![]() Maybe this will be useful for people that would like a quick-reference for a few common commands. So I thought it might be nice to share a few commands that I like to use when I am working with the command-line tools (dumpcap, tshark, mergecap, etc). But larger than that, I like to start filtering them on the command line (or using a read filter while I am opening them). Personally, I am fine with popping open traces that are up to around 500MB or so in Wireshark. That is well and good - until you start opening them up to work with them in the Wireshark interface. Of course, large capture files were needed to catch it in the act. ![]() Last week I was working with one of my customers in troubleshooting a nagging intermittent performance problem. Hey packet heads! Let's talk about some commands for tshark and dumpcap.
0 Comments
Leave a Reply. |