Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: Re: [Wireshark-users] Need filters

From: "David H. Lipman" <DLipman@xxxxxxxxxxx>
Date: Wed, 23 Jun 2010 18:59:55 -0400
From: "Guy Harris" <guy@xxxxxxxxxxxx>


| On Jun 23, 2010, at 2:53 PM, David H. Lipman wrote:

>> Command Line switches are not a god idea as this is only the beginning of filtering
>> out
>> process.

| If he uses a command to capture traffic, and you don't want the "Microsoft noise" in
| the capture file, command line switches are the *ONLY* idea.

>> Does TShark interpret a disk file with these directives ?

| To what directives are you referring?

"not udp port 137" and any other additions.
If there are many, command line options are untenable.  Loading and parsing an ASCII file 
would be the way to go.

-- 
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp