Re: extracting and saving tcp stream

[Stephen Fisher <steve () stephen-fisher com>]

On Thu, Jan 13, 2011 at 01:39:43PM +0100, Wojciech Jędruch wrote:

> I got 1500 streams in 1500 files (one stream per file). I want to 
> 'follow tcp stream' and then 'save it' (same as here: 
> http://www.wireshark.org/docs/wsug_html/#ChAdvFollowTCPSection but for 
> 1500 files ) . How to automate that process ? Is there any possibilty 
> ? maybe by writing lua plugin ? I'm working on linux, so i have tried 
> to use 'tcpflow' but some of files generated by it are different than 
> using wireshark and saving stream, so i want to stick with wireshark.

The only way to "Follow TCP Stream" right now is from the Wireshark GUI.  
It shouldn't be too difficult to extend it into tshark or similar 
though.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe