Though that does rely on Wireshark/tshark's output not changing. (E.g., if I currently match on FooBar and it changes to FooV2Bar because someone added V3 support, my text processing just broke!)
Jaap Keuter wrote: > Hi, > > Sure, output as textfile, postprocess with [perl, awk, your favorite]. > String together the strength of small powerful tools, instead of putting > all in one. > > Thanx, > Jaap > > On Mon, 13 Nov 2006, Sean WANG wrote: > >> Hi, >> >> I have a captured data file. How do I extract ONLY the info I am >> interested for each packet? I want the output file contain only (Source >> IP, Destination IP, Source Port, Destination Port, Protocol, Received >> Time). >> >> Is there any command of Ethereal that I can use? Or do you have any >> other suggestions? >> Thx a lot. >> >> Regards, >> Sean >> >> > > _______________________________________________ > Wireshark-users mailing list > [email protected] > http://www.wireshark.org/mailman/listinfo/wireshark-users > _______________________________________________ Wireshark-users mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-users
