Wireshark
the world's foremost network protocol analyzer
Wireshark-dev: Re: [Wireshark-dev] tethereal help
From: Peter Johansson <Peter.xc.Johansson@xxxxxxxxxxxx>
Date: Tue, 02 Jan 2007 16:49:03 +0100
aa aa wrote:
PLEASE for the life of me tell me what the heck i am doing wrong with this expression filtering!It might be because you have asked it to show all frames that have a push flag, even if it is not set.it's starting to drive me nuts over herei am trying to simply dump the full protocol tree for ONLY PUSH PACKETS, meaning, see NOTHING ELSE but the pushed protocol data, i don't want to see the ACKS/FINS/SYNS/etci have read your manuals and help files 5 times now tell me what is wrong with this expression i typed: tethereal -V -n -i 2 -R tcp.flags.pushi continue to see all the other garbage i mentioned when i see tcp traffic (acks/etc)why????????? i am on windows xpsp2 with tethereal version Tethereal 0.99.0 thank you please contact me! Mike Bickett
Try this: tethereal -V -n -i 2 -R tcp.flags.push==1 Regards, Peter
- References:
- [Wireshark-dev] tethereal help
- From: aa aa
- [Wireshark-dev] tethereal help
- Prev by Date: [Wireshark-dev] tethereal help
- Next by Date: Re: [Wireshark-dev] [Wireshark-commits] rev 20261: /trunk/ /trunk/doc/: Makefile.am /trunk/epan/: epan.c epan.h filesystem.c filesystem.h libwireshark.def plugins.c plugins.h proto.c proto.h /trunk/gtk/: about_dlg.c main.c /trunk/: dftest.c tshark.c
- Previous by thread: [Wireshark-dev] tethereal help
- Next by thread: Re: [Wireshark-dev] [Wireshark-commits] rev 20261: /trunk/ /trunk/doc/: Makefile.am /trunk/epan/: epan.c epan.h filesystem.c filesystem.h libwireshark.def plugins.c plugins.h proto.c proto.h /trunk/gtk/: about_dlg.c main.c /trunk/: dftest.c tshark.c
- Index(es):