Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Various problems with tshark

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Date: Mon, 31 Aug 2015 09:26:25 +0200


2015-08-31 9:05 GMT+02:00 Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>:


On Mon, Aug 31, 2015 at 8:17 AM, Pascal Quantin <pascal.quantin@xxxxxxxxx> wrote:
Hi Jörg,

2015-08-31 5:34 GMT+02:00 Joerg Mayer <jmayer@xxxxxxxxx>:
When using tshark from head I have a bunch of problems right now:

1) stderr is getting spammed with
(process:9870): Capture-WARNING **: Dissector stp incomplete in frame 41915: undecoded byte number 57 (0x0030+9)

You seem to have activated the prefs.enable_incomplete_dissectors_check. Simply go to Preferences -> Protocols and uncheck "Look for incomplete dissectors".
It is (normally) disabled by default
https://code.wireshark.org/review/#/c/6978/
 
 
2) -T fields -e _ws.col.info isn't working (empty column), both with and without -V

The right field name is _ws.col.Info

typo ?

I don't think so: the column itself is named "Info", not "info". The field generated uses the name of the column, as configured in your Wireshark preference file.
 
Cheers,
Pascal.

3) Some of my .vwr captures seem to only decode in tshark (with and without -V) but
   don't decode with -2 or in wireshark (I'll open a proper bug for this once I have more
   info). Btw, how can I convert .vwr files to pcapng? Both Save and Save As are greyed out.

Thanks
   Jörg
--
Joerg Mayer                                           <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube