diff options
| author | Guy Harris <guy@alum.mit.edu> | 2013-07-28 21:12:07 +0000 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2013-07-28 21:12:07 +0000 |
| commit | a4ad9e9f74d58f3a869ceb27845f74345d7b81be (patch) | |
| tree | 8232de5a3f542b692b883fcf0f057b0f2a0e7af5 /doc/tshark.pod | |
| parent | 0f13e3c95d571c7000e84d0c1e6f9f76575508b4 (diff) | |
If a core Wireshark developer repeatedly can't remember that the
argument to the -F flag for pcap format is "libpcap", not "pcap", we
have a problem. Make it "pcap", and add a backwards-compatibility hack
to support using "libpcap" as well.
Update the man pages to refer to it as pcap as well, and fix the
capitalization of "WinPcap" (see http://www.winpcap.org) while we're at
it.
Also, refer to http://www.tcpdump.org/linktypes.html for the list of
link-layer header types for pcap and pcap-ng.
svn path=/trunk/; revision=50989
Diffstat (limited to 'doc/tshark.pod')
| -rw-r--r-- | doc/tshark.pod | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/doc/tshark.pod b/doc/tshark.pod index 6e3a81c281..111a1d774b 100644 --- a/doc/tshark.pod +++ b/doc/tshark.pod @@ -60,7 +60,7 @@ B<TShark> is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. B<TShark>'s native -capture file format is B<libpcap> format, which is also the format used +capture file format is B<pcap> format, which is also the format used by B<tcpdump> and various other tools. Without any options set, B<TShark> will work much like B<tcpdump>. It will @@ -103,7 +103,7 @@ B<TShark> without the B<-w> option, and redirect its standard output to the file (do I<not> use the B<-w> option). When writing packets to a file, B<TShark>, by default, writes the -file in B<libpcap> format, and writes all of the packets it sees to the +file in B<pcap> format, and writes all of the packets it sees to the output file. The B<-F> option can be used to specify the format in which to write the file. This list of available file formats is displayed by the B<-F> flag without a value. However, you can't specify a file format @@ -461,7 +461,7 @@ B<TShark> reports an error and doesn't start the capture. Pipe names should be either the name of a FIFO (named pipe) or ``-'' to read data from the standard input. Data read from pipes must be in -standard libpcap format. +standard pcap format. This option can occur multiple times. When capturing from multiple interfaces, the capture file will be saved in pcap-ng format. @@ -1480,7 +1480,7 @@ whitespace. The same directory as for the personal preferences file is used. Capture filter name resolution is handled by libpcap on UNIX-compatible -systems and WinPCAP on Windows. As such the Wireshark personal F<hosts> file +systems and WinPcap on Windows. As such the Wireshark personal F<hosts> file will not be consulted for capture filter name resolution. =item Name Resolution (ethers) @@ -1507,7 +1507,7 @@ The personal F<ethers> file is looked for in the same directory as the personal preferences file. Capture filter name resolution is handled by libpcap on UNIX-compatible -systems and WinPCAP on Windows. As such the Wireshark personal F<ethers> file +systems and WinPcap on Windows. As such the Wireshark personal F<ethers> file will not be consulted for capture filter name resolution. =item Name Resolution (manuf) |