Re: Help in displaying specific columns

[Sake Blok <sake () euronet nl>]

On 21 sep 2010, at 08:54, yuva raj wrote:

> Can -z option could be of any help?  Because we have been using tethereal for a longer time.  We prefer not to 
> discontinue it.  Please help me in this regard.  Atleast if possible, please provide examples for using -z option.

tshark has all the functionality of tethereal (it is the same code but under a different name due to trademark 
ownership by Gerald's previous employer). 

(See:  http://netsecurity.about.com/od/securitytoolprofiles/p/wireshark.htm )


There are possibilities to use -z to display specific columns, but only the ones that tethereal provides. ip.ttl and 
ip.frag_offset are not among them. For those you need custom columns, which is a feature added to tethereal after the 
name has been changed to tshark.

The only way to extract those fields IMHO is to output the whole tree with -V or -T pdml and parse the output with a 
script. But I would really go for the tshark option...

Cheers,

Sake

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe