Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: [Wireshark-users] Automating TCP stream extraction

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: "Nick Chorley" <nick.chorley@xxxxxxxxx>
Date: Wed, 1 Aug 2007 08:37:07 +0100

Hi,

Wireshark's "Follow TCP stream" feature is quite useful to me and I'm wondering if there is any way to "automate" this process and write stream data to files. I am easily able to create filtering rules like "(ip addr eq 192.168.2.1 and ip addr eq 192.168.2.5) and (tcp.port eq 80 and tcp.port eq 5022)" and what I would like to do is have a list of these and be able to go trough each rule in the list, apply it and dump the stream output to a file. Is this at all possible with Wireshark or is there any other tool I can use to do this?

Regards,

Nicky Chorley
  • Follow-Ups:
    • Re: [Wireshark-users] Automating TCP stream extraction
      • From: Sake Blok
  • Next by Date: Re: [Wireshark-users] Automating TCP stream extraction
  • Next by thread: Re: [Wireshark-users] Automating TCP stream extraction
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation