Highest Voted 'tshark' Questions - Server Fault Stack Exchange

1

vote

1 answer

Tshark/wireshark on an ephemeral interface

Our server hosts a VPN. Each connection to the VPN creates a new PPP interface (ppp0, ppp1, etc.) and the connections are ephemeral in the sense that the interface can go up or down intermittently. What we need is a way to capture packets using…

interface point-to-point-protocol tshark

asked Apr 01 '14 at 09:37

Climax

123
5

1

vote

1 answer

"tshark: There are no interfaces on which a capture can be done" in Amazon Linux AMI

My goal is to capture packets with tshark in Amazon Linux AMI. While typing tshark in the command line there's an error: "tshark: There are no interfaces on which a capture can be done" How to implement the solution from Wireshark setup Linux for…

linux amazon-ec2 wireshark packet-capture tshark

asked Oct 29 '13 at 14:17

rok

159
8

1

vote

1 answer

tshark not recognizing wpa psk option

I'm trying to decrypt captured wpa-psk traffic with tshark, but it's not recognizing the option I'm trying to override. This option allows me to specify a PSK to use for decrypting. I'm using tshark 1.8.1 from the Backtrack R3. # tshark -o…

wireshark tshark sniffing linux

asked Dec 03 '12 at 12:00

sybind

327
1
4
14

1

vote

0 answers

How to add TDS support to tshark?

How to add TDS (knowledge about MS SQL Server packets' structure) support for tshark? Currently, the situation is this: root@DEV:/# tshark -d . 2>&1| grep -i tds root@DEV:/# I.e: tshark does not recognize tds protocol.

packet-capture packet-analyzer tshark

asked Feb 07 '12 at 14:00

Henno

1,056
5
19
33

1

vote

1 answer

How can I display-filter the correspondant response to a specific display-filtered request in wireshark?

I am just tracing a very sporadic error in responses to HTTP requests to a specific resource on an embedded device's webserver. So my plan is to run a test over night (or even weekend), capture the traffic with wireshark and then skim the dumpfiles…

wireshark filter tshark

asked Sep 09 '11 at 14:18

Peter

123
6

1

vote

1 answer

tshark (wireshark) to pinpoint connect reset / retransmitted issue

Windows server 2003. I have the latest WireShark installed on the server and need to capture packets on the server to pinpoint a randomly happened connection reset /retransmitted issue. When the connection reset happens, it resets about 600…

wireshark packet-capture tshark

asked Nov 30 '10 at 02:30

Stan

1,387
6
24
40

1

vote

1 answer

tshark (wireshark) filters: Where are they located?

While troubleshooting a MySQL issue, I came across this command at commandlinefu: tshark -i any -T fields -R mysql.query -e mysql.query I am trying to understand it before I actually use it. Looking at the man page helped me understand the options…

wireshark tshark

asked Nov 11 '10 at 17:45

Belmin Fernandez

10,799
27
84
148

1

vote

1 answer

Checking rtp stream audio quality

We are working in a test environment and need to monitor the audio quality of an rtp stream that is being captured using tshark. Right now we are able to capture the audio and access the file through wireshark, but we would like to find a way to…

networking voip wireshark audio tshark

asked Mar 12 '10 at 20:48

chills42

202
4
10

1

vote

0 answers

What is the key file for ssldump?

I search google for a tool to decode https traffic and get the ssldump with examples like: ssldump -k xxx.pem -i eth0 -d host example.com I wonder what the key file xxx.pem is. On the server hosting example.com, the file is what is specified by…

ssl tcpdump packet-sniffer tshark

asked Nov 14 '22 at 10:20

peter

93
13

1

vote

2 answers

Display delta timestamp and UDP data payload with tcpdump/tshark

I have a 1.5Gb capture of small UDP packets that I would like to turn into a CSV with just timestamp and UDP payload data in hex format. An example of the desired output would be as follows: % head Data3.txt…

tcpdump tshark

asked Jun 07 '20 at 10:12

M.E.

124
10

1

vote

1 answer

How to capture UDP traffic so it can be piped to grep

I'm trying to capture UDP traffic which is being sent as StatsD metrics (on port 8125). The most simple approach I tried is to run nc -ul 8125 which prints the metrics to the terminal...but they are not newline separated. Additionally, piping the…

udp netcat tshark socat statsd

asked Apr 09 '20 at 23:08

Darragh

113
5

0

votes

1 answer

Run tshark in google cloud with external ( public ) IP

I had tried to run tshark in a centos 7 instance hosted in google cloud platform. When we analyze the captured packets, it is only showing the internal IP of that server. Is there any way to get the external IP( We have a reserved public IP setup…

networking centos google-cloud-platform google-compute-engine tshark

asked Nov 23 '18 at 06:13

Dileep K

3
2

0

votes

1 answer

How do I generate a source of netflow data for nfcapd?

I am trying to use nfcapd to save netflow files for use by a network analysis tool. How do I capture network traffic on my host and send it into nfcapd? Can I use wireshark/tshark or something similar?

wireshark packet-capture tshark netflow

asked Mar 14 '17 at 02:09

aaa90210

351
6
15

0

votes

1 answer

How to display only the source port with tshark

I can display the source and destination tcp ports with tshark -T fields -e tcp.port 1111,2222 2222,1111 [...] How can I display only the source port in order to get 1111 2222

wireshark filter tshark

asked Nov 11 '16 at 22:49

user123456

563
1
7
20

0

votes

1 answer

decrypting ssl/tsl packets using tshark/wireshark

I am a novice with networking and unix and trying to debug an issue but I have been able to capture packets using tshark in order to analyze and inspect why clients are receiving 401 errors on initial connect. The quick solution is to not enforce…

ssl wireshark tshark

asked Oct 11 '16 at 16:03

unixFirstTimer

1

Questions tagged [tshark]