Re: tshark Question

[Average Guy <averageguy333 () yahoo com>]

Better way of putting this, I am looking for the same output as in wireshark:

Follow TCP Stream->Save As(Raw) 

-AG




________________________________
From: Average Guy <averageguy333 () yahoo com>
To: wireshark-users () wireshark org
Sent: Mon, December 27, 2010 1:27:14 PM
Subject: [Wireshark-users] tshark Question


Greetings,

I am trying to extract the TCP Payload from reassembled TCP streams in Windows. 
The data I am interested in can be found  in tshark output when -x option is 
used. When -x is used, the  section/filed is called "Reassembled TCP". I can not 
find an option or  field in tshark to print or output this section. In short I 
am trying to  do the same thing tcpflow does in Linux and dump the payload of 
reassembled TCP streams. There is no particular  reason why I am using tshark 
since it is the only tool(win32) I have  found so far but I am open to 
suggestions.  Thank you in advance. 


AG



___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe