Hello to everybody, firstly im sorry, my english is quite bad.
I've got this problem trying to use tshark:
I can capture with -x the next capture format:
1 0.000000
148.204.242.253 ->
255.255.255.255 UDP Source port: 17110 Destination port: 17110
0000 ff ff ff ff ff ff 00 0e a6 9a 5e 09 08 00 45 00 ..........^...E.
0010 00 50 ad a8 00 00 80 11 05 2b 94 cc f2 fd ff ff .P.......+......
0020 ff ff 42 d6 42 d6 00 3c 31 b1 00 58 4d 43 01 00 ..B.B..<1..XMC..
0030 d2 49 00 00 00 00 00 00 00 00 20 00 f0 03 5b 53 .I........ ...[S
0040 45 53 5f 53 45 45 4b 5d 00 00 17 61 00 63 e7 04 ES_SEEK]...a.c..
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ..............
I will only use the headers of this capture, is there a way to capture something like this with tshark instead the capture above? some kind of filter?
1 0.000000
148.204.242.253 ->
255.255.255.255 UDP Source port: 17110 Destination port: 17110
0000 ff ff ff ff ff ff 00 0e a6 9a 5e 09 08 00 45 00 ..........^...E.
0010 00 50 ad a8 00 00 80 11 05 2b 94 cc f2 fd ff ff .P.......+......
0020 ff ff 42 d6 42 d6 00 3c 31 b1 00 58 4d 43 01 00 ..B.B..<1..XMC..
0030 d2 49 00 00 00 00
I only need this info, because i only want to capture the protocols info, not the data.
Did you get my point?
--
DøµZêPêR TêMøñ
Est Sularus oth Mithas
.:El Honor es Mi VIda:
http://douzepertemonius.blogspot.com/
