path: root/doc/tshark.pod
AgeCommit message (Collapse)AuthorFilesLines
2017-09-22Add Flow Graph functionality to TSharkMichael Mann1-0/+20
Add flow graph functionality to tshark through -z option. Output is same as ASCII format saved from GUI. Change-Id: Iee0bfea7215858e6488b4728581be28287e9ea1a Reviewed-on: https://code.wireshark.org/review/23652 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2017-08-22Add hardware timestamping supportAhmad Fatoum1-0/+11
pcap provides a pcap_set_tstamp_type function, which can be used to request hardware timestamps from a supporting kernel. This patch adds support for aforementioned function as well as two new command line options to dumpcap, wireshark and tshark: --list-time-stamp-types List time stamp types supported for the interface --time-stamp-type <type> Change the interface's timestamp method Name choice mimics those used by tcpdump(1), which already supports this feature. However, unlike tcpdump, we provide both options unconditionally. If Wireshark was configured without pcap_set_tstamp_type being available, --list-time-stamp-types reports an empty list. Change-Id: I418a4b2b84cb01949cd262aad0ad8427f5ac0652 Signed-off-by: Ahmad Fatoum <ahmad.fatoum@siemens.com> Reviewed-on: https://code.wireshark.org/review/23113 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2017-07-03Add option to use wall-clock intervalsSake Blok1-4/+7
Add the "interval" option to "-b". Each new capture starts at the exact start of a time interval. For instance, using -b interval:3600 will start a new capture file at each whole hour. Changed the duration option in the GUI interfaces to use the new interval option. Change-Id: I0180c43843f5d2f0c2f50153c9ce42ac7fa5aeae Reviewed-on: https://code.wireshark.org/review/22428 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Sake Blok <sake.blok@SYN-bit.nl>
2017-06-22Add --no-duplicate-keys tshark option.Daan De Meyer1-0/+7
Adds the --no-duplicate-keys option to tshark. If -T json is specified, this option can be specified in order to transform the duplicate keys produced by -T json into single keys with as value a json array of all separate values. Specifying --no-duplicate-keys changes the function which groups node children that is passed to write_json_proto_tree. Instead of a function that puts each node in a separate group (proto_node_group_children_by_unique) a function is passed that groups children that have the same json key together (proto_node_group_children_by_json_key). This will lead to some groups having multiple values. Groups with multiple values are written to the output as a json array. This includes normal json keys but also keys with the "_raw" and "_tree" suffix. If --no-duplicate-keys is specified with an option other than "-T json" or "-T jsonraw" or without -T an error is shown and tshark will exit. "Export Packet Dissections -> As JSON" in the GUI is hardcoded to use the duplicated keys format. Fixes one regression in the output where a filtered json key (-j) with both a value and children would not have the "_tree" suffix added to the json key containing the children. Includes a little code cleanup (removes one instance of code duplication and simplifies a while loop). Fixes a memory leak (I thought this fix was already included in the previous refactor patch but something must have gone wrong when updating the patch so I'm including it again in this patch). Bug: 12958 Change-Id: I401f8fc877b5c590686567c3c44cdb832e9e7dfe Reviewed-on: https://code.wireshark.org/review/22166 Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2017-06-12Add support for color xml attributes in psml and pdml formats.Michael Mann1-0/+4
Bug: 6682 Change-Id: I19330d06aa3d5692503c61369c3c650d595971f5 Reviewed-on: https://code.wireshark.org/review/22077 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Stephen Donnelly <stephen.donnelly@endace.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2017-06-11tshark: add "--color" option emulating wireshark colorsDave Goodell1-0/+9
With this commit, tshark will mimic the packet coloring present in the Wireshark GUI whenever "--color" is passed. This initial commit only adds such support for the standard text output format. A future commit could potentially broaden this support to other output modes (such as "-V" mode). Bug: 5158 Change-Id: I59329e32475b0c67e28802e79610544d4868ea2d Reviewed-on: https://code.wireshark.org/review/21325 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2017-05-05Auto reset epan sessionHessam Jalali1-0/+12
