Wireshark · Wireshark-users: [Wireshark-users] tshark: Read filters were specified both with "-R" and with additional command-lin

Wireshark-users: [Wireshark-users] tshark: Read filters were specified both with "-R" and with ad

From: Neil Fraser <cbr250@xxxxxxxxx>

Date: Sun, 30 Jan 2011 13:58:14 +1100

Hi,

I'm having an issue trying to extract certain calls from a dump I have already made with fairly specific criteria.

It appears it doesn't like my quotation marks I am using in my filter from wireshark. Im a novice at using tshark so i'll explain what im trying to achieve

input file : hammer2901b
output file: 0291400000
filter: sip.to.addr == "sip:[email protected]:5060" or sip.to.addr == "sip:[email protected]"

command I'm attempting to use in a linux environment:
tshark -r hammer2901b -w 0291400000 -R sip.to.addr == "sip:[email protected]:5060" or sip.to.addr == "sip:[email protected]"

output always remains as: tshark: Read filters were specified both with "-R" and with additional command-line arguments

Any advice greatly appreciated.

Regards,
Neil Fraser.

Follow-Ups:
- Re: [Wireshark-users] tshark: Read filters were specified both with "-R" and with additional command-line arguments
  - From: Alan Tu
- Re: [Wireshark-users] tshark: Read filters were specified both with "-R" and with additional command-line arguments
  - From: Sake Blok

Prev by Date: Re: [Wireshark-users] tcp.time_delta column with tshark
Next by Date: Re: [Wireshark-users] tshark: Read filters were specified both with "-R" and with additional command-line arguments
Previous by thread: Re: [Wireshark-users] how to analyze udp streams of skype chat
Next by thread: Re: [Wireshark-users] tshark: Read filters were specified both with "-R" and with additional command-line arguments
Index(es):
- Date
- Thread