Tethereal/tethereal -> TShark/tshark.

svn path=/trunk/; revision=18268

12 files changed, 100 insertions, 100 deletions

diff --git a/doc/Makefile.am b/doc/Makefile.am
index 1cfe9b83ae..bc44daac65 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -39,17 +39,17 @@ ethereal-tmp.pod: $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
 	--noindex						\
 	ethereal-tmp.pod > ../ethereal.html
 
-../tethereal.1: tethereal.pod ../config.h
+../tshark.1: tshark.pod ../config.h
 	$(POD2MAN)					\
 	--center="The Wireshark Network Analyzer"	\
 	--release=$(VERSION)				\
-	$(srcdir)/tethereal.pod > ../tethereal.1
+	$(srcdir)/tshark.pod > ../tshark.1
 
-../tethereal.html: tethereal.pod ../config.h
+../tshark.html: tshark.pod ../config.h
 	$(POD2HTML)							\
-	--title="tethereal - The Wireshark Network Analyzer $(VERSION)"	\
+	--title="tshark - The Wireshark Network Analyzer $(VERSION)"	\
 	--noindex							\
-	$(srcdir)/tethereal.pod > ../tethereal.html
+	$(srcdir)/tshark.pod > ../tshark.html
 
 ../ethereal-filter.4: ethereal-filter.pod ../config.h
 	$(POD2MAN)					\
@@ -64,8 +64,8 @@ ethereal-tmp.pod: $(srcdir)/ethereal.pod $(top_builddir)/AUTHORS-SHORT-FORMAT
 	--noindex								\
 	ethereal-filter.pod > ../ethereal-filter.html
 
-ethereal-filter.pod: ethereal-filter.pod.template  ../tethereal
-	../tethereal -G fields | $(PERL) $(srcdir)/dfilter2pod.pl $(srcdir)/ethereal-filter.pod.template > ethereal-filter.pod
+ethereal-filter.pod: ethereal-filter.pod.template  ../tshark
+	../tshark -G fields | $(PERL) $(srcdir)/dfilter2pod.pl $(srcdir)/ethereal-filter.pod.template > ethereal-filter.pod
 
 ../capinfos.1: capinfos.pod ../config.h
 	$(POD2MAN)					\
@@ -152,8 +152,8 @@ CLEANFILES =		\
 	../editcap.html	\
 	../mergecap.1	\
 	../mergecap.html	\
-	../tethereal.1	\
-	../tethereal.html	\
+	../tshark.1	\
+	../tshark.html	\
 	../text2pcap.1	\
 	../text2pcap.html	\
 	../dumpcap.1	\
diff --git a/doc/Makefile.nmake b/doc/Makefile.nmake
index a58101bc6c..fc86a8bab9 100644
--- a/doc/Makefile.nmake
+++ b/doc/Makefile.nmake
@@ -26,10 +26,10 @@
 
 include ../config.nmake
 
-doc: ethereal.html tethereal.html ethereal-filter.html capinfos.html \
+doc: ethereal.html tshark.html ethereal-filter.html capinfos.html \
 	editcap.html idl2wrs.html mergecap.html text2pcap.html dumpcap.html
 
-man: ethereal.1 tethereal.1 ethereal-filter.4 capinfos.1 editcap.1 \
+man: ethereal.1 tshark.1 ethereal-filter.4 capinfos.1 editcap.1 \
 	idl2wrs.1 mergecap.1 text2pcap.1 dumpcap.1
 
 ethereal-tmp.pod: ethereal.pod ../AUTHORS-SHORT-FORMAT
@@ -52,22 +52,22 @@ ethereal.html: ethereal-tmp.pod ../config.h
 	--noindex                                 \
 	ethereal-tmp.pod > ethereal.html
 
-../tethereal.exe:
+../tshark.exe:
 	cd ..
-	$(MAKE) -f makefile.nmake tethereal.exe
+	$(MAKE) -f makefile.nmake tshark.exe
 	cd doc
 
-tethereal.1: tethereal.pod ../config.h
+tshark.1: tshark.pod ../config.h
 	$(POD2MAN)                     \
 	--center="The Wireshark Network Analyzer" \
 	--release=$(VERSION)			 \
-	tethereal.pod > tethereal.1
+	tshark.pod > tshark.1
 
-tethereal.html: tethereal.pod ../config.h
+tshark.html: tshark.pod ../config.h
 	$(POD2HTML)                    \
-	--title="tethereal - The Wireshark Network Analyzer $(VERSION)" \
+	--title="tshark - The Wireshark Network Analyzer $(VERSION)" \
 	--noindex                                 \
-	tethereal.pod > tethereal.html
+	tshark.pod > tshark.html
 
 ethereal-filter.4: ethereal-filter.pod ../config.h
 	$(POD2MAN)                     \
@@ -81,10 +81,10 @@ ethereal-filter.html: ethereal-filter.pod ../config.h
 	--noindex                                 \
 	ethereal-filter.pod > ethereal-filter.html
 
-ethereal-filter.pod: ethereal-filter.pod.template  ../tethereal.exe
+ethereal-filter.pod: ethereal-filter.pod.template  ../tshark.exe
 	cd ..
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake install-deps
-	tethereal.exe -G | $(PERL) doc\dfilter2pod.pl doc\ethereal-filter.pod.template > doc\ethereal-filter.pod
+	tshark.exe -G | $(PERL) doc\dfilter2pod.pl doc\ethereal-filter.pod.template > doc\ethereal-filter.pod
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake clean-deps
 	cd doc
 
@@ -163,7 +163,7 @@ dumpcap.html: dumpcap.pod ../config.h
 
 clean:
 	rm -f ethereal.html ethereal.1 ethereal-tmp.pod
-	rm -f tethereal.html tethereal.1
+	rm -f tshark.html tshark.1
 	rm -f ethereal-filter.html ethereal-filter.4 ethereal-filter.pod
 	rm -f capinfos.html capinfos.1
 	rm -f editcap.html editcap.1
diff --git a/doc/README.developer b/doc/README.developer
index 1e14507622..fa7696d99a 100644
--- a/doc/README.developer
+++ b/doc/README.developer
@@ -497,17 +497,17 @@ much better to use the g_snprintf() function declared by <glib.h> instead.
 You should test your dissector against incorrectly-formed packets.  This 
 can be done using the randpkt and editcap utilities that come with the
 Ethereal distribution.  Testing using randpkt can be done by generating
-output at the same layer as your protocol, and forcing Ethereal/Tethereal
+output at the same layer as your protocol, and forcing Ethereal/TShark
 to decode it as your protocol, e.g. if your protocol sits on top of UDP:
 
     randpkt -c 50000 -t dns randpkt.pcap
-    tethereal -nVr randpkt.pcap -d udp.port==53,<myproto>
+    tshark -nVr randpkt.pcap -d udp.port==53,<myproto>
     
 Testing using editcap can be done using preexisting capture files and the
 "-E" flag, which introduces errors in a capture file.  E.g.:
 
     editcap -E 0.03 infile.pcap outfile.pcap
-    tethereal -nVr outfile.pcap
+    tshark -nVr outfile.pcap
 
 1.1.4 Name convention.
 
diff --git a/doc/README.regression b/doc/README.regression
index 04f06bc0ab..e21365f60d 100644
--- a/doc/README.regression
+++ b/doc/README.regression
@@ -1,27 +1,27 @@
 #
-# Ethereal/Tethereal Regression Testing
+# Ethereal/TShark Regression Testing
 #
 # $Id$
 #
 # This is a sample Makefile for regression testing of the
-# Ethereal engine. These tests use that uses 'tethereal -V' to analyze all
+# Ethereal engine. These tests use that uses 'tshark -V' to analyze all
 # the frames of a capture file.
 #
 # You should probably rename this file as 'Makefile' in a separate directory
 # set aside for the sole purpose of regression testing. Two text files will
 # be created for each capture file you test, so expect to have lots of files.
 #
-# Set TETHEREAL, CAPTURE_DIR, and CAPTURE_FILES to values appropriate for
+# Set TSHARK, CAPTURE_DIR, and CAPTURE_FILES to values appropriate for
 # your system. Run 'make' to create the initial datasets. Type 'make accept'
 # to accept those files as the reference set.
 #
-# After you make changes to Tethereal, run 'make regress'. This will re-run
+# After you make changes to TShark, run 'make regress'. This will re-run
 # the tests and compare them against the accepted reference set of data.
 # The comparison, which is just an invocation of 'diff -u' for the output
 # of each trace file, will be put into a file called 'regress'. Examine
 # this file for any changes that you did or did not expect. 
 #
-# If you have introduced a change to Tethereal that shows up in the tests, but
+# If you have introduced a change to TShark that shows up in the tests, but
 # it is a valid change, run 'make accept' to accept those new data as your
 # reference set. 
 #
@@ -33,7 +33,7 @@
 # 'make accept'		Accept current tests; make them the reference test results
 # 'make clean'		Cleans any tests (but not references!)
 
-TETHEREAL=/home/gram/prj/ethereal/debug/linux-ix86/tethereal
+TSHARK=/home/gram/prj/ethereal/debug/linux-ix86/tshark
 
 CAPTURE_DIR=/home/gram/prj/sniff
 
@@ -59,8 +59,8 @@ all:	$(TESTS)
 clean:
 	rm -f $(TESTS)
 
-%.tether : $(CAPTURE_DIR)/% $(TETHEREAL)
-	$(TETHEREAL) -V -n -r $< > $@
+%.tether : $(CAPTURE_DIR)/% $(TSHARK)
+	$(TSHARK) -V -n -r $< > $@
 
 accept: $(REFERENCES)
 
diff --git a/doc/README.stats_tree b/doc/README.stats_tree
index a8e3b668fe..e834b08046 100644
--- a/doc/README.stats_tree
+++ b/doc/README.stats_tree
@@ -4,9 +4,9 @@ tapping with stats_tree
 Let's suppose that you want to write a tap only to keep counters, and you
 don't want to get involved with GUI programming or maybe you'd like to make
 it a plugin. A stats_tree might be the way to go. The stats_tree module takes
-care of the representation (GUI for ethereal and text for tethereal) of the
+care of the representation (GUI for ethereal and text for tshark) of the
 tap data. So there's very little code to write to make a tap listener usable
-from both ethereal and tethereal.
+from both ethereal and tshark.
 
 First, you should add the TAP to the dissector in question as described in
 README.tapping .
diff --git a/doc/README.tapping b/doc/README.tapping
index 2347716dbb..6db72ef576 100644
--- a/doc/README.tapping
+++ b/doc/README.tapping
@@ -6,11 +6,11 @@ In order to use the tapping system, very little knowledge of ethereal
 internals are required.
 
 As examples on how to use the tap system see the implementation of 
-tap-rpcstat.c     	(tethereal version)
+tap-rpcstat.c     	(tshark version)
 gtk/gtk-rpcstat.c	(gtk-ethereal version)
 
 If all you need is to keep some counters, there's the stats_tree API,
-which offers a simple way to make a GUI and tethereal tap-listener; see
+which offers a simple way to make a GUI and tshark tap-listener; see
 README.stats_tree.  However, keep reading, as you'll need much of what's
 in this document.
 
diff --git a/doc/README.xml-output b/doc/README.xml-output
index 25facda09d..787311ce33 100644
--- a/doc/README.xml-output
+++ b/doc/README.xml-output
@@ -5,7 +5,7 @@ Copyright (c) 2003 by Gilbert Ramirez <gram@alumni.rice.edu>
 
 
 Ethereal has the ability to export its protocol dissection in an
-XML format, tethereal has similar functionality by using the "-Tpdml" 
+XML format, tshark has similar functionality by using the "-Tpdml" 
 option. 
 
 The XML that wireshark produces follows the Packet Details Markup
@@ -18,10 +18,10 @@ A related XML format, the Packet Summary Markup Language (PSML), is
 also defined by the Analyzer group to provide packet summary information.
 The PSML format is not documented in a publicly-available HTML document,
 but its format is simple. Ethereal can export this format too. Some day it 
-may be added to tethereal so that "-Tpsml" would produce PSML.
+may be added to tshark so that "-Tpsml" would produce PSML.
 
