I am not officially on the list, so I am not so sure where to go to reply to
this reply. I am basically trying to capture the payload of smtp packets i.e.
the mail message, and I am trying to capture the DNS responses where it shows
the domain name and IP address to which it resolved. I am loo
On Wed, Mar 26, 2008 at 04:06:50PM -0500, Mark Sass wrote:
> I am trying to extract fields from pcap files using tshark. I am
> currently using a format like this:
>
> tshark -r pcapfile -R "tcp.port eq xxx" -Tfields -e field1 -e field2
>
> I don't see the fields I wanted listed on the wiresha
All,
I am trying to extract fields from pcap files using tshark. I am currently
using a format like this:
tshark -r pcapfile -R "tcp.port eq xxx" -Tfields -e field1 -e field2
I don't see the fields I wanted listed on the wireshark display filter
reference listing, and when looking at the