Automatically resets intarnal epan session after reaching to specified number of packets, for example -M 1000 will reset the session every 1000 packets. this is more like a proposal since the usage is very specific it is useful for 24/7 live capture with dissection and sending data directly to another application. example: tshark -Y "gtp" -M 100000 -T fields -e gtp.message -e gtp.teid Change-Id: I8ee8b0380017c684120a93cb3fb43f41615a9c04 Reviewed-on: https://code.wireshark.org/review/21312 Reviewed-by: Evan Huus <eapache@gmail.com> Petri-Dish: Evan Huus <eapache@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2017-04-17Clean up documentation and help messages for protocol enabling/disabling.Guy Harris1-2/+10
List all of --enable-protocol, --disable-protocol, --enable-heuristic, and --disable-heuristic in the SYNOPSIS section of the man pages. Undent after the list of taps for the -z option, so the following options are at the same indentation as other options. List --enable-protocol in the DESCRIPTION, above --disable-protocol. Include --enable-protocol in the help message. Change-Id: I680a54430789f3543b2d539fbded22b0b57f7f76 Reviewed-on: https://code.wireshark.org/review/21159 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-03-28Reflect new default value of snaplen in man pages.Martin Sehnoutka1-1/+1
Default value for snaplen is defined in wiretap/wtap.h: #define WTAP_MAX_PACKET_SIZE 262144 and used in capture_opts.c: capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE; but help and man pages don't reflect this change. Change-Id: I35ddf1e8b7ffd657f4e01b3fe6b4c44c9acece2b Reviewed-on: https://code.wireshark.org/review/20738 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2017-03-19tshark: Optionally delimit packet summary columns with tabsJim Young1-2/+6
This patch augments tshark's -T report with a "tabs" option. When the -T tabs option is enabled an ASCII horizontal tab character is inserted between each column of the human-readable one-line packet summary record. Change-Id: Id10a6e21e231eb2e52b6342ed05399db1a5fcfdf Reviewed-on: https://code.wireshark.org/review/20537 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2017-03-03Update documentation with reference to $XDG_CONFIG_HOMEPeter Wu1-1/+3
Since v2.1.0rc0-184-gb0b53fa593, $XDG_CONFIG_HOME/wireshark (instead of $HOME/.wireshark) is used, clarify this in the WSUG and manuals. Change-Id: I74a6f9b86bd8d54ee326ca83d7536e091d6da08a Reviewed-on: https://code.wireshark.org/review/20364 Reviewed-by: Peter Wu <peter@lekensteyn.nl> Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2017-02-25json2pcap support addedMartin Kacer1-7/+21
Modified tshark -T json -x output Added tshark -T jsonraw output json2pcap.py (can be used for basic packet editing by modifying json) The modification in tshark -T json -x and new tshark -T jsonraw output add into hex-data output in JSON also information on which position each field is dissected in the original frame, what is the field length, bitmask (for not byte aligned fields) and type. This information can be used for latter processing. One use-case is json2pcap script which assembles the protocol layers back together from upper to lowers layers, which allows the basic packet modification/editing/rewriting. Change-Id: Ibf948eb8fc7e3b0b51c12df6c3855f705a9c7925 Reviewed-on: https://code.wireshark.org/review/19990 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Reviewed-by: Dario Lombardo <lomato@gmail.com> Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2016-12-03tshark: Add -G folders reportJim Young1-0/+7
Add a new tshark feature to generate a folders report. The folders report is essentially the information presented by Wireshark's About / Folders page in a TAB delimited format. Change-Id: Ic4b3d332b4bdaa7e6b7aad1e9cc5dd18413aada6 Reviewed-on: https://code.wireshark.org/review/19002 Petri-Dish: Jim Young <jim.young.ws@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Peter Wu <peter@lekensteyn.nl> Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-12-02Enable exporting objects with tsharkMoshe Kaplan1-0/+13
A new "--export-object <protocol>,<destdir>" option is added to tshark. This required refactoring Export Object behavior in all GUIs to give the export object handling to the dissector, rather than the ui layer. Included in the refactoring was fixing some serious memory leaks in Qt Export Object dialog, crash due to memory scope issues in GTK Export Object dialog, and addition sorting column feature in Qt dialog (set up by creating a widget to manage the items that were previously leaking memory) Bug: 9319 Ping-Bug: 13174 Change-Id: I515d7662fa1f150f672b1476716f347ec27deb9b Reviewed-on: https://code.wireshark.org/review/18927 Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Peter Wu <peter@lekensteyn.nl> Tested-by: Michael Mann <mmann78@netscape.net> Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-10-04Man pages: Update -D flag text.Gerald Combs1-3/+3
Refer to "Windows" instead of "Windows 2000". Add an "ip link show" breadcrumb. Change-Id: Ie1faa1d30b0ac63de35b0385cbb1306f08828e61 Reviewed-on: https://code.wireshark.org/review/18056 Reviewed-by: Gerald Combs <gerald@wireshark.org>
2016-07-15Fix manpages typo.João Valverde1-1/+1
Change-Id: Iac747655d09c94926e51c7ea1f23375650cd6641 Ping-Bug: 12305 Reviewed-on: https://code.wireshark.org/review/16446 Reviewed-by: João Valverde <j@v6e.pt> Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-06-29tshark fields filter added for other outputsMartin Kacer1-2/+2
-e fields filter addded to ek|json|pdml output. Bug: 12529 Change-Id: I1f0f8772eefceb5b71927925ce0c34af483571b9 Reviewed-on: https://code.wireshark.org/review/16193 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Guy Harris <guy@alum.mit.edu>
2016-06-21tshark JSON and Elasticsearch output fixMartin Kacer1-4/+4
Fixed json and ek escape function Fixed -j protocol filter to do exact match Fixed -T json to correctly close json Added -j protocol filter also to pdml output Bug: 11754 Change-Id: I02f274e4a5a02346922b37bbe946c10340c242ea Reviewed-on: https://code.wireshark.org/review/16034 Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Reviewed-by: Guy Harris <guy@alum.mit.edu>
2016-06-17tshark JSON and Elasticsearch outputMartin Kacer1-2/+26
Added ouput -T for json|ek Added -j switch fo filter EK json|ek fields. Added -x switch to work with json|ek to insert raw fields. Bug: 11754 Change-Id: Iad5a9092b843c074b0b774d1745fa14fca09f6b7 Reviewed-on: https://code.wireshark.org/review/15869 Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl> Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-06-01tshark man page: the first TCP stream is stream 0, not 1.Jeff Morriss1-6/+6
This fixes the example of the -z follow option. Also fix up some formatting in the same section. Bug: 12383 Change-Id: Ic9b2ef5e63ab31d70f2750f9cfdcbab76cf204b6 Reviewed-on: https://code.wireshark.org/review/15667 Reviewed-by: Michael Mann <mmann78@netscape.net> Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-05-11TShark: Add a "-E bom=" option.Gerald Combs1-0/+3
Add an option to print the UTF-8 BOM. Change-Id: I3d30c67852b9b89d1548b0f957d97fd8e8741049 Reviewed-on: https://code.wireshark.org/review/15318 Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl> Reviewed-by: Gerald Combs <gerald@wireshark.org>
2016-05-11[tshark] Document -U option and create a list of tap names when enteringAndersBroman1-0/+7
an empty name "". Change-Id: I2b8332ff6900c8a88514a25a416f342d7b696d34 Reviewed-on: https://code.wireshark.org/review/15332 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-05-09TShark: Convert TTY output.Gerald Combs1-0/+14
If we detect that we're writing to a TTY and that it doesn't support UTF-8, convert our output to the current code page on UNIX/Linux or to UTF-16LE on Windows. This helps to ensure that we don't fill users' screens with mojibake, along with scrubbing invalid output. Add a note about our output behavior to the TShark man page. Add a note about the glyphs we should and shouldn't be using to utf8_entities.h. Bug: 12393 Change-Id: I52b6dd240173b80ffb6d35b5950a46a565c97ce8 Reviewed-on: https://code.wireshark.org/review/15277 Reviewed-by: Gerald Combs <gerald@wireshark.org> Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Graham Bloice <graham.bloice@trihedral.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-04-04Remove synchronous DNS name resolutionJoão Valverde1-2/+0