 One wonders if the "-T" option should read "-Txml" instead of "-Tpdml"
-(and in the future, "-Tpsml"), but if tethereal was required to produce
+(and in the future, "-Tpsml"), but if tshark was required to produce
 another XML-based format of its protocol dissection, then "-Txml" would
 be ambiguous.
 
@@ -53,7 +53,7 @@ Example:
 	<pdml version="0" creator="ethereal/0.9.17">
 
 The creator is "ethereal" (i.e., the "ethereal" engine. It will always say
-"ethereal", not "tethereal") version 0.9.17.
+"ethereal", not "tshark") version 0.9.17.
 
 
 The "<proto>" tag
@@ -192,13 +192,13 @@ a protocol or a field:
 General Notes
 =============
 Generally, parsing XML is slow. If you're writing a script to parse
-the PDML output of tethereal, pass a read filter with "-R" to tethereal to
-try to reduce as much as possible the number of packets coming out of tethereal.
+the PDML output of tshark, pass a read filter with "-R" to tshark to
+try to reduce as much as possible the number of packets coming out of tshark.
 The less your script has to process, the faster it will be.
 
 'tools/msnchat' is a sample Python program that uses EtherealXML to parse PDML.
-Given one or more capture files, it runs tethereal on each of them, providing
-a read filter to reduce tethereal's output. It finds MSN Chat conversations
+Given one or more capture files, it runs tshark on each of them, providing
+a read filter to reduce tshark's output. It finds MSN Chat conversations
 in the capture file and produces nice HTML showing the conversations. It has
 only been tested with capture files containing non-simultaneous chat sessions,
 but was written to more-or-less handle any number of simultanous chat
diff --git a/doc/capinfos.pod b/doc/capinfos.pod
index 740462c71b..27c67e9bcf 100644
--- a/doc/capinfos.pod
+++ b/doc/capinfos.pod
@@ -106,7 +106,7 @@ Prints the help listing and exits.
 
 =head1 SEE ALSO
 
-I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>, I<editcap(1)>, I<tethereal(1)>
+I<tcpdump(8)>, I<pcap(3)>, I<ethereal(1)>, I<mergecap(1)>, I<editcap(1)>, I<tshark(1)>
 
 =head1 NOTES
 
diff --git a/doc/dumpcap.pod b/doc/dumpcap.pod
index 216f7fdefa..19fd7aa4df 100644
--- a/doc/dumpcap.pod
+++ b/doc/dumpcap.pod
@@ -198,7 +198,7 @@ See the manual page of I<tcpdump(8)>.
 
 =head1 SEE ALSO
 
-I<ethereal(1)>, I<tethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
+I<ethereal(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
 
 =head1 NOTES
 
diff --git a/doc/ethereal-filter.pod.template b/doc/ethereal-filter.pod.template
index b560a8b3e4..01caa5b599 100644
--- a/doc/ethereal-filter.pod.template
+++ b/doc/ethereal-filter.pod.template
@@ -7,12 +7,12 @@ ethereal-filter - Ethereal filter syntax and reference
 B<ethereal> [other options]
 S<[ B<-R> "filter expression" ]>
 
-B<tethereal> [other options]
+B<tshark> [other options]
 S<[ B<-R> "filter expression" ]>
 
 =head1 DESCRIPTION
 
-B<Ethereal> and B<Tethereal> share a powerful filter engine that helps remove
+B<Ethereal> and B<TShark> share a powerful filter engine that helps remove
 the noise from a packet trace and lets you see only the packets that interest
 you.  If a packet meets the requirements expressed in your filter, then it
 is displayed in the list of packets.  Display filters let you compare the
@@ -37,7 +37,7 @@ Think of a protocol or field in a filter as implicitly having the "exists"
 operator.
 
 Note: all protocol and field names that are available in B<Ethereal> and
-B<Tethereal> filters are listed in the comprehensive B<FILTER PROTOCOL 
+B<TShark> filters are listed in the comprehensive B<FILTER PROTOCOL 
 REFERENCE> (see below).
 
 =head2 Comparison operators
@@ -85,11 +85,11 @@ a case-insensitive pattern match. More information on PCRE can be found in the
 pcrepattern(3) man page (Perl Regular Expressions are explained in
 B<http://www.perldoc.com/perl5.8.0/pod/perlre.html>).
 
-Note: the "matches" operator is only available if B<Ethereal> or B<Tethereal>
+Note: the "matches" operator is only available if B<Ethereal> or B<TShark>
 have been compiled with the PCRE library. This can be checked by running:
 
     ethereal -v
-    tethereal -v
+    tshark -v
 
 or selecting the "About Ethereal" item from the "Help" menu in B<Ethereal>.
 
@@ -221,7 +221,7 @@ Another example is:
 
 You can use the slice operator on a protocol name, too.
 The "frame" protocol can be useful, encompassing all the data captured
-by B<Ethereal> or B<Tethereal>.
+by B<Ethereal> or B<TShark>.
 
     token[0:5] ne 0.0.0.1.1
     llc[0] eq aa
@@ -393,7 +393,7 @@ in B<http://www.winpcap.org/docs/man/html/group__language.html>.
 
 =head1 SEE ALSO
 
-I<ethereal(1)>, I<tethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
+I<ethereal(1)>, I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
 
 =head1 AUTHORS
 
diff --git a/doc/ethereal.pod b/doc/ethereal.pod
index 261b514892..3ab44eb7f2 100644
--- a/doc/ethereal.pod
+++ b/doc/ethereal.pod
@@ -2199,7 +2199,7 @@ See above in the description of the About:Plugins page.
 
 =head1 SEE ALSO
 
-I<ethereal-filter(4)> I<tethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
+I<ethereal-filter(4)> I<tshark(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
 
 =head1 NOTES
 
diff --git a/doc/tethereal.pod b/doc/tshark.pod
index b5bfb8188e..19193af20a 100644
--- a/doc/tethereal.pod
+++ b/doc/tshark.pod
@@ -1,11 +1,11 @@
 
 =head1 NAME
 
-tethereal - Dump and analyze network traffic
+tshark - Dump and analyze network traffic
 
 =head1 SYNOPSYS
 
-B<tethereal>
+B<tshark>
 S<[ B<-a> E<lt>capture autostop conditionE<gt> ] ...>
 S<[ B<-b> E<lt>capture ring buffer optionE<gt>] ...>
 S<[ B<-B> E<lt>capture buffer size (Win32 only)E<gt> ] >
@@ -39,18 +39,18 @@ S<[ B<-z> E<lt>statisticsE<gt> ]>
 
 =head1 DESCRIPTION
 
-B<Tethereal> is a network protocol analyzer.  It lets you capture packet
+B<TShark> is a network protocol analyzer.  It lets you capture packet
 data from a live network, or read packets from a previously saved
 capture file, either printing a decoded form of those packets to the
-standard output or writing the packets to a file.  B<Tethereal>'s native
+standard output or writing the packets to a file.  B<TShark>'s native
 capture file format is B<libpcap> format, which is also the format used
 by B<tcpdump> and various other tools.  
 
-Without any options set, B<Tethereal> will work much like B<tcpdump>. It will 
+Without any options set, B<TShark> will work much like B<tcpdump>. It will 
 use the pcap library to capture traffic from the first available network 
 interface and displays a summary line on stdout for each received packet. 
 
-B<Tethereal> is able to detect, read and write the same capture files that 
+B<TShark> is able to detect, read and write the same capture files that 
 are supported by B<Ethereal>.
 The input file doesn't need a specific filename extension, the file 
 format and an optional gzip compression will be automatically detected.
@@ -59,16 +59,16 @@ I<http://www.ethereal.com/docs/man-pages/ethereal.1.html>
 provides a detailed description.
 
 Compressed file support uses (and therefore requires) the zlib library. 
-If the zlib library is not present, B<Tethereal> will compile, but will
+If the zlib library is not present, B<TShark> will compile, but will
 be unable to read compressed files.
 
