diff options
author | Chris Maynard <Christopher.Maynard@GTECH.COM> | 2011-09-27 18:32:59 +0000 |
---|---|---|
committer | Chris Maynard <Christopher.Maynard@GTECH.COM> | 2011-09-27 18:32:59 +0000 |
commit | 311c5ef6868bb2f2721d979ec22390620133e1c3 (patch) | |
tree | 103c857a898ce7003c519674bb3810c1ded80f2c /docbook | |
parent | da7e08a4d948bfc90c6d32f695c98e5fab4b79de (diff) |
Add a new tshark option for being able to specify an alternate line separator between packets. The option chosen was "-S <separator>". The former -S option was renamed to -P, and the former -P option, which was previously undocumented, was renamed to -2. This fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5342.
svn path=/trunk/; revision=39168
Diffstat (limited to 'docbook')
-rw-r--r-- | docbook/release-notes.xml | 10 | ||||
-rw-r--r-- | docbook/wsug_src/WSUG_app_tools.xml | 36 |
2 files changed, 34 insertions, 12 deletions
diff --git a/docbook/release-notes.xml b/docbook/release-notes.xml index c421b75fcd..89435bbcc7 100644 --- a/docbook/release-notes.xml +++ b/docbook/release-notes.xml @@ -93,6 +93,16 @@ Wireshark Info </para> </listitem> + <listitem> + <para> + The tshark command-line options have changed as follows: The + previously undocumented -P option is now -2 option for performing a + two-pass analysis; the former -S option is now the -P option for + printing packets even if writing to a file, and the -S option is + now used to specify a different line separator between packets. + </para> + </listitem> + </itemizedlist> </para> diff --git a/docbook/wsug_src/WSUG_app_tools.xml b/docbook/wsug_src/WSUG_app_tools.xml index 1c9e6785ec..6a1a793077 100644 --- a/docbook/wsug_src/WSUG_app_tools.xml +++ b/docbook/wsug_src/WSUG_app_tools.xml @@ -27,7 +27,7 @@ <example id="AppToolstsharkEx"> <title>Help information available from tshark</title> <programlisting> -TShark 1.6.0 (SVN Rev 37205 from /trunk-1.6) +TShark 1.7.0 (SVN Rev 39165 from /trunk) Dump and analyze network traffic. See http://www.wireshark.org for more information. @@ -60,6 +60,7 @@ Input file: -r <infile> set the filename to read from (no pipes or stdin!) Processing: + -2 perform a two-pass analysis -R <read filter> packet filter in Wireshark display filter syntax -n disable all name resolutions (def: all enabled) -N <name resolve flags> enable specific name resolution(s): "mntC" @@ -75,7 +76,8 @@ Output: -V add output of packet tree (Packet Details) -O <protocols> Only show packet details of these protocols, comma separated - -S display packets even when writing to a file + -P print packets even when writing to a file + -S <separator> the line separator to print between packets -x add output of hex and ASCII dump (Packet Bytes) -T pdml|ps|psml|text|fields format of text output (def: text) @@ -166,7 +168,7 @@ tcpdump -i <interface> -s 65535 -w <some-file> <example id="AppToolsdumpcapEx"> <title>Help information available from dumpcap</title> <programlisting> -Dumpcap 1.6.0 (SVN Rev 37205 from /trunk-1.6) +Dumpcap 1.7.0 (SVN Rev 39165 from /trunk) Capture network packets and dump them into a libpcap file. See http://www.wireshark.org for more information. @@ -182,10 +184,9 @@ Capture interface: -D print list of interfaces and exit -L print list of link-layer types of iface and exit -d print generated BPF code for capture filter - -S print statistics for each interface once every second + -S print statistics for each interface once per second -M for -D, -L, and -S, produce machine-readable output - RPCAP options: -r don't ignore own RPCAP traffic in capture -u use UDP for RPCAP data transfer @@ -205,7 +206,9 @@ Output (files): filesize:NUM - switch to next file after NUM KB files:NUM - ringbuffer: replace after NUM files -n use pcapng format instead of pcap + Miscellaneous: + -t use a separate thread per interface -q don't report packet capture counts -v print version information and exit -h display this help and exit @@ -231,7 +234,7 @@ Use Ctrl-C to stop capturing at any time. <example id="AppToolscapinfosEx"> <title>Help information available from capinfos</title> <programlisting> -Capinfos 1.6.0 (SVN Rev 37205 from /trunk-1.6) +Capinfos 1.7.0 (SVN Rev 39165 from /trunk) Prints various information (infos) about capture files. See http://www.wireshark.org for more information. @@ -303,7 +306,7 @@ output format. <example id="AppToolsrawsharkEx"> <title>Help information available from rawshark</title> <programlisting> -Rawshark 1.6.0 (SVN Rev 37205 from /trunk-1.6) +Rawshark 1.7.0 (SVN Rev 39165 from /trunk) Dump and analyze network traffic. See http://www.wireshark.org for more information. @@ -322,12 +325,15 @@ Processing: -F <field> field to display -n disable all name resolution (def: all enabled) -N <name resolve flags> enable specific name resolution(s): "mntC" - -p use the system's packet header format (which may have 64-bit timestamps) + -p use the system's packet header format + (which may have 64-bit timestamps) -R <read filter> packet filter in Wireshark display filter syntax -s skip PCAP header on input + Output: -l flush output after each packet - -S format string for fields (%D - name, %S - stringval, %N numval) + -S format string for fields + (%D - name, %S - stringval, %N numval) -t ad|a|r|d|dd|e output format of time stamps (def: r: rel. to first) Miscellaneous: @@ -354,7 +360,7 @@ Miscellaneous: <title>Help information available from editcap</title> <para> <programlisting> -Editcap 1.6.0 (SVN Rev 37205 from /trunk-1.6) +Editcap 1.7.0 (SVN Rev 39165 from /trunk) Edit and/or translate the format of capture files. See http://www.wireshark.org for more information. @@ -678,7 +684,7 @@ editcap: The available encapsulation types for the "-T" flag are: <example id="AppToolsmergecapEx"> <title>Help information available from mergecap</title> <programlisting> -Mergecap 1.6.0 (SVN Rev 37205 from /trunk-1.6) +Mergecap 1.7.0 (SVN Rev 39165 from /trunk) Merge two or more capture files into one. See http://www.wireshark.org for more information. @@ -782,7 +788,7 @@ Miscellaneous: <example id="AppToolstext2pcapEx"> <title>Help information available for text2pcap</title> <programlisting> -Text2pcap 1.6.0 (SVN Rev 37205 from /trunk-1.6) +Text2pcap 1.7.0 (SVN Rev 39165 from /trunk) Generate a capture file from an ASCII hexdump of packets. See http://www.wireshark.org for more information. @@ -804,6 +810,12 @@ Input: number is assumed to be fractions of a second. NOTE: Date/time fields from the current date/time are used as the default for unspecified fields. + -a enable ASCII text dump identification. + It allows to identify the start of the ASCII text + dump and not include it in the packet even if it + looks like HEX dump. + NOTE: Do not enable it if the input file does not + contain the ASCII text dump. Output: -l <typenum> link-layer type number; default is 1 (Ethernet). |