Wireshark mailing list archives
Re: newbie question, tshark input from stdin
From: Christopher Maynard <Christopher.Maynard () gtech com>
Date: Mon, 3 Feb 2014 22:43:53 +0000 (UTC)
Evan Huus <eapache@...> writes:
The -i flag is for specifying a network interface for live capture (eg eth0) and so doesn't accept "-" to signify stdin.
The tshark man page[1] would disagree. I just tested this with 1.10.5 and it worked as documented: [user@host wireshark]$ capinfos -c file.pcap File name: file.pcap Number of packets: 300 [user@host wireshark]$ tshark -r file.pcap 2> /dev/null | wc -l 300 [user@host wireshark]$ cat file.pcap | tshark -i - 2> /dev/null | wc -l 300 [1]: http://www.wireshark.org/docs/man-pages/tshark.html ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- newbie question, tshark input from stdin Lancashire, Pete (Feb 03)
- Re: newbie question, tshark input from stdin Evan Huus (Feb 03)
- Re: newbie question, tshark input from stdin Lancashire, Pete (Feb 03)
- Re: newbie question, tshark input from stdin Christopher Maynard (Feb 03)
- Re: newbie question, tshark input from stdin Evan Huus (Feb 03)
- Re: newbie question, tshark input from stdin Christopher Maynard (Feb 04)
- Re: newbie question, tshark input from stdin Jaap Keuter (Feb 05)
- Re: newbie question, tshark input from stdin Christopher Maynard (Feb 07)
- question about nas-eps cipher message damker (Feb 15)
- Re: question about nas-eps cipher message Pascal Quantin (Feb 15)
- Re: newbie question, tshark input from stdin Evan Huus (Feb 03)