Wireshark: Difference between revisions
→Advanced Packet Filtering
m (Protected "Wireshark" ([Edit=Allow only logged in users] (indefinite) [Move=Allow only logged in users] (indefinite) [Delete=Allow only logged in users] (indefinite))) |
|||
Line 103:
</pre>
Filter out errors and save output to text file in
<pre style="width: 2000px; overflow-x: scroll;">
for i in `find . -type f | egrep "All.pcap"`; do echo $i; tshark -r $i '((ip.addr==1.1.1.1 or ip.addr==2.2.2.2) and ip.addr==3.3.3.3) and smb2' ; echo -e "\n"; done | grep -E '(error|unknown|denied)' > errors.txt &
Line 118:
</pre>
Search for
for i in `find . -type f | egrep ".txt"`; do echo $i; cat $i ; echo -e "\n"; done | grep smb2.lock
= Misc =
| |||