> This works for me:
> tshark -i3 -V -T text -f "tcp port 8888" -d "tcp.port==8888,http" -R
> http.request
> the -d "tcp.port==8888,http" is important because it tells tshark to
> dissect tcp port 8888 as HTTP. In your case, -i and the port will be
> different.
Thx.
It is strange...
My eth0 has the IP 192.168.16.23
I tried:
tshark -i eth0 -V -T text -f "tcp port 8880" -d "tcp.port==8880,http" -R http.request
and:
telnet 192.168.16.23 8880
GET / HTTP/1.0
telnet sends back my web page correctly; but tshark does not capture anything...
0 packets captured
If I remove the -f "..", it captures all the regular traffic from my firefox correctly, except my telnet 8880...
I tried port 80 and same problem...
Any idea?
Thx,
JD
