This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Detect p2p (torrent) traffic in console with tshark

0

Hello,

What are the methods of determining the torrent traffic in console, using a utility tshark? At the moment I use the following command:

tshark tcp portrange 6881-6889

Are there other ways?

asked 11 Oct '12, 04:34

dkorzhevin's gravatar image

dkorzhevin
1223
accept rate: 0%


One Answer:

0

You can try this: bittorrent is a valid display filter and you can use it with tshark.

tshark -R "bittorrent" -any_other_options

Regards
Kurt

answered 11 Oct '12, 05:16

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%