diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/tshark.pod | 53 |
1 files changed, 40 insertions, 13 deletions
diff --git a/doc/tshark.pod b/doc/tshark.pod index 1edfb48ecd..d50447b9c6 100644 --- a/doc/tshark.pod +++ b/doc/tshark.pod @@ -53,7 +53,7 @@ S<[ B<--capture-comment> E<lt>commentE<gt> ]> S<[ E<lt>capture filterE<gt> ]> B<tshark> -B<-G> [fields|protocols|values|decodes|defaultprefs|currentprefs] +B<-G> [column-formats|currentprefs|decodes|defaultprefs|fields|ftypes|heuristic-decodes|plugins|protocols|values] =head1 DESCRIPTION @@ -354,13 +354,30 @@ This option causes the output file(s) to be created with group-read permission (meaning that the output file(s) can be read by other members of the calling user's group). -=item -G [fields|protocols|values|decodes|defaultprefs|currentprefs] +=item -G [column-formats|currentprefs|decodes|defaultprefs|fields|ftypes|heuristic-decodes|plugins|protocols|values] The B<-G> option will cause B<Tshark> to dump one of several types of glossaries and then exit. If no specific glossary type is specified, then the B<fields> report will be generated by default. The available report types include: +B<column-formats> Dumps the column formats understood by tshark. +There is one record per line. The fields are tab-delimited. + + * Field 1 = format string (e.g. "%rD") + * Field 2 = text description of format string (e.g. "Dest port (resolved)") + +B<currentprefs> Dumps a copy of the current preferences file to stdout. + +B<decodes> Dumps the "layer type"/"decode as" associations to stdout. +There is one record per line. The fields are tab-delimited. + + * Field 1 = layer type, e.g. "tcp.port" + * Field 2 = selector in decimal + * Field 3 = "decode as" name, e.g. "http" + +B<defaultprefs> Dumps a default preferences file to stdout. + B<fields> Dumps the contents of the registration database to stdout. An independent program can take this output and format it into nice tables or HTML or whatever. There is one record per line. Each record is @@ -384,6 +401,27 @@ The fields are tab-delimited. * Field 7 = bitmask: format: hex: 0x.... * Field 8 = blurb describing field +B<ftypes> Dumps the "ftypes" (fundamental types) understood by tshark. +There is one record per line. The fields are tab-delimited. + + * Field 1 = FTYPE (e.g "FT_IPv6") + * Field 2 = text description of type (e.g. "IPv6 address") + +B<heuristic-decodes> Dumps the heuristic decodes currently installed. +There is one record per line. The fields are tab-delimited. + + * Field 1 = underlying dissector (e.g. "tcp") + * Field 2 = name of heuristic decoder (e.g. ucp") + * Field 3 = heuristic enabled (e.g. "T" or "F") + +B<plugins> Dumps the plugins currently installed. +There is one record per line. The fields are tab-delimited. + + * Field 1 = plugin library (e.g. "gryphon.so") + * Field 2 = plugin version (e.g. 0.0.4) + * Field 3 = plugin type (e.g. "dissector" or "tap") + * Field 4 = full path to plugin file + B<protocols> Dumps the protocols in the registration database to stdout. An independent program can take this output and format it into nice tables or HTML or whatever. There is one record per line. The fields are tab-delimited. @@ -420,17 +458,6 @@ the type of record. * Field 3 = True String * Field 4 = False String -B<decodes> Dumps the "layer type"/"decode as" associations to stdout. -There is one record per line. The fields are tab-delimited. - - * Field 1 = layer type, e.g. "tcp.port" - * Field 2 = selector in decimal - * Field 3 = "decode as" name, e.g. "http" - -B<defaultprefs> Dumps a default preferences file to stdout. - -B<currentprefs> Dumps a copy of the current preferences file to stdout. - =item -h Print the version and options and exits. |