| Bug ID |
9575
|
| Summary |
"-T fields -e <field>" does only work for some fields
|
| Classification |
Unclassified
|
| Product |
Wireshark
|
| Version |
1.10.3
|
| Hardware |
x86-64
|
| OS |
Debian
|
| Status |
UNCONFIRMED
|
| Severity |
Normal
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Build Information:
TShark 1.10.3 (SVN Rev 53022 from /trunk-1.10)
Copyright 1998-2013 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GLib 2.36.4, with libpcap, with libz 1.2.8, with POSIX
capabilities (Linux), without libnl, with SMI 0.4.8, with c-ares 1.10.0, with
Lua 5.2, without Python, with GnuTLS 2.12.23, with Gcrypt 1.5.3, with MIT
Kerberos, with GeoIP.
Running on Linux 3.11-2-amd64, with locale de_AT.UTF-8, with libpcap version
1.5.2, with libz 1.2.8.
Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Built using gcc 4.8.2.
--
For bug 8511 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8511) I'd
like to get some information about a capture file.
I'm running "tshark -r <filename> -Tfields -e frame.time -e frame.file_off -e
frame.len -e frame.cap_len ..." but only some of the fields are working.
What I'd need is frame.file_off, but there's no output for that one ... neither
for frame.packet_flags or frame.md5_hash. The delimiting tabs are printed,
though.
I already looked at http://www.wireshark.org/docs/dfref/f/frame.html, and that
matches a just-checked out subversion trunk; my field names are correct.
You are receiving this mail because:
- You are watching all bug changes.
