Wireshark mailing list archives
Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack
From: Rikard Svenningsen <wireshark () svenningsen dk>
Date: Sun, 29 Nov 2009 10:57:04 +0100
Now I have tested on a Linux running DK languish as you stated would not work and you are right, running UK languish then it works fine. It seems to bee right about the decimal point being , and it wont work... even it's not on Windows. Thanks for your help. Best regards Rikard Svenningsen. 2009/11/29 j.snelders <j.snelders () telfort nl>
Hi Rikard, Do you use the , as decimal symbol? You have to use the . as decimal symbol. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2880 Please check Settings -> Control Pannel -> Regional And Language Options Regards Joan On Sun, 29 Nov 2009 00:05:28 +0100 Rikard wrote:Now I have tried this: tshark -r test_b_hour09.cap -q -zio,stat,120,"COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack","COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission" It gives this: =================================================================== IO Statistics Interval: 120.000 secs Column #0: | Column #0 Time |frames| bytes 000.000-120.000 2659 732369 120.000-240.000 8025 2373944 This is my version of tshark: TShark 1.2.2 Copyright 1998-2009 Gerald Combs <gerald () wireshark org> and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULARPURPOSE.Compiled with GLib 2.22.2, with libpcap 1.0.0, with libz 1.2.3.3, withPOSIXcapabilities (Linux), with libpcre 7.8, with SMI 0.4.8, with c-ares 1.6.0, with Lua 5.1, with GnuTLS 2.8.3, with Gcrypt 1.4.4, with MIT Kerberos, with GeoIP. Running on Linux 2.6.31-15-generic, with libpcap version 1.0.0, GnuTLS 2.8.3, Gcrypt 1.4.4. Built using gcc 4.4.1. It is running on Ubuntu 9.10 64 bits. version 2009/11/28 j.snelders <j.snelders () telfort nl>Hi Rikard, Try this one: $ tshark -r test.pcap -q -zio,stat,120,"COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack","COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission"=================================================================== IO Statistics Interval: 120.000 secs Column #0: COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack Column #1: COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission | Column #0 | Column #1 Time | COUNT | COUNT 000.000-120.000 12 4 =================================================================== Best regards Joan On Sat, 28 Nov 2009 14:23:20 +0100 Rikard Svenningsen wrote:Hi I am trying to use tshark for analysis of some tcp error on my network. I intent to use the following command: tshark -r FileToAnalyse -q -zio,stat,120,COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmissionThe command: tshark ....... tcp.analysis.retransmission is supposed tobeon one line to get it work. I tried: -z"io,stat,120,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission"and -z'io,stat,120,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission'and -zio,stat,120,COUNT\(tcp.analysis.retransmission\)tcp.analysis.retransmissionIf I use it just like this: -zio,stat,120,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmissionI get this: bash: syntax error near unexpected token `(' Only if I run the command in a DOS prompt in Windows, it will workfine.-zio,stat,120,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission-- Best regards Rikard Svenningsen Denmark___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
-- Med venlig hilsen Rikard Svenningsen Smalager 36 DK-7120
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack Rikard Svenningsen (Nov 28)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack j.snelders (Nov 28)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack Rikard Svenningsen (Nov 28)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack j.snelders (Nov 28)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack Rikard Svenningsen (Nov 29)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack Rikard Svenningsen (Nov 29)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack Jaap Keuter (Nov 29)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack Rikard Svenningsen (Nov 29)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack Jaap Keuter (Nov 29)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack Rikard Svenningsen (Nov 28)
- Re: regarding tshark option -z io, stat, COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack j.snelders (Nov 28)