-If the B<-w> option is not specified, B<Tethereal> writes to the standard
+If the B<-w> option is not specified, B<TShark> writes to the standard
 output the text of a decoded form of the packets it captures or reads. 
-If the B<-w> option is specified, B<Tethereal> writes to the file
+If the B<-w> option is specified, B<TShark> writes to the file
 specified by that option the raw data of the packets, along with the
 packets' time stamps.
 
-When writing a decoded form of packets, B<Tethereal> writes, by
+When writing a decoded form of packets, B<TShark> writes, by
 default, a summary line containing the fields specified by the
 preferences file (which are also the fields displayed in the packet list
 pane in B<Ethereal>), although if it's writing packets as it captures
@@ -78,19 +78,19 @@ writes instead a view of the details of the packet, showing all the
 fields of all protocols in the packet.
 
 If you want to write the decoded form of packets to a file, run
-B<Tethereal> without the B<-w> option, and redirect its standard output to
+B<TShark> without the B<-w> option, and redirect its standard output to
 the file (do I<not> use the B<-w> option).
 
-When writing packets to a file, B<Tethereal>, by default, writes the
+When writing packets to a file, B<TShark>, by default, writes the
 file in B<libpcap> format, and writes all of the packets it sees to the
 output file.  The B<-F> option can be used to specify the format in which
 to write the file. This list of available file formats is displayed by 
 the B<-h> flag.
 
-Read filters in B<Tethereal>, which allow you to select which packets
+Read filters in B<TShark>, which allow you to select which packets
 are to be decoded or written to a file, are very powerful; more fields
-are filterable in B<Tethereal> than in other protocol analyzers, and the
-syntax you can use to create your filters is richer.  As B<Tethereal>
+are filterable in B<TShark> than in other protocol analyzers, and the
+syntax you can use to create your filters is richer.  As B<TShark>
 progresses, expect more and more protocol fields to be allowed in read
 filters.
 
@@ -100,7 +100,7 @@ from the read filter syntax.  A read filter can also be specified when
 capturing, and only packets that pass the read filter will be displayed
 or saved to the output file; note, however, that capture filters are much
 more efficient than read filters, and it may be more difficult for
-B<Tethereal> to keep up with a busy network if a read filter is
+B<TShark> to keep up with a busy network if a read filter is
 specified for a live capture.
 
 A capture or read filter can either be specified with the B<-f> or B<-R>
@@ -111,7 +111,7 @@ after the option arguments, in which case all the arguments after the
 filter arguments are treated as a filter expression.  Capture filters
 are supported only when doing a live capture; read filters are supported
 when doing a live capture and when reading a capture file, but require
-Tethereal to do more work when filtering, so you might be more likely to
+TShark to do more work when filtering, so you might be more likely to
 lose packets under heavy load if you're using a read filter.  If the
 filter is specified with command-line arguments after the option
 arguments, it's a capture filter if a capture is being done (i.e., if no
@@ -124,7 +124,7 @@ read (i.e., if a B<-r> option was specified).
 
 =item -a  E<lt>capture autostop conditionE<gt>
 
-Specify a criterion that specifies when B<Tethereal> is to stop writing
+Specify a criterion that specifies when B<TShark> is to stop writing
 to a capture file.  The criterion is of the form I<test>B<:>I<value>,
 where I<test> is one of:
 
@@ -139,9 +139,9 @@ B<files>:I<value> Stop writing to capture files after I<value> number of files w
 
 =item -b  E<lt>capture ring buffer optionE<gt>
 
-Cause B<Tethereal> to run in "multiple files" mode.  In "multiple files" mode, 
-B<Tethereal> will write to several capture files. When the first capture file 
-fills up, B<Tethereal> will switch writing to the next file and so on.
+Cause B<TShark> to run in "multiple files" mode.  In "multiple files" mode, 
+B<TShark> will write to several capture files. When the first capture file 
+fills up, B<TShark> will switch writing to the next file and so on.
 
 The created filenames are based on the filename given with the B<-w> option, the number of 
 the file and on the creation date and time, 
@@ -149,7 +149,7 @@ e.g. outfile_00001_20050604120117.pcap, outfile_00001_20050604120523.pcap, ...
 
