This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Wireshark from the command line

0

I tried modifying this for my own purposes:

@echo on

set start=0 set /p end= Enter number of 30-minute increments to loop: set filenum=1 set filestart="c:\tempWScap\result" set fileend=".pcapng"

:loop if %start%==%end% goto stop set "filestring=%filestart%%filenum%%fileend%" "C:\program files\wireshark\wireshark.exe" -i "\Device\NPF_{5423F6E4-1BC8-4F55-625E-B2F995D893D1}" -a duration:180 -w %filestring% -k set /a start=%start%+1 set /a filenum=%filenum%+1

PING 127.0.0.1 -n 1800

goto loop

:stop

This works fine but I want it to quit wireshark after the capture is over. The -Q option does not appear to work. Any suggestions?

asked 12 Mar ‘13, 14:05

pdxsfin33's gravatar image

pdxsfin33
1111
accept rate: 0%

converted to question 12 Mar ‘13, 15:28

Jaap's gravatar image

Jaap ♦
11.7k16101


One Answer:

0

What version of Wireshark are you using?

The -Q option was changed to an environment variable (WIRESHARK_QUIT_AFTER_CAPTURE) in r38784. That means version 1.8.0 and later must use that environment variable instead of -Q (see the Wireshark man page for more details).

answered 13 Mar '13, 07:44

JeffMorriss's gravatar image

JeffMorriss ♦
6.2k572
accept rate: 27%