Change-Id: Ie5e670b769eb0674950f3679ef511047641c2873 Reviewed-on: https://code.wireshark.org/review/14751 Petri-Dish: João Valverde <j@v6e.pt> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-01-27Allow/Create an option to use "capture filter" labels defined in wireshark ↵Mike781-0/+4
GUI from CLI Move ui/filters.[ch] to filter_files.[ch] because dumpcap is using functionality. Bug: 8091 Change-Id: I195c82fc023f97d6f331b8718c45a2d83d30faea Reviewed-on: https://code.wireshark.org/review/5925 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-09-23Add a "fieldcount" report to tshark -G to let us easily see how many fieldsJeff Morriss1-0/+2
are registered. Change-Id: I06f10d96916640cb9a782cae87898a5dd6c9c6e3 Reviewed-on: https://code.wireshark.org/review/10601 Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-08-31tshark.pod: fix typoPascal Quantin1-1/+1
Change-Id: Iba5f12637e0f494805f2d9aab370fb42a32c1cb9 Reviewed-on: https://code.wireshark.org/review/10335 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2015-07-25DNS: move DNS name resolution pref to Name Resolution prefsHadriel Kaplan1-0/+2
Move the boolean flag for using captured DNS packet info for name resolution to the Name Resolution preferences settings, as it was rather surprising to disable Name Resolution preferences and still have names being resolved. Also disble them all if the '-n' command line switch is used, and re-enable it for a 'd' character in the '-N' option. Bug: 10337 Change-Id: Ie4d47bab0100db3360cc447cd3e446b2e39aa917 Reviewed-on: https://code.wireshark.org/review/9786 Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
2015-07-22Add documentation for new enable/disable protocol and heuristic dissector ↵Michael Mann1-0/+12
options. Change-Id: Ia31326105cf559c2196d45369270552fb78da6c7 Reviewed-on: https://code.wireshark.org/review/9692 Reviewed-by: Michael Mann <mmann78@netscape.net> Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-07-03Add ServiceResponseTimeDialog.Gerald Combs1-0/+6
Add ServiceResponseTimeDialog as a subclass of TapParameterDialog, similar to StatsTreeDialog. Add initial plumbing for statistics menu items and command line invocation. Don't append "..." to menu item names. Don't add menu icons. In each case this avoids repetitive UI clutter. Change-Id: I463b95c93090160bb81d2e80b16aad389dc0bd6c Reviewed-on: https://code.wireshark.org/review/8864 Reviewed-by: Gerald Combs <gerald@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-06-09tshark: add ability to display streams in EBCDICPascal Quantin1-5/+6
As requested in https://ask.wireshark.org/questions/42958/tshark-follow-tcp-stream-for-ebcdic Change-Id: Ia8d93f59aa038bd6328adea137c92ea5a52361b5 Reviewed-on: https://code.wireshark.org/review/8844 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-05-28Document the services file in the man pages.Jeff Morriss1-0/+14
Bug: 11227 Change-Id: Id9cc64820b238bd8c82a758a553e1352398ad885 Reviewed-on: https://code.wireshark.org/review/8664 Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-05-28Document the subnets file in the man pages.Jeff Morriss1-0/+20
Text adapted from that in the WSUG documentation of the same. Ping-Bug: 1445 Ping-Bug: 11227 Change-Id: I4d07cba437e70324d19c5ae23e44b86c47b749a8 Reviewed-on: https://code.wireshark.org/review/8662 Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-03-10Change a lot of http:// URLs to https://.Gerald Combs1-1/+1
Most of our sites are now HTTPS-only. Update URLs accordingly. Update other URLs while we're at it. Remove or comment out dead links. Change-Id: I7c4f323e6585d22760bb90bf28fc0faa6b893a33 Reviewed-on: https://code.wireshark.org/review/7621 Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Gerald Combs <gerald@wireshark.org>
2015-02-06More emem removal.Jeff Morriss1-54/+0
Remove emem's 8-byte-memory-alignment configure check as well as references to all the environment variables emem used. Change-Id: I897aec9e9c68e064454561e7a9f066b18892ec66 Reviewed-on: https://code.wireshark.org/review/6950 Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-01-27Added HPFEEDS stats_tree.Dario Lombardo1-0/+5
Change-Id: I256fd5395b062fa954ebd60598721323ea1d7ff1 Bug: 10875 Reviewed-on: https://code.wireshark.org/review/6713 Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-01-05Added DNS statistics supportDario Lombardo1-0/+5
This affects both the dissector (that has been added with a tap interface and a stats generator) and the UI (to recall the stats menu). Change-Id: I90658f7aa6707aa39bdd787a51b20fed4dbddc53 Reviewed-on: https://code.wireshark.org/review/6236 Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2015-01-02tshark: Add endpoints statisticsMichael Mann1-0/+38
"stat name" has been official changed to "endpoints" for all dissectors, rather than a mixture of "host"/"endpoints" based on dissector. Change-Id: If34bcb5165b493948e784ba038ab202803a59843 Reviewed-on: https://code.wireshark.org/review/6154 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Reviewed-by: Michael Mann <mmann78@netscape.net> Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-12-29Add ability to follow UDP stream by indexPascal Quantin1-11/+14
-z "follow,udp" tshark cli command now supports a stream index It is now possible to select the UDP stream displayed in Qt GUI (like for TCP) Change-Id: Ia367f36ea4f60db0fddb997a7e0903c09e172f2d Reviewed-on: https://code.wireshark.org/review/6083 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2014-11-17Add tshark -G dissector-tables to dump a list of dissector tables.Guy Harris1-3/+11
That list doesn't show the entries in the dissector tables, just information about the tables themselves. Clean up some tshark man page issues while we're at it. Change-Id: I70beee34110f5c0d58105944dd71105a8400f5ca Reviewed-on: https://code.wireshark.org/review/5360 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-09-17Update the doc directory to use https://www.wireshark.org.Gerald Combs1-3/+3
Change-Id: I9bfc57cb6b6ab6962b80ff58d98eb351d6f69829 Reviewed-on: https://code.wireshark.org/review/4140 Reviewed-by: Gerald Combs <gerald@wireshark.org>
2014-06-25Indicate tshark can read (-r) from stdin and named pipes now.Jeff Morriss1-2/+3
(Though it works only with certain formats.) As requested in: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2874#c4 Change-Id: I2ce0509d8750b21ae0167d12459074ba0f9506f8 Reviewed-on: https://code.wireshark.org/review/2646 Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-16More Python-bindings removal.Jeff Morriss1-6/+0
Change-Id: I4d82175781e65c73179f4c8e737a7900cb050bce Reviewed-on: https://code.wireshark.org/review/2283 Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
2014-03-19Add read_format extension to manual pagesHadriel Kaplan1-2/+6
The -X read_format extension was added in code but in the manuals. Change-Id: I21692120229ef531671fc3db247809ace69d23b3 Reviewed-on: https://code.wireshark.org/review/742 Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2014-02-13Lua: add ability for scripts loaded from command-line to be passed argumentsHadriel Kaplan1-0/+7
This change adds the ability to pass on to lua scripts loaded from the command-line (tshark or wireshark) additional arguments supplied by the command-line. This will help us in our testsuites, but also might be useful for user-created scripts. The additional arguments are passed in using the '-X' eXtension switch. Change-Id: Ib94cdf1ffd194ca84692fee7816665e4ff95efbd Reviewed-on: https://code.wireshark.org/review/156 Reviewed-by: Evan Huus <eapache@gmail.com> Tested-by: Evan Huus <eapache@gmail.com>
2013-12-23From Ville Skyttä: Spelling FixesBill Meier1-1/+1
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9591 svn path=/trunk/; revision=54387
2013-12-11Improve tshark command-line error help. Fixes ↵Chris Maynard1-13/+21
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9548 and adds addtional help, better formatting, sorting and some minimal documentation of the -u option to the tshark man page. svn path=/trunk/; revision=53938
2013-12-02Specify SI units for the max filesize autostop condition. For now, keep the ↵Chris Maynard1-7/+7
capture buffer size in IEC units, but document it as such. #BACKPORT(1.10, 1.8(?)) svn path=/trunk/; revision=53728
2013-11-06Add support for displaying dates as year and day-of-year (1-origin).Guy Harris1-10/+19
In the process, fix various man page descriptions of the -t flag, and add support for UTC absolute times in the iousers and iostat TShark taps. svn path=/trunk/; revision=53114
2013-10-15From Ed Beroset via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9272Chris Maynard1-13/+40
Add tshark -G column-formats report and document the missing ftypes, heuristic-decodes and plugins reports. From me: Sort the reports. Add modelines to epan/column.c. Minor whitespace changes. svn path=/trunk/; revision=52627