mirror of
https://github.com/tldr-pages/tldr.git
synced 2024-10-30 22:38:23 +01:00
tshark: add page (#2758)
This commit is contained in:
parent
79702d1138
commit
0428b0379a
1 changed files with 31 additions and 0 deletions
31
pages/linux/tshark.md
Normal file
31
pages/linux/tshark.md
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
# tshark
|
||||||
|
|
||||||
|
> Packet analysis tool, CLI version of wireshark.
|
||||||
|
|
||||||
|
- Monitor everything on localhost:
|
||||||
|
|
||||||
|
`tshark`
|
||||||
|
|
||||||
|
- Only output captured packets matching a specific wireshark filter:
|
||||||
|
|
||||||
|
`tshark -Y '{{http.request.method == "GET"}}'`
|
||||||
|
|
||||||
|
- Decode a TCP port using a specific protocol (e.g. HTTP):
|
||||||
|
|
||||||
|
`tshark -d tcp.port=={{8888}},{{http}}`
|
||||||
|
|
||||||
|
- Specify the format of captured output:
|
||||||
|
|
||||||
|
`tshark -T {{json|text|ps|…}}`
|
||||||
|
|
||||||
|
- Select specific fields to output:
|
||||||
|
|
||||||
|
`tshark -T {{fields|ek|json|pdml}} -e {{http.request.method}} -e {{ip.src}}`
|
||||||
|
|
||||||
|
- Write captured packet to a file:
|
||||||
|
|
||||||
|
`tshark -w {{path/to/file}}`
|
||||||
|
|
||||||
|
- Analyze packets from a file:
|
||||||
|
|
||||||
|
`tshark -r {{file_name}}.pcap`
|
Loading…
Reference in a new issue