https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
--- Comment #13 from Sake <sake@xxxxxxxxxx> 2009-09-22 08:26:34 PDT ---
(In reply to comment #12)
> (In reply to comment #11)
> >
> > So what is the resolution? How do I get the same functionality as the previous
> > tshark version?
> >
> > Is this working in the newer release?
>
> The bug is still open, so there is no resolution yet.
>
> One workaround is, as mentioned, to do the display filtering in a post-capture
> run, though obviously that doesn't help you avoid writing all those unwanted
> packets to the disk in the first place.
Another workaround is to transform the display filter to a capture filter. The
command from your initial big-report could be transformed into:
tshark -f "(<have a long string of IP's>) and (udp port 5060 or udp port 53 or
tcp port 3868)" -F libpcap -w Trace -a duration:30
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
