Hello Pascal,
thanks for the quick response - solved my immediate problem ;-)
On Mon, Aug 31, 2015 at 08:17:44AM +0200, Pascal Quantin wrote:
> 2015-08-31 5:34 GMT+02:00 Joerg Mayer <jmayer@xxxxxxxxx>:
>
> > When using tshark from head I have a bunch of problems right now:
> >
> > 1) stderr is getting spammed with
> > (process:9870): Capture-WARNING **: Dissector stp incomplete in frame
> > 41915: undecoded byte number 57 (0x0030+9)
> >
>
> You seem to have activated the prefs.enable_incomplete_dissectors_check.
> Simply go to Preferences -> Protocols and uncheck "Look for incomplete
> dissectors".
Yes, I do, but I really expected that to be (similar to) expert items, not
some "spam" taht (optically) interfers with the normal output of tshark.
> > 2) -T fields -e _ws.col.info isn't working (empty column), both with and
> > without -V
> The right field name is _ws.col.Info
Sigh. Is _ws.* documented in one of the manpages? I couldn't find it. And the
only mention I could find (the tshark manpage) used a small 'i'.
Could we plese agree to either *always* use small letters or to make the
filter names case insensitive? Also:
=========
$ tshark -T fields -e asdf
** (process:13516): WARNING **: 'asdf' isn't a valid field!
tshark: Some fields aren't valid
$ tshark -T fields -e _ws.col.info
Capturing on 'Wi-Fi'
^C
21 packets captured
jmayer@newegg:~/firmatmp/salalah/WIP/tests/radius$ tshark -T fields -e _ws.col.asdf
Capturing on 'Wi-Fi'
=========
Should we try for a bit more consistency here?
Thanks again
Jörg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
