https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4038
Summary: tshark cannot filter on SIP DNS OR DIAMETER messages
Product: Wireshark
Version: 1.0.8
Platform: Other
OS/Version: Linux (other)
Status: NEW
Severity: Normal
Priority: High
Component: TShark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: kk891r@xxxxxxx
CC: kk891r@xxxxxxx
Build Information:
TShark 1.0.8
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GLib 2.12.3, with libpcap 0.9.4, with libz 1.2.3, without POSIX
capabilities, with libpcre 6.6, with SMI 0.4.5,without ADNS, without Lua, with
GnuTLS 1.4.1, with Gcrypt 1.2.4, with MIT Kerberos.
Running on Linux 2.6.18-164.e15, with libpcap version 0.9.4.
Built using gcc 4.1.2 20080704 (Red Hat 4.1.2-44).
--
I'm trying to use tshark. This filter works well in version 0.99.4
% tshark -f <have a long string of IP's> -F libpcap -w Trace -a duration:30 -R
"sip || dns || diameter"
This captures ALL the messages including the SIP/DNS/DIAMETER in addition to
SCTP/M3UA/HSRP/TCP...
How do I select the Display filter to be ONLY SIP, DNS & DIAMETER?
thank you,
Kalpesh.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
