Near the beginning of the DESCRIPTION section of wireshark ( 1 ) or https :// org / docs / man - pages / wireshark. The input file doesn ’ t need a specific filename extension the file format and an optional gzip, zstd or lz4 compression will be automatically detected. TShark is able to detect, read and write the same capture files that are supported by Wireshark. When run with the - r option, specifying a capture file from which to read, TShark will again work much like tcpdump, reading packets from the file and displaying a summary line on the standard output for each packet read. It will use the pcap library to capture traffic from the first available network interface and displays a summary line on the standard output for each received packet. Without any options set, TShark will work much like tcpdump. TShark ' s native capture file format is pcapng format, which is also the format used by Wireshark and various other tools. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. SYNOPSIS tshark tshark - G ĭESCRIPTION TShark is a network protocol analyzer. NAME tshark - Dump and analyze network traffic
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |