Hi,
One way or the other you'll have to script it.
Take the tshark -V output, pull it through awk/sed/perl/<your favorite
tool>
to see where your protocol output starts (check lines starting at
start-of-line
for your protocol name) and go from there (until empty line).
Thanks,
Jaap
On Tue, 14 Dec 2010 06:11:39 +0100, Andreas <AndreasSander1@xxxxxxx>
wrote:
> Am 13.12.2010 23:52, schrieb didier:
>>> tshark -V -r sample_file.pcap
>>>
>>> Unfortunately I get the whole tree. I failed to specify that only my
>>> dissector's output is reported.
>>>
>>> How can I limit the output to one protocol level. As an example the TCP
>>> level would be great (without IP, Ethernet, Frame)?
>> tshark -T pdml -r file.pcap
>> and filter the xml output ?
>
> Thanks. But this would also include all other protocols. But since I
> have to parse XML I have to "filter" anyway. So I need an XML libray to
> do this...
>
> --
> Andy
