https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14491
Bug ID: 14491
Summary: Dumpcap doesn't support a -Q flag
Product: Wireshark
Version: 2.4.2
Hardware: x86
OS: Windows 7
Status: UNCONFIRMED
Severity: Major
Priority: Low
Component: TShark
Assignee: bugzilla-ad...@wireshark.org
Reporter: avi_...@rad.com
Target Milestone: ---
Build Information:
C:\Program Files (x86)\Wireshark>"C:\Program Files (x86)\Wireshark\dumpcap.exe"
-h
Dumpcap (Wireshark) 2.4.2 (v2.4.2-0-gb6c63ae086)
Capture network packets and dump them into a pcapng or pcap file.
See https://www.wireshark.org for more information.
Usage: dumpcap [options] ...
C:\Program Files (x86)\Wireshark>"C:\Program Files (x86)\Wireshark\tshark.exe"
-h
TShark (Wireshark) 2.4.2 (v2.4.2-0-gb6c63ae086)
Dump and analyze network traffic.
See https://www.wireshark.org for more information.
Usage: tshark [options] ...
--
Dear reader,
grahamb answered:
Dumpcap doesn't support a -Q flag, hence the error. Adding support to dumpcap
for that would require an Enhancement request on the Wireshark Bugzilla.
My question was:
I used the following line for getting the results in text file and it works
fine. i.e. No notification messages in the error channel.
"C:\Program Files (x86)\Wireshark\tshark.exe" -Q -P -i 4 -Y
"ip.dst==172.17.231.50&&icmp" -V -S 5%%%5 > C:\temp\output.txt
When trying to get the results in a pcap file, I received notification messages
in the error channel.
"C:\\Program Files (x86)\\Wireshark\\dumpcap.exe" -i 4 -w - | "C:\\Program
Files (x86)\\Wireshark\\tshark.exe" -Q -P -r - -Y "ip.dst==172.17.231.50&&icmp"
-w "C:\\temp\\output.pcap"
Trying to add –P –Q to the first part yielded an error message saying:
“C:\Program Files (x86)\Wireshark\dumpcap.exe: invalid option -- 'Q'”
"C:\Program Files (x86)\Wireshark\dumpcap.exe" -Q -P -i 4 -w - | "C:\Program
Files (x86)\Wireshark\tshark.exe" -Q -P -r - -Y "ip.dst==172.17.231.50&&icmp"
-w "C:\temp\output.pcap" C:\Program Files (x86)\Wireshark\dumpcap.exe: invalid
option -- 'Q'
Is there a proper way of getting the captured packets into a pcap file without
any notification messages in the error channel?
(The double backslash is because I’m activating the command with python)
--
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe