Wireshark mailing list archives
Re: newbie question, tshark input from stdin
From: Christopher Maynard <Christopher.Maynard () gtech com>
Date: Tue, 4 Feb 2014 15:22:30 +0000 (UTC)
Evan Huus <eapache@...> writes:
On Mon, Feb 3, 2014 at 5:43 PM, Christopher Maynard <Christopher.Maynard@...> wrote:Evan Huus <eapache <at> ...> writes:The -i flag is for specifying a network interface for live capture (eg eth0) and so doesn't accept "-" to signify stdin.The tshark man page[1] would disagree. I just tested this with 1.10.5 and it worked as documented:Whoops, yes, you're right, I made a false assumption.
Does anyone know why dumpcap, tshark and Wireshark read from a pipe using "-i -" and not "-r -"? It seems more intuitive to me to use "-r" than "-i" and it would match tcpdump's syntax[1]. I suppose either "-r -" or "-i -" could be allowed? - Chris [1]: http://www.tcpdump.org/tcpdump_man.html ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- newbie question, tshark input from stdin Lancashire, Pete (Feb 03)
- Re: newbie question, tshark input from stdin Evan Huus (Feb 03)
- Re: newbie question, tshark input from stdin Lancashire, Pete (Feb 03)
- Re: newbie question, tshark input from stdin Christopher Maynard (Feb 03)
- Re: newbie question, tshark input from stdin Evan Huus (Feb 03)
- Re: newbie question, tshark input from stdin Christopher Maynard (Feb 04)
- Re: newbie question, tshark input from stdin Jaap Keuter (Feb 05)
- Re: newbie question, tshark input from stdin Christopher Maynard (Feb 07)
- question about nas-eps cipher message damker (Feb 15)
- Re: question about nas-eps cipher message Pascal Quantin (Feb 15)
- Re: newbie question, tshark input from stdin Evan Huus (Feb 03)