 With the I<files> option it's also possible to form a "ring buffer". 
 This will fill up new files until the number of files specified, 
-at which point B<Tethereal> will discard the data in the first file and start 
+at which point B<TShark> will discard the data in the first file and start 
 writing to that file and so on. If the I<files> option is not set,
 new files filled up until one of the capture stop conditions match (or 
 until the disk if full).
@@ -188,7 +188,7 @@ TCP port 8888 as HTTP.
 
 =item -D
 
-Print a list of the interfaces on which B<Tethereal> can capture, and
+Print a list of the interfaces on which B<TShark> can capture, and
 exit.  For each network interface, a number and an
 interface name, possibly followed by a text description of the
 interface, is printed.  The interface name or the number can be supplied
@@ -199,11 +199,11 @@ This can be useful on systems that don't have a command to list them
 the number can be useful on Windows 2000 and later systems, where the
 interface name is a somewhat complex string.
 
-Note that "can capture" means that B<Tethereal> was able to open
-that device to do a live capture. Depending on your system you may need to run tethereal from an account 
+Note that "can capture" means that B<TShark> was able to open
+that device to do a live capture. Depending on your system you may need to run tshark from an account 
 with special privileges (for example, as root) to be able to capture 
 network traffic.
-If B<Tethereal -D> is not run from such an account, it will not list 
+If B<TShark -D> is not run from such an account, it will not list 
 any interfaces.
 
 =item -f  E<lt>capture filterE<gt>
@@ -226,22 +226,22 @@ Set the name of the network interface or pipe to use for live packet
 capture. 
 
 Network interface names should match one of the names listed in
-"B<tethereal -D>" (described above); a number, as reported by
-"B<tethereal -D>", can also be used.  If you're using UNIX, "B<netstat
+"B<tshark -D>" (described above); a number, as reported by
+"B<tshark -D>", can also be used.  If you're using UNIX, "B<netstat
 -i>" or "B<ifconfig -a>" might also work to list interface names,
 although not all versions of UNIX support the B<-a> option to B<ifconfig>.
 
-If no interface is specified, B<Tethereal> searches the list of
+If no interface is specified, B<TShark> searches the list of
 interfaces, choosing the first non-loopback interface if there are any
 non-loopback interfaces, and choosing the first loopback interface if
 there are no non-loopback interfaces. If there are no interfaces at all,
-B<Tethereal> reports an error and doesn't start the capture.
+B<TShark> reports an error and doesn't start the capture.
 
 Pipe names should be either the name of a FIFO (named pipe) or ``-'' to
 read data from the standard input.  Data read from pipes must be in
 standard libpcap format.
 
-Note: the Win32 version of B<Tethereal> doesn't support capturing from
+Note: the Win32 version of B<TShark> doesn't support capturing from
 pipes or stdin!
 
 =item -l
@@ -256,9 +256,9 @@ dissected, it should work just as well as true line-buffering.  We do
 this as a workaround for a deficiency in the Microsoft Visual C++ C
 library.)
 
-This may be useful when piping the output of B<Tethereal> to another
+This may be useful when piping the output of B<TShark> to another
 program, as it means that the program to which the output is piped will
-see the dissected data for a packet as soon as B<Tethereal> sees the
+see the dissected data for a packet as soon as B<TShark> sees the
 packet and generates that output, rather than seeing it only when the
 standard output buffer containing that data fills up.
 
@@ -303,7 +303,7 @@ file), and I<value> is the value to which it should be set.
 I<Don't> put the interface into promiscuous mode.  Note that the
 interface might be in promiscuous mode for some other reason; hence,
 B<-p> cannot be used to ensure that the only traffic that is captured is
-traffic sent to or from the machine on which B<Tethereal> is running,
+traffic sent to or from the machine on which B<TShark> is running,
 broadcast traffic, and multicast traffic to addresses received by that
 machine.
 
@@ -391,7 +391,7 @@ Print the version and exit.
 
