Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: List and Select Dissectors using Tshark

From: "Maynard, Chris" <Christopher.Maynard () IGT com>
Date: Fri, 5 Jan 2018 16:25:09 +0000
Have you looked at the various “tshark –G [report]”[1] options?

For example:
“tshark -G heuristic-decodes | sort” will get you a sorted listed of HD’s.
“tshark -G protocols” will get you a list of all supported protocols.

Run “tshark -G help” for all report types.
​​​​​
There are over 2000 Wireshark supported protocols, so if you only want such a small number of protocols enabled, I 
would suggest that you first use Wireshark to disable all protocols via “Analyze -> Enabled Protocols -> Disable All”, 
and then enable only those specific 15 protocols you want enabled.  That will create/update the disabled_protos file in 
your Wireshark Personal Configuration folder that tshark should honor.

- Chris
[1]: https://www.wireshark.org/docs/man-pages/tshark.html


From: Wireshark-users [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Marcin Nawrocki
Sent: Friday, January 5, 2018 9:15 AM
To: wireshark-users () wireshark org
Subject: [Wireshark-users] List and Select Dissectors using Tshark


Hi all,



How do I...

  1.  ...list all available Normal Dissectors (ND) with Tshark?
  2.  ...list all available Heuristic Dissectors (HD) with Tshark?
  3.  ...dissect a large PCAP using only a selection of ~15 ND/HD with Tshark?



Thank you and regards, Marcin
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and 
may contain proprietary, confidential or trade secret information.  This message is intended solely for the use of the 
addressee.  If you are not the intended recipient and have received this message in error, please delete this message 
from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is 
strictly prohibited.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: