Bug ID: 14491
           Summary: Dumpcap doesn't support a -Q flag
           Product: Wireshark
           Version: 2.4.2
          Hardware: x86
                OS: Windows 7
            Status: UNCONFIRMED
          Severity: Major
          Priority: Low
         Component: TShark
  Target Milestone: ---

Build Information:
C:\Program Files (x86)\Wireshark>"C:\Program Files (x86)\Wireshark\dumpcap.exe"
Dumpcap (Wireshark) 2.4.2 (v2.4.2-0-gb6c63ae086)
Capture network packets and dump them into a pcapng or pcap file.
See for more information.

Usage: dumpcap [options] ...

C:\Program Files (x86)\Wireshark>"C:\Program Files (x86)\Wireshark\tshark.exe"
TShark (Wireshark) 2.4.2 (v2.4.2-0-gb6c63ae086)
Dump and analyze network traffic.
See for more information.

Usage: tshark [options] ...

Dear reader,

grahamb answered: 
Dumpcap doesn't support a -Q flag, hence the error. Adding support to dumpcap
for that would require an Enhancement request on the Wireshark Bugzilla.

My question was:
I used the following line for getting the results in text file and it works
fine. i.e. No notification messages in the error channel.

"C:\Program Files (x86)\Wireshark\tshark.exe" -Q -P -i 4 -Y
"ip.dst==" -V -S 5%%%5 > C:\temp\output.txt

When trying to get the results in a pcap file, I received notification messages
in the error channel.

"C:\\Program Files (x86)\\Wireshark\\dumpcap.exe" -i 4 -w - | "C:\\Program
Files (x86)\\Wireshark\\tshark.exe" -Q -P -r - -Y "ip.dst=="
-w "C:\\temp\\output.pcap"

Trying to add –P –Q to the first part yielded an error message saying:
“C:\Program Files (x86)\Wireshark\dumpcap.exe: invalid option -- 'Q'”

"C:\Program Files (x86)\Wireshark\dumpcap.exe" -Q -P -i 4 -w - | "C:\Program
Files (x86)\Wireshark\tshark.exe" -Q -P -r - -Y "ip.dst=="
-w "C:\temp\output.pcap" C:\Program Files (x86)\Wireshark\dumpcap.exe: invalid
option -- 'Q'

Is there a proper way of getting the captured packets into a pcap file without
any notification messages in the error channel?

(The double backslash is because I’m activating the command with python)

You are receiving this mail because:
You are watching all bug changes.
Sent via:    Wireshark-bugs mailing list <>

Reply via email to