Re: Filter using command line

["Nutkins, Thomas" <tom.nutkins () siemens-enterprise com>]

This is the way I do it.....from a DOS prompt in Windows

"c:\Program Files\Wireshark\tshark.exe" -r 500MB_capture_file.cap -R "ip.addr==127.0.0.1" -w output_file_name.cap

Substitute 127.0.0.1 for your IP address.

Cheers,
Tom

________________________________
From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Boaz Galil
Sent: 10 March 2010 17:08
To: Community support list for Wireshark
Subject: [Wireshark-users] Filter using command line



Dear experts,
I have packet capture file that contains 500MB data.
I would like to filter specific traffic of specific IP address. Unfortunately when I open the wireshark GUI eventually 
the wireshark will crash (due to the fact that this is a big capture file).

I don't want to split the file to smaller files, is it possible to do the filter using command line?
Thanks in advance,



--
Boaz.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe