Saving without payload

["WATT DAVE" <Dave.Watt () alcatel-lucent com>]

We have a high priority requirement to save the capture, stripping out
ALL payload bytes.  This is for UK legal  compliance when analysing
traffic subject to data protection.

I can easily just capture the first 68 bytes of each packet, but that
will sometimes include the first part of the payload.

Ideally, we want to capture everything and then save only the headers.

We would also like to be able to 'anonymise' the IP addresses during the
save.

Can Wireshark do any of this?  It would seem to be a useful feature
required in many countries where such data protection is in place.

Without doing this we cannot mail the capture file to R&D for
investigation, in fact we cannot even save the capture  to a local disk.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe