Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Extracting filter

From: Dario Lombardo <dario.lombardo.ml () gmail com>
Date: Thu, 5 Apr 2018 11:02:29 +0200
That's great, it's exactly what I was looking for. Thanks!

On Thu, Apr 5, 2018 at 9:06 AM, Pascal Quantin <pascal.quantin () gmail com>
wrote:


Hi Dario,

2018-04-05 8:57 GMT+02:00 Dario Lombardo <dario.lombardo.ml () gmail com>:


Hi
I need to extract all the display filters to have a list with

<proto> <filter> <type>

example

dns dns.a6.address_suffix FT_IPv6
dns dns.a6.prefix_len FT_UINT8
dns dns.a6.prefix_name FT_STRING
dns dns.aaaa FT_IPv6
dns dns.afsdb.hostname FT_STRING
dns dns.afsdb.subtype FT_UINT16
dns dns.a FT_IPv4
dns dns.apl.address_family FT_UINT16
dns dns.apl.afdlength FT_UINT8
dns dns.apl.afdpart.data FT_BYTES

I've already done it by monkey patching tshark, but I was wondering if
there is a way to do that without changing the code.
Any suggestion?



You can try parsing the output of tshark -G fields.

Pascal.

____________________________________________________________
_______________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=
unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: