Wireshark mailing list archives
Re: Parsing openflow
From: Graham Bloice <graham.bloice () trihedral com>
Date: Wed, 15 Aug 2018 16:14:57 +0100
On Wed, 15 Aug 2018 at 16:04, Dario Lombardo <lomato () gmail com> wrote:
Try to right-click on the field you want to extract and choose "prepare a filter -> selected". In the upper part of wireshark a filter with the field you want will appear. That's the name of the field. However, if you used an invalid name before, tshark would tell you (tshark: Some fields aren't valid:). Remember that if a packet doesn't have that field, nothing will be printed. Make some practice with easier fields (I suggest ip.src) if you're not used to those tshark options.
No need to create a filter, select the field in the packet tree and look for the field name in the status bar in parenthesis.
On Wed, Aug 15, 2018 at 4:08 PM Avi Cohen (A) <avi.cohen () huawei com> wrote:Hi Dario I can easily create a file with the packets headers as a columns (the original headers of a pkt e.g eth ip tcp etc..) – but I need the TCP payload fields (which are the flow headers) For example I need to the surrounded fields in the picture below (or in the attached png), something like tshark –T fileds –e OpenFlow.of_match.eth_src This is probably incorrect syntax because it is not generate the required filed columns Best Regards Avi [image: cid:image002.png@01D434B8.690F8A80] *From:* Wireshark-dev [mailto:wireshark-dev-bounces () wireshark org] *On Behalf Of *Dario Lombardo *Sent:* Tuesday, 14 August, 2018 2:50 PM *To:* Developer support list for Wireshark *Subject:* Re: [Wireshark-dev] Parsing openflow Hi Avi Have a look at tshark and its -E and -e options. That could do the job. On Tue, Aug 14, 2018 at 1:19 PM Avi Cohen (A) <avi.cohen () huawei com> wrote: Hi I need to capture open-flow msgs (e.g FLOW_MOD to add new flows) from controller to vSwitch , And to generate e.g. a *file* which its rows are the captured flows and its columns are the flow header fields e.g. column 1 source-mac , column 2 dest-mac , column 3 source-IP etc.. - whenever a field is not relevant I can set the fields as FFFF (don't care) Also the action (actions) should be put in a column I need this file as an input to an algorithm that should manipulate these flows ? My question can I use the wireshark pkg for this purpose ? if yes what is the recommended way ? Best Regards Avi ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe -- Naima is online. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe-- Naima is online. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
-- Graham Bloice Software Developer Trihedral UK Limited
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Parsing openflow Avi Cohen (A) (Aug 14)
- Re: Parsing openflow Dario Lombardo (Aug 14)
- Re: Parsing openflow Avi Cohen (A) (Aug 14)
- Re: Parsing openflow Avi Cohen (A) (Aug 15)
- Re: Parsing openflow Dario Lombardo (Aug 15)
- Re: Parsing openflow Graham Bloice (Aug 15)
- Re: Parsing openflow Avi Cohen (A) (Aug 15)
- Re: Parsing openflow Shai Shapira (Aug 15)
- Re: Parsing openflow Avi Cohen (A) (Aug 15)
- Re: Parsing openflow Dario Lombardo (Aug 14)