 =item -V
 
-Cause B<Tethereal> to print a view of the packet details rather
+Cause B<TShark> to print a view of the packet details rather
 than a one-line summary of the packet.
 
 =item -w  E<lt>outfileE<gt>|-
@@ -405,13 +405,13 @@ option for this.
 
 =item -x
 
-Cause B<Tethereal> to print a hex and ASCII dump of the packet data
+Cause B<TShark> to print a hex and ASCII dump of the packet data
 after printing the summary or details.
 
 
 =item -X E<lt>eXtension optionsE<gt>
 
-Specify an option to be passed to a B<Tethereal> module. The eXtension option
+Specify an option to be passed to a B<TShark> module. The eXtension option
 is in the form I<extension_key>B<:>I<value>, where I<extension_key> can be:
 
 B<lua_script>:I<lua_script_filename> tells B<Ethereal> to load the given script in addition to the
@@ -425,7 +425,7 @@ reported by B<-L> are the values that can be used.
 
 =item -z  E<lt>statisticsE<gt>
 
-Get B<Tethereal> to collect various types of statistics and display the result
+Get B<TShark> to collect various types of statistics and display the result
 after finishing reading the capture file.  Use the B<-q> flag if you're
 reading a capture file and only want the statistics printed, not any
 per-packet information.
@@ -569,9 +569,9 @@ I<filter> is a filter string that controls for which packets the field value
 will be presented in the info column. I<field> will only be presented in the
 Info column for the packets which match I<filter>.
 
-NOTE: In order for B<Tethereal> to be able to extract the I<field> value
+NOTE: In order for B<TShark> to be able to extract the I<field> value
 from the packet, I<field> MUST be part of the I<filter> string.  If not,
-B<Tethereal> will not be able to extract its value.
+B<TShark> will not be able to extract its value.
 
 For a simple example to add the "nfs.fh.hash" field to the Info column
 for all packets containing the "nfs.fh.hash" field, use
@@ -630,16 +630,16 @@ SMB packets echanged by the host at IP address 1.2.3.4 .
 
 B<-z> smb,sids
 
-When this feature is used B<Tethereal> will print a report with all the
+When this feature is used B<TShark> will print a report with all the
 discovered SID and account name mappings.  Only those SIDs where the
 account name is known will be presented in the table.
 
 For this feature to work you will need to either to enable
 "Edit/Preferences/Protocols/SMB/Snoop SID to name mappings" in the
 preferences or you can override the preferences by specifying
-B<-o "smb.sid_name_snooping:TRUE"> on the B<Tethereal> command line.
+B<-o "smb.sid_name_snooping:TRUE"> on the B<TShark> command line.
 
-The current methods used by B<Tethereal> to find the SID->name mapping
+The current methods used by B<TShark> to find the SID->name mapping
 is relatively restricted but is hoped to be expanded in the future.
 
 B<-z> mgcp,rtd[I<,filter>]
@@ -715,7 +715,7 @@ See the manual page of I<tcpdump(8)>.
 =head1 READ FILTER SYNTAX
 
 For a complete table of protocol and protocol fields that are filterable
-in B<Tethereal> see the I<ethereal-filter(4)> manual page.
+in B<TShark> see the I<ethereal-filter(4)> manual page.
 
 =head1 FILES
 
@@ -861,7 +861,7 @@ I<ethereal-filter(4)> I<ethereal(1)>, I<editcap(1)>, I<tcpdump(8)>, I<pcap(3)>
 
 =head1 NOTES
 
-B<Tethereal> is part of the B<Ethereal> distribution.  The latest version
+B<TShark> is part of the B<Ethereal> distribution.  The latest version
 of B<Ethereal> can be found at B<http://www.ethereal.com>.
 
 HTML versions of the Wireshark project man pages are available at:
@@ -869,6 +869,6 @@ http://www.ethereal.com/docs/man-pages
 
 =head1 AUTHORS
 
-B<Tethereal> uses the same packet dissection code that B<Ethereal> does,
+B<TShark> uses the same packet dissection code that B<Ethereal> does,
 as well as using many other modules from B<Ethereal>; see the list of
 authors in the B<Ethereal> man page for a list of authors of that code.