From Edwin Groothuis via bug 5870:

The supplied patch adds a new option -O, which specifies a list of protocols
(names can be found with the "-G protocols" option) to be fully decoded while
the others only show the layer header.

svn path=/trunk/; revision=36947

1 files changed, 5 insertions, 1 deletions

diff --git a/doc/tshark.pod b/doc/tshark.pod
index dffd527134..33bb3465ec 100644
--- a/doc/tshark.pod
+++ b/doc/tshark.pod
@@ -37,6 +37,7 @@ S<[ B<-t> ad|a|r|d|dd|e ]>
 S<[ B<-T> pdml|psml|ps|text|fields ]>
 S<[ B<-v> ]>
 S<[ B<-V> ]>
+S<[ B<-O> E<lt>protocolsE<gt> ]>
 S<[ B<-w> E<lt>outfileE<gt>|- ]>
 S<[ B<-W> E<lt>file format optionE<gt>]>
 S<[ B<-x> ]>
@@ -87,7 +88,10 @@ pane in B<Wireshark>), although if it's writing packets as it captures
 them, rather than writing packets from a saved capture file, it won't
 show the "frame number" field.  If the B<-V> option is specified, it
 writes instead a view of the details of the packet, showing all the
-fields of all protocols in the packet.
+fields of all protocols in the packet.  If the B<-O> option is
+specified in combination with B<-V>, it will only show the full
+protocols specified. Use the output of "tshark -G protocols" to
+find the abbrevations of the protocols you can specify.
 
 If you want to write the decoded form of packets to a file, run
 B<TShark> without the B<-w> option, and redirect its standard output to