Wireshark - 1.0 Betriebsanweisung Seite 274
- Seite / 284
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
<output-filename> specifies output filename (use - for standard output)
[options] are one or more of the following
-h : Display this help message
-d : Generate detailed debug of parser states
-o hex|oct : Parse offsets as (h)ex or (o)ctal. Default is hex
-l typenum : Specify link-layer type number. Default is 1 (Ethernet).
See net/bpf.h for list of numbers.
-q : Generate no output at all (automatically turns off -d)
-e l3pid : Prepend dummy Ethernet II header with specified L3PID (in
HEX)
Example: -e 0x800
-i proto : Prepend dummy IP header with specified IP protocol (in
DECIMAL).
Automatically prepends Ethernet header as well.
Example: -i 46
-m max-packet : Max packet length in output, default is 64000
-u srcp,destp : Prepend dummy UDP header with specified dest and source ports
(in DECIMAL).
Automatically prepends Ethernet and IP headers as well
Example: -u 30,40
-T srcp,destp : Prepend dummy TCP header with specified dest and source ports
(in DECIMAL).
Automatically prepends Ethernet and IP headers as well
Example: -T 50,60
-s srcp,dstp,tag: Prepend dummy SCTP header with specified dest/source ports
and verification tag (in DECIMAL).
Automatically prepends Ethernet and IP headers as well
Example: -s 30,40,34
-S srcp,dstp,ppi: Prepend dummy SCTP header with specified dest/source ports
and verification tag 0. It also prepends a dummy SCTP DATA
chunk header with payload protocol identifier ppi.
Example: -S 30,40,34
-t timefmt : Treats the text before the packet as a date/time code; the
specified argument is a format string of the sort supported
by strptime.
Example: The time "10:15:14.5476" has the format code
"%H:%M:%S."
NOTE: The subsecond component delimiter must be specified
(.) but no pattern is required; the remaining number
is assumed to be fractions of a second.
-w <filename> Write the capture file generated by text2pcap to <filename>. The de-
fault is to write to standard output.
-h Display the help message
-d Displays debugging information during the process. Can be used
multiple times to generate more debugging information.
-q Be completely quiet during the process.
-o hex|oct Specify the radix for the offsets (hex or octal). Defaults to hex. This
corresponds to the -A option for od.
-l Specify the link-layer type of this packet. Default is Ethernet(1). See
net/bpf.h for the complete list of possible encapsulations. Note that
this option should be used if your dump is a complete hex dump of
an encapsulated packet and you wish to specify the exact type of en-
capsulation. Example: -l 7 for ARCNet packets.
-e l3pid Include a dummy Ethernet header before each packet. Specify the
L3PID for the Ethernet header in hex. Use this option if your dump
has Layer 3 header and payload (e.g. IP header), but no Layer 2 en-
capsulation. Example: -e 0x806 to specify an ARP packet.
For IP packets, instead of generating a fake Ethernet header you can
also use -l 12 to indicate a raw IP packet to Wireshark. Note that -l
12 does not work for any non-IP Layer 3 packet (e.g. ARP), whereas
generating a dummy Ethernet header with -e works for any sort of L3
Related command line tools
259
- Wireshark User's Guide 1
- Table of Contents 4
- 1. Foreword 9
- 3. Acknowledgements 11
- 4. About this document 12
- Chapter 1. Introduction 16
- 1.1.6. Many protocol decoders 17
- 1.1.7. Open Source Software 17
- 1.1.8. What Wireshark is not 18
- 1.2. System Requirements 19
- 1.2.3. Unix / Linux 20
- 1.3. Where to get Wireshark? 21
- Wireshark 23
- 1.6.1. Website 24
- 1.6.2. Wiki 24
- 1.6.3. FAQ 24
- 1.6.4. Mailing Lists 24
- 1.6.5. Reporting Problems 25
- Introduction 27
- Download all required files! 29
- 2.8.1. Install Wireshark 36
- 2.8.1.4. Command line options 37
- 2.8.3. Update Wireshark 38
- 2.8.4. Update WinPcap 38
- 2.8.5. Uninstall Wireshark 38
- 2.8.6. Uninstall WinPcap 39
- Chapter 3. User Interface 41
- 3.2. Start Wireshark 42
- 3.3. The Main window 43
- 3.3.1. Main Window Navigation 44
- 3.4. The Menu 45
- Table 3.2. File menu items 46
- Table 3.3. Edit menu items 49
- Table 3.4. View menu items 51
- 3.8. The "Go" menu 55
- Table 3.6. Capture menu items 57
- Table 3.7. Analyze menu items 59
- Table 3.9. Tools menu items 64
- Table 3.10. Help menu items 65
- 3.19. The Statusbar 74
- User Interface 76
- 4.1. Introduction 77
- 4.2. Prerequisites 78
- 4.3. Start Capturing 79
- 4.5.1. Capture frame 82
- 4.5.2. Capture File(s) frame 84
- 4.5.3. Stop Capture... frame 84
- 4.5.4. Display Options frame 85
- 4.5.5. Name Resolution frame 85
- 4.5.6. Buttons 85
- Microsoft Windows only 86
- 4.8. Link-layer header type 89
- Capturing Live Network Data 92
- Printing 96
- 5.2. Open capture files 97
- 5.2.2. Input File Formats 99
- 5.3. Saving captured packets 101
- 5.3.2. Output File Formats 103
- 5.4. Merging capture files 105
- 5.5. File Sets 107
- 5.6. Exporting data 109
- File" dialog box 110
- 5.7. Printing packets 115
- 5.8. The Packet Range frame 117
- 5.9. The Packet Format frame 118
- Working with captured packets 121
- 6.2. Pop-up menus 122
- 6.4.1. Display filter fields 129
- 6.4.2. Comparing values 129
- 6.4.3. Combining expressions 131
- 6.4.4. A common mistake 132
- Warning! 135
- 6.8. Finding packets 138
- 6.9. Go to a specific packet 140
- 6.10. Marking packets 141
- Chapter 7. Advanced Topics 145
- 7.2. Following TCP streams 146
- 7.3. Expert Infos 148
- 7.3.1.3. Protocol 149
- 7.3.1.4. Summary 149
- 7.3.2.2. Details tab 150
- 7.4. Time Stamps 151
- 7.5. Time Zones 153
- 7.6. Packet Reassembling 156
- 7.7. Name Resolution 158
- 7.8. Checksums 160
- 7.8.2. Checksum offloading 161
- Advanced Topics 162
- Chapter 8. Statistics 163
- Statistics 164
- 8.4. Conversations 168
- 8.5. Endpoints 170
- 8.7. WLAN Traffic Statistics 174
- 8.8. Service Response Time 175
- 9.1. Introduction 179
- Customizing Wireshark 185
- 9.3. Packet colorization 186
- 9.4.2. User Specified Decodes 191
- 9.5. Preferences 193
- 9.5.1. Interface Options 194
- 9.6. Configuration Profiles 195
- Used as a folder name 196
- Illegal characters 196
- 9.7. User Table 198
- 9.8. Display Filter Macros 199
- 9.9. GeoIP Database Paths 200
- 9.11. SCCP users Table 202
- 9.13. SMI (MIB and PIB) Paths 204
- 9.14. SNMP users Table 205
- 10.1. Introduction 208
- Lua Support in Wireshark 209
- 10.4.1. Saving capture files 211
- 10.4.1.2. PseudoHeader 212
- 10.4.2.1. Field 213
- 10.4.2.2. FieldInfo 214
- 10.4.3. GUI support 215
- 10.4.3.2. TextWindow 216
- 10.4.3.3.1. gui_enabled() 218
- 10.4.3.3.4. retap_packets() 219
- 10.4.4.1. Listener 220
- 10.4.5.1. Address 221
- 10.4.5.2. Column 222
- 10.4.5.3. Columns 222
- 10.4.5.4. Pinfo 223
- 10.4.6.1. Dissector 225
- 10.4.6.2. DissectorTable 225
- 10.4.6.3. Pref 227
- 10.4.6.4. Prefs 228
- 10.4.6.5. Proto 229
- 10.4.6.6. ProtoField 229
- 10.4.7.1. TreeItem 237
- 10.4.8.1. ByteArray 238
- 10.4.8.2. Int 240
- 10.4.8.3. Tvb 240
- 10.4.8.4. TvbRange 241
- 10.4.8.5. UInt 243
- 10.4.9. Utility Functions 244
- 10.4.9.2.10. dofile(filename) 246
- Appendix A. Files and Folders 248
- Files and Folders 249
- • the current display filter 249
- Windows folders 251
- Unix/Linux folders 251
- C0.A8.2C.00 HR 254
- 00:00:BE:EF IT_Server1 254
- 110f FileServer3 254
- C.1. Packet List Messages 259
- C.2. Packet Details Messages 260
- Wireshark Messages 261
- D.1. Introduction 262
- Related command line tools 263
- CORBA IDL files 276
- D.9.4. TODO 278
- D.9.5. Limitations 278
- D.9.6. Notes 278
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.604 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern