1
Capture icmp traffic on vmbr1
- tshark -i vmbr1 icmp
Show only the frame numbers
- tshark -i vmbr1 -T fields -e frame.number icmp and host 10.81.1.1
Show frame numbers,time_relative, ip src and ip.dst
- tshark -i vmbr1 -T fields -e frame.number -e frame.time_relative -e ip.src -e ip.dst icmp and host 10.81.1.1
With separator,quotet and header
- tshark -i vmbr1 -T fields -e frame.number -e frame.time_relative -e ip.src -e ip.dst -E separator=, -E quote=d -E header=y icmp and host 10.81.1.1
Show mail traffic as text
- tshark -i vmbr1 -T